tag = "Phishing"

Free Tools and Services Fuel Phishing Increase

Phishing volume continues to outpace 2020 by 22%, according to PhishLabs’ Quarterly Threat Trends & Intelligence Report.

Qbot Leads Payload Volume in Q2

PhishLabs is monitoring payload families reported in user inboxes. In this piece, we break down the top malware targeting enterprises in Q2.

APWG Q3 Report:Four Out of Five Criminals Prefer HTTPS

Highlights from the report include more than two hundred thousand unique phishing websites detected in August and September, SSL encryption for phishing sites overtaking SSL deployment for general websites, and a 10 percent increase in BEC attacks originating from free webmail accounts.

Limited Impact of Phishing Site Blocklists and Browser Warnings

The life of a phishing site is brief, but impactful. A recent study found that by the time phishing URLs show up in blocklists, most damage is done.

APWG: SSL Certificates No Longer Indication of Safe Browsing

Key highlights of the report include a significant increase in wire transfer loss attributed to business email compromise (BEC) attacks from the first quarter and a 20% increase in BEC attacks targeting the social media sector.

Evasion Techniques: User-Agent Blocking

As Phishing attacks get more sophisticated on the social engineering front, so to does the technology and techniques behind keeping them online longer.

How Threat Actors are Abusing Coronavirus Uncertainty

As the coronavirus becomes a global pandemic, threat actors have begun abusing the fear surrounding it. One lure we have spotted even mimics the CDC.

New Webinar: Inside the World of Social Media Phishing: Financial Scams

Attend our upcoming webinar to learn about the latest techniques threat actors use to abuse social media for phishing attacks.

APWG: Phishing Continues to Rise, Threat Actors Love Gift Cards

APWG's Q2 report shows phishing increasing, SaaS industry prime target, and threat actors are after gift cards.

Phishing Number One Cause of Data Breaches: Lessons from Verizon DBIR

Verizon's annual Data Breach Investigations Report has just been released. What does it have to say about Phishing?

The Definition of Phishing

Phishing: Social engineering using digital methods for malicious purposes.

Using Reported Phish to Hunt Threats

Everybody knows that reported phishing emails are a valuable resource. But are you making maximum use of yours? This is how you can use reported phish to aid your threat hunting capability.

Silent Librarian University Attacks Continue Unabated in Days Following Indictment

Following the formal indictment of nine Iranian threat actors on March 23, 'Silent Librarian' attacks against universities and other research organizations have continued unabated.

New Variant of BankBot Banking Trojan Ups Ante, Cashes Out on Android Users

BankBot Anubis takes mobile threats to the next level incorporating ransomware, keylogger abilities, remote access trojan functions, SMS interception, call forwarding, and lock screen functionality.

The 11 Types of Reported Emails

Reporting an email to your IT team is incredibly important, and it's because these 11 email types each have different impacts.

Holiday Phishing Scams Target Job Seekers

Job scams represent only one of the many techniques deployed by criminals, who are growing increasingly creative and sophisticated in luring their victims.

How to Use URL Pattern Analysis for Phishing Detection & Mitigation

Find out how URL pattern analysis can dramatically reduce the time and energy required to produce actionable phishing intelligence

How to Calculate ROI for Security Awareness Training

It's notoriously hard to evidence the need for investment in security awareness. But with a concrete ROI forecast, the task becomes must easier.

How and Why You Should Calculate Your Organization’s Cost of Phishing

With so many variables and conflicting claims calculating the cost of phishing can be difficult. Let us make it easy for you.

Why Some Phishing Emails Will Always Get Through Your Spam Filter

If you've ever configured a spam filter, you know how frustrating it can be. Here's why some phishing emails always get through.

Why Your Users Keep Falling for Phishing Scams

Phishing has become a huge concern in recent years, and it can be frustrating when users continue to fall for them. Here's why it happens.

When Good Websites Turn Evil: How Cybercriminals Exploit File Upload Features to Host Phishing Sites

Compromised websites are an integral part of the cybercrime ecosystem. PhishLabs recommends these steps to help prevent this kind of exploit.

Google AdWords Used in Bitcoin, Banking, and Online Gambling Phishing Campaigns

Hackers targeting bitcoin wallet users are leveraging Google's AdWords. Phishlabs has previously seen similar attacks over the past year.

Recent Phishing Campaign Uses Jabber to Exfiltrate Compromised Information

PhishLabs' phishing research and analysis have shown that phishers are continually developing new methods to facilitate their malicious activities.

Cyberespionage Phishing Attack, Backoff Malware Spreads, Retail Breach and more | TWIC – October 24, 2014

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source). Think community financial institutions aren’t in the crosshairs for account takeover? Think again. (PhishLabs) There is clear evidence that account takeover (ATO) is a big problem and growing worse. The Federal Reserve Bank of Atlanta […]

Shellshock Phishing Attacks, Windows Zero-Day Vulnerability, Dropbox Hack and More | TWIC – October 17, 2014

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

Smash & Grab cybercrime attacks have been active since mid-June

Last week, researchers at Proofpoint reported an attack campaign, which was dubbed “Smash & Grab," targeting customers of JP Morgan Chase. Based on intelligence from the Phishlabs R.A.I.D. (Research, Analysis, and Intelligence Division), the “Smash & Grab" operations have been active since at least mid-June. The attacks use email messages to direct potential victims to a phishing page. Visitors to the phishing page are also exposed to an exploit kit that abuses software vulnerabilities to infect victims with malware.

