tag = "Domains"
February 16, 2023
More than Half of All Phishing Sites Impersonate Financials in Q4
Phishing sites impersonating reputable organizations continue to represent the top online threat to businesses and their brands. In Q4, cybercriminals impersonated Financial Institutions on more than half of all phishing sites.
January 26, 2023
What Is the Meaning of the SPF Email Standard and How Does It Work?
When it comes to being a domain owner, you need to know the meaning of SPF, or Sender Policy Framework, email standard for specifying your sending email servers. Learn how Fortra's Agari can automate this intricate process for you.
September 1, 2022
Q2 Phishing Volume Up, Compromised Sites Lead Staging Methods
In Q2, four out of five phishing sites were staged using infrastructure that required no investment on the part of threat actors, including Compromised Sites and Free Tools and Services, according to the Agari & PhishLabs Quarterly Threat Trends & Intelligence Report.
September 14, 2021
Top 10 TLDs Abused
In the latest PhishLabs Quarterly Threat Trends & Intelligence report, we break down how actors are abusing Legacy Generic (gTLD) and Country Code (ccTLD) Top-level domains, HTTPS, and free security certificates to target enterprises.
March 24, 2021
Most Phishing Attacks Use Compromised Domains and Free Hosting
PhishLabs recently analyzed more than 100,000 phishing sites to establish how many used compromised domains, free hosting, or maliciously-registered domains.
December 11, 2020
The Anatomy of a Look-alike Domain Attack
In this post, we show the frequency of common look-alike domain threats, the mechanics of an attack, and resources to minimize risk.
December 3, 2020
APWG Q3 Report:Four Out of Five Criminals Prefer HTTPS
Highlights from the report include more than two hundred thousand unique phishing websites detected in August and September, SSL encryption for phishing sites overtaking SSL deployment for general websites, and a 10 percent increase in BEC attacks originating from free webmail accounts.
December 1, 2020
Easy to Deceive, Difficult to Detect, Impersonation Dominates Attacks
Impersonation is a highly effective tactic for threat actors because it piggybacks on the credibility of a brand to legitimize a malicious objective. As a result, it is one of the most common components of a cyber attack.
November 25, 2020
What is a Look-alike Domain?
By definition, a look-alike domain is a nearly identical, slightly altered domain name, registered with intent to deceive. In this post, we'll describe how domains help us communicate on the Internet, the anatomy of a look-alike domain and why we fall for them, how attackers create them, and the best place to begin when facing this common threat.
November 25, 2020
How to Detect Look-alike Domain Registrations
Malicious domains are attributed to a wide variety of cyber attacks capable of undermining a brand's credibility. A spoofed domain is easy and quick to create, and can act as the catalyst for malicious email campaigns and phishing sites. In order to detect and action domain threats targeting your organization, security teams need to implement mature and progressive processes for collection and curation.
October 23, 2020
Planetary Reef: Cybercriminal Hosting and Phishing-as-a-Service Threat Actor
PhishLabs is monitoring a threat actor group that has set up fraudulent hosting companies with leased IP space from a legitimate reseller. They are using this infrastructure for bulletproof hosting services as well as to carry out their own phishing attacks. The group, which is based in Indonesia, has been dubbed Planetary Reef.
October 20, 2020
Eliminating the Threat of Look-alike Domains
There are many ways look-alike domains can be used by threat actors. This, in addition to diverse registrar requirements for removal, can make mitigation complex and often ineffective.
September 28, 2020
APWG: SSL Certificates No Longer Indication of Safe Browsing
Key highlights of the report include a significant increase in wire transfer loss attributed to business email compromise (BEC) attacks from the first quarter and a 20% increase in BEC attacks targeting the social media sector.