Active Phishing Campaigns are coordinated attacks that Fortra has observed bypassing email security gateways and filtering tools. The following analysis includes examples, high-level details, and associated threat indicators. Sample Email Lure Sender VerificationSender’s Email: ogawa@kidscorp[.]jp Sender’s Name: Beth KolcunReply-To Address: beth...

One of the most used phishing-as-a-service platforms, LabHost, has been taken down by an international group of law enforcement authorities coordinated by Europol. Fortra has closely monitored LabHost and has mitigated tens of thousands of phishing attacks carried out by cybercriminals using the platform in recent years.

Browser fingerprinting is one of many tactics phishing site authors use to evade security checks and lengthen the lifespan of malicious campaigns. While browser fingerprinting has been used by legitimate organizations to uniquely identify web browsers for nearly 15 years, it is now commonly exploited by cybercriminals. Today, it is considered widely used for phishing purposes.

In Q4, three malware families represented more than 93% of all payload volume targeting end users, with Malware-as-a-Service (MaaS) DarkLoader leading all other reports. Fortra first received reports of DarkLoader in user inboxes in Q3, with attack volume picking up significantly beginning in October. The shift to criminal activity associated with DarkLoader comes after coordinated efforts by...

Fortra is monitoring malicious activity targeting Canadian banks conducted by Phishing-as-a-Service group LabHost. Throughout 2022 and 2023, Fortra has observed phishing attacks connected with Phishing-as-a-Service (PhaaS) groups grow as threat actors use the tools provided through membership services to launch a variety of campaigns. The providers of these platforms boast features such as access...

Historically, the average brand is targeted by 40 look-alike domains per month. Look-alikes are a strategic component of malicious lures and websites and used in a variety of spaces including social platforms, text messages, the open web, and email. An attack that incorporates a look-alike domain can mean the difference between a convincing campaign and a suspicious one, with a versatility that...

Is your organisation ready to tackle the new challenge of QR code phishing, also known as quishing? In this TechNewsWorld article, Dr. Steve Jeffery discusses the latest carrier of choice for payloads via email.

Executive impersonation on social media is at an all-time high as threat actors take advantage of AI to improve and scale their attacks. In Q3, accounts pretending to belong to high-ranking executives on social media climbed to more than 54% of total impersonation volume, surpassing brand attacks for the first time since Fortra began tracking this data. The volume and composition of these attacks...

Criminals are constantly innovating ways to enhance deliverability and increase the success of their campaigns. Email phishing remains one of the most significant threats to organizations, but a growing number of campaigns are first touching victims via non-traditional lures or through engagement on platforms where users are more susceptible to scams. Understanding how online threats are evolving...

In this Tripwire guest blog, we break down how to best communicate the significance of a cybersecurity investment. Despite increasing data breaches, ransomware attacks, and assorted cyber threats, convincing the Board of Directors to invest in robust cybersecurity isn't always easy for many businesses. The challenge originates mainly from the need to demonstrate a quantifiable Return On...

How will the digital risk and email security landscape evolve in 2024? In this VM Blog article, Eric George discusses the industry’s future and shares his seven predictions for 2024. Originally published in VM Blog. Excerpt: “AI and ML will enhance capabilities on both sides of the cyber landscape – for good and bad. On the defensive side, those protecting the targets will use advanced data...

It’s not news that most enterprises operate in the cloud. Migration to the cloud leads to better collaboration, data storage, and lower costs compared to on-premises resources. Odds are your organization is currently enjoying the conveniences of the cloud. The cloud has reshaped the way organizations operate, but with the migration comes new obstacles in email security, and the cloud has its own...

As we approach the end of the year, LastPass Labs has reviewed the last 12 months to take account of the threat environment and how it has changed, as well as our accomplishments. Throughout 2023, the Threat Intelligence, Mitigation, and Escalations (TIME) team focused on rapidly expanding our capabilities to protect our customers from phishing sites and/or infostealers. A major part of this...

There is little doubt that AI-fueled impersonation campaigns and novel attacks via non-traditional channels have emerged as a primary concern for security teams. Brand impersonation is on the rise, with nearly 40 look-alike domains targeting brands each month. On social media, impersonation attacks account for almost half of all threatening content. And online counterfeit campaigns are...

Google and Yahoo announced new email authentication requirements for those sending email to their users, with a rapid deadline of February 2024. At Fortra, we commend this push to require email authentication as a huge step in the ongoing fight against spoofing and abuse. But if the requirements are not in place by the deadline, certain emails may no longer be delivered. This could prove...