Resources

Blog

Holiday Season Triggers Rise in Counterfeit Activity

Criminals are capitalizing on the urgency behind gift-giving celebrations such as Black Friday, Cyber Monday, Christmas, and Hanukkah. Counterfeit activity has grown more than 50% from September through November, with a 27% increase over the course of November alone, according to Fortra’s PhishLabs. These threats are impersonating brands on social media and the open web to target consumers with...
On-Demand Webinar

ҰourDoma1п.com: How Look-alike Domains Drive BEC, Brand Abuse, and More

Domains are often the first source of interaction with customers. However, anyone can register a look-alike domain, create a fraudulent website, and start impersonating a trusted company – quickly diminishing brand credibility. In this webinar, PhishLabs’ Founder and CTO, John LaCour, will cover why cyber criminals register hundreds of thousands of look-alike domains every year and how they use...
On-Demand Webinar

What's Making It Past Secure Email Gateways?

John Wilson – Senior Fellow, Threat Research Fortra How frequently are advanced threats actually bypassing your email security controls? One of the greatest challenges to protecting end users from high impact email attacks is detecting identity deception. Fortra has conducted an analysis of real end user phishing reports to determine which advanced threat types evade common secure email gateways...
On-Demand Webinar

Outsmarting RaaS: Strategies to Reduce the Risk of a Ransomware Attack

As-a-Service models continue to change the ransomware landscape. Prominent threat groups operate as enterprises and blend outsourced cybercrime services with sophisticated in-house expertise, while less advanced actors take advantage of a wide range of commodity malware tools and services. This quickly evolving and chaotic environment can make it difficult for security teams to stay ahead of...
Blog

Financials and Card Data Top Q3 Targets on the Dark Web

In Q3, Credit Unions nearly overtook National Banks as the top targeted industry on the Dark Web, according to recent data from Fortra’s PhishLabs. Credit Unions have been increasingly targeted on underground channels, with Q3 2022 representing the highest incident count for the industry in four consecutive quarters. Compromised data associated with Financial Institutions as a whole is...
Blog

Attacks Targeting Businesses on Social Media Jump 40% YoY

In Q3, the volume of social media attacks targeting the average business was 40.4% higher than the same time last year, according to the latest data from Fortra’s PhishLabs. Social media attack volume has grown significantly year-over-year with the average business in 2022 experiencing 84.5 malicious incidents per month versus 50.59 in 2021. Fortra analyzes hundreds of thousands of social media...
Blog

Emails Reported as Malicious Reach Four-Quarter High in Q3

The volume of malicious emails reported in corporate inboxes has reached a four-quarter high, according to the latest data from Fortra’s PhishLabs. These threats are largely composed of Response-Based, Credential Theft, and Malware attacks targeting employees. Every quarter, Fortra analyzes hundreds of thousands of phishing and social media attacks targeting enterprises, brands, and employees. In...
Blog

Financials See Increase in Phishing Attacks, Compromised Sites Lead Staging Methods in Q3

In Q3, nearly 80% of threat actors opted to compromise existing websites or abuse free tools when staging phishing sites, according to the latest data from Fortra’s PhishLabs. While Compromised Sites represented the lion’s share of staging activity, URL Shorteners, Free Domain Registrations, and Developer Tools all experienced increased abuse in Q3 and pointed to sustained criminal interest in no...
Blog

Social Media Mitigation Best Practices for All Financial Institutions

The financial industry continues to experience the largest volume of abuse among all industries on social media. In Q3 banks, credit unions, and other F.I.’s contributed to nearly three-quarters of all attacks on social platforms, with national banks alone more than tripling the volume of the top targeted non-financial, retail. The top threats to financial institutions on social media consist of...
Blog

RedLine Stealer Leads Payloads in Q3

In Q3, Redline Stealer represented nearly half of all malware attacks targeting corporate user inboxes. This is the first quarter Redline has led payload volume since PhishLabs began reporting on malware activity. Email payloads remain the primary delivery method of ransomware targeting organizations. PhishLabs continuously monitors payload families reported in corporate inboxes to help mitigate...
Blog

What is Email Spoofing?