Phishing Takedown < Anti-Phishing < Phishing Protection

Phishing takedown services, anti-phishing services, phishing protection. What's best for stopping phishing attacks? Learn the key distinctions and how they make a big difference.

Phishing for Bitcoins

PhishLabs has detected a new phishing attack targeting users of the Mt. Gox bitcoin exchange: While most phishing attacks used hacked legitimate web sites to host phishing pages, this particular attack is using a registered domain name of RAA.CN.COM. CN.COM isn’t a real top-level domain name, but CentralNic allows registrars to sell third-level domains within […]

Why Phishing Matters

Almost every day I speak with a bank somewhere about phishing. I ask them how much of a threat is it, what are they doing about it, and how does it affect their business. Surprisingly, the answers I get vary quite a bit from one organization to another. Most are concerned about the costs of […]

Phishing Site Asks to Upload Image of Their Driver’s License and Phone Bill

PhishLabs has discovered a new variant of a common phishing page that prompts users to upload a scanned copy of their driver’s license and telephone bill. The scam detected targets customers of a large US bank. Most likely the phisher is attempting to circumvent additional security measures by the bank such as telephone based authentication […]

PhishLabs Discovers Instagram Phishing Site

PhishLabs has discovered a phishing site targeting Instagram users:   It is not clear if the intention of the responsible miscreants is to steal photos, email credentials, or Facebook credentials. It is probably the latter given the phishing site redirects to Facebook after stealing an email address and password. However, it does seem clear that […]

David Hasselhoff – Anti-Phishing Educator?

Xfire “is a free tool that automatically keeps track of when and where gamers are playing PC games online and lets their friends join them easily.” PhishLabs recently discovered a phishing page targeting Xfire users that used a clever trick to warn potential victims. By using cascading style sheets (.css) files that are generated on […]

Advancements in Phishing Redirector Scripts

Almost since the beginning of phishing, attackers have created simple webpages that redirect users to another URL that contains the actual phishing form. They do this for several reasons. In case their phishing site is shutdown, they can simply change the destination of the redirect to point to another phishing site. This means that everyone […]

Rock Moves to Email Attachments

For over a year, the Rock Phish Gang was using the Avalanche botnet to host their various phishing scams and malware distribution sites. Fortunately, the botnet was shutdown last week – how long remains to be seen. Unfortunately, the Rock Phish Gang have not gone away. These criminals continue to distribute their Zeus trojans and […]

Cleaning up from the Avalanche

The Avalanche botnet, also known as “MS-Redirect”, has been responsible for hosting phishing pages and malware distribution attacks on over 35 organizations, including the IRS, Facebook, MySpace, most recently NACHA, and many more. Unfortunately, there’s a great deal of confusion over how this botnet works and how it’s related to other malware. Let’s clear it […]

Open Formmailers Won’t Die

Some security problems just never seem to go away. I’m not sure if its because there’s a steady stream of new web developers that have to learn things the hard way, if people forget, or they think that their open programs won’t be found by the bad guys. Unfortunately for those of us that fight […]

Top 10 Free Phish Kit Users

There are numerous sites on the Internet where aspiring cybercriminals can download free phishing kits. Despite it being relatively well known that most kits have backdoors in them that cause stolen information to be sent to the kit authors, they’re still used quite frequently. Interestingly, one such free phish kit distribution site added flag counter […]

Evil Searching and Phishing

Nearly a year ago I asserted in a Dark Reading interview that phishers were using Google and other search engines to find vulnerable web sites which they used to launch their scams. By a simple analysis of the web hosts and URLs used in phishing, I estimated that the vast majority of phishing web sites […]

Acrobat 0-Day Used in Targeted Attacks

You may have heard about a recently discovered 0-day vulnerability in Adobe Acrobat that has been used in targeted attacks. While this isn’t anything like a traditional phishing or malware attack, it could be considered a type of ‘spear’ phishing. In case you haven’t heard the details yet, there’s a vulnerability in Adobe Acrobat Reader […]

Phisher Email Address Harvesting Tools

How do phishers choose their targets? Usually, it is relatively random. Occasionally, phishers will be able to hack into some online web application or ecommerce site and create a dump of the database along with victim email addresses and locations, but that’s not a common scenario. Most of the time, they use tools to extract […]

Phisher Tactics: “True Logins” Phishing Kits

Over on the Symantec Security Response Online Fraud blog, Antonio Forzieri, follows up to his previous post about reactive phishing defenses. In his post, Antonio discusses the merits and pitfalls of diluting phishing sites with different types of bogus data. The last case, where phishers automatically validate the data from within the phishing site itself […]