tag = "Domains"

February 16, 2023

More than Half of All Phishing Sites Impersonate Financials in Q4

Phishing sites impersonating reputable organizations continue to represent the top online threat to businesses and their brands. In Q4, cybercriminals impersonated Financial Institutions on more than half of all phishing sites.

January 26, 2023

What Is the Meaning of the SPF Email Standard and How Does It Work?

When it comes to being a domain owner, you need to know the meaning of SPF, or Sender Policy Framework, email standard for specifying your sending email servers. Learn how Fortra's Agari can automate this intricate process for you.

September 1, 2022

Q2 Phishing Volume Up, Compromised Sites Lead Staging Methods

In Q2, four out of five phishing sites were staged using infrastructure that required no investment on the part of threat actors, including Compromised Sites and Free Tools and Services, according to the Agari & PhishLabs Quarterly Threat Trends & Intelligence Report.

September 14, 2021

Top 10 TLDs Abused

In the latest PhishLabs Quarterly Threat Trends & Intelligence report, we break down how actors are abusing Legacy Generic (gTLD) and Country Code (ccTLD) Top-level domains, HTTPS, and free security certificates to target enterprises.

March 24, 2021

Most Phishing Attacks Use Compromised Domains and Free Hosting

PhishLabs recently analyzed more than 100,000 phishing sites to establish how many used compromised domains, free hosting, or maliciously-registered domains.

December 11, 2020

The Anatomy of a Look-alike Domain Attack

In this post, we show the frequency of common look-alike domain threats, the mechanics of an attack, and resources to minimize risk.

December 3, 2020

APWG Q3 Report:Four Out of Five Criminals Prefer HTTPS

Highlights from the report include more than two hundred thousand unique phishing websites detected in August and September, SSL encryption for phishing sites overtaking SSL deployment for general websites, and a 10 percent increase in BEC attacks originating from free webmail accounts.

December 1, 2020

Easy to Deceive, Difficult to Detect, Impersonation Dominates Attacks

Impersonation is a highly effective tactic for threat actors because it piggybacks on the credibility of a brand to legitimize a malicious objective. As a result, it is one of the most common components of a cyber attack.

November 25, 2020

What is a Look-alike Domain?

By definition, a look-alike domain is a nearly identical, slightly altered domain name, registered with intent to deceive. In this post, we'll describe how domains help us communicate on the Internet, the anatomy of a look-alike domain and why we fall for them, how attackers create them, and the best place to begin when facing this common threat.

November 25, 2020

How to Detect Look-alike Domain Registrations

Malicious domains are attributed to a wide variety of cyber attacks capable of undermining a brand's credibility. A spoofed domain is easy and quick to create, and can act as the catalyst for malicious email campaigns and phishing sites. In order to detect and action domain threats targeting your organization, security teams need to implement mature and progressive processes for collection and curation.

October 23, 2020

Planetary Reef: Cybercriminal Hosting and Phishing-as-a-Service Threat Actor

PhishLabs is monitoring a threat actor group that has set up fraudulent hosting companies with leased IP space from a legitimate reseller. They are using this infrastructure for bulletproof hosting services as well as to carry out their own phishing attacks. The group, which is based in Indonesia, has been dubbed Planetary Reef.

October 20, 2020

Eliminating the Threat of Look-alike Domains

There are many ways look-alike domains can be used by threat actors. This, in addition to diverse registrar requirements for removal, can make mitigation complex and often ineffective.

September 28, 2020

APWG: SSL Certificates No Longer Indication of Safe Browsing

Key highlights of the report include a significant increase in wire transfer loss attributed to business email compromise (BEC) attacks from the first quarter and a 20% increase in BEC attacks targeting the social media sector.