Courtesy of Agari by Fortra Email spoofing is one of the most common forms of cybercriminal activity, specifically a form of identity deception that's widely used in phishing and spam attacks. It underpins the mechanism required to conduct hacking activities, and it can take many forms. Unfortunately, most email users will eventually receive an email that has been spoofed—whether they know it or...
Blog

Crucial Tech Podcast with Agari: Hybrid Vishing Attacks

Hybrid vishing attacks have increased 500% year-over-year as cybercriminals find success using these techniques to steal sensitive information. Listen as Agari’s John Wilson discusses the latest research from Agari and PhishLabs by Fortra. Click here to listen to the podcast.
Blog

How to Mitigate Online Counterfeit Threats

The broad scope of counterfeit campaigns and unclear boundaries of abuse make it challenging to successfully mitigate online threats targeting retail brands. There is a fine line between infringement and fair use of publicly made materials, as well as immeasurable online environments where counterfeit campaigns may live and grow. Additionally, bad actors are continuously modifying attack...
Blog

How to Collect Intelligence on Threats Targeting Retail Brands

Retail brands are increasingly targeted with fraudulent advertisements, fake social accounts, and falsely branded websites. These multipronged counterfeit campaigns redirect sales and compromise consumer data using brand recognition, the same component critical to driving sales within the retail industry. The massive expansion of ecommerce and online consumer-to-retail interaction creates a...
Blog

Chat-Based Services, Finance, Heavily Abused on the Dark Web in Q2

Nearly half of stolen data on the Dark Web was marketed through Chat-Based Services in Q2 after a sharp increase in illegal transactions, according to the Agari and PhishLabs Quarterly Threat Trends & Intelligence Report . The advertisement and exchange of stolen information on the Dark Web is volatile due to the constant threat of disruption or seizure by authorities. Often, when one site is...
Blog

Q2 Phishing Volume Up, Compromised Sites Lead Staging Methods

In Q2, four out of five phishing sites were staged using infrastructure that required no investment on the part of threat actors, including Compromised Sites and Free Tools and Services, according to the Agari & PhishLabs Quarterly Threat Trends & Intelligence Report. Although the volume of Paid Domain Registrations associated with phishing sites grew slightly, threat actors continue to choose no...
Blog

Old Threats, New High: Response-Based Emails Increase in Q2

In Q2, Response-Based emails targeting corporate users reached the highest volume since 2020, according to the Agari and PhishLabs Quarterly Threat Trends & Intelligence Report . Malicious and potentially damaging emails targeting corporate inboxes have climbed to a three-quarter high, and include Response-Based scams, Credential Theft, and Malware. Every quarter, Agari and PhishLabs analyze...
On-Demand Webinar

Quarterly Threat Trends & Intelligence Webinar (August 2022)

John Wilson, Senior Fellow for Threat Research at Agari by Fortra Throughout Q2, Agari and PhishLabs detected and mitigated hundreds of thousands of phishing, social media, email, and dark web threats targeting a broad range of enterprises and brands. The Quarterly Threat Trends & Intelligence Report provides an analysis of the latest findings and insights into key trends shaping the threat...
Blog

Fraud, Impersonation Fuel Q2 Increase in Social Media Attacks

In Q2, malicious attacks targeting organizations on social media have increased more than 20% over Q1, according to the latest Agari and PhishLabs’ Quarterly Threat Trends & Intelligence Report. Agari and PhishLabs analyze hundreds of thousands of phishing and social media attacks every quarter to identify the top threats targeting enterprises, their brands, and their employees. In this post, we...
Guide

Quarterly Threat Trends & Intelligence August 2022

August 2022 In Q2, Agari and PhishLabs detected and mitigated hundreds of thousands of phishing, social media, email, and dark web threats targeting a broad range of enterprises and brands. The Quarterly Threat Trends & Intelligence Report provides an analysis of the latest findings and insights into key trends shaping the threat landscape. Readers will learn: How phishing attack volume changed...