When it comes to email authentication standards, should you use DKIM, SPF, or both? We’re going to cover these terms, when you should use them, what they do—and how best to protect your email domains. Is it Either/Or—or Both? Should the battle really be SPF vs. DKIM? While not mandatory, it’s highly recommended to use both SPF and DKIM to protect your email domains from spoofing attacks and...

Phishing is one of the most prevalent forms of cyberattack used by bad threat actors to either steal personal data, or to gain entrance into a business’ network. These surreptitious and malicious email messages trick unsuspecting recipients into clicking a link or opening an attachment that contains malware, ransomware, or in the case of Business Email Compromise (BEC), employs impersonation...

QBot was the most reported payload targeting employee inboxes in Q4, according to Fortra’s PhishLabs. This is the fourth consecutive month QBot has led malware activity as bad actors target organizations with a steady stream of high-volume attack campaigns. QBot previously represented the second most reported payload family, trailing behind RedLine Stealer in Q3. Email payloads remain the primary...

In this DKIM setup guide, we’ll walk you through the steps on how to set up DKIM correctly, test it, avoid common pitfalls, and fix common mistakes. In case you’re new to DKIM, or DomainKeys Identified Mail, we’ll start with a high-level overview before getting to the step-by-step instructions, but you can first look up your DKIM record here. What is DKIM? A Brief Introduction DKIM is a...

In this post, we’ll briefly explain what a DMARC policy is, how to set up your DMARC email record, what the three types of DMARC policies are and when to implement each one, and how to diagnose and fix any issues associated with it. Basically, your DMARC policy tells email receivers what to do with illegitimate or possibly fraudulent emails—whether to reject, quarantine, or accept them. Overall,...

In Q3, nearly 80% of threat actors opted to compromise existing websites or abuse free tools when staging phishing sites, according to the latest data from Fortra’s PhishLabs. While Compromised Sites represented the lion’s share of staging activity, URL Shorteners, Free Domain Registrations, and Developer Tools all experienced increased abuse in Q3 and pointed to sustained criminal interest in no...

In Q3, Redline Stealer represented nearly half of all malware attacks targeting corporate user inboxes. This is the first quarter Redline has led payload volume since PhishLabs began reporting on malware activity. Email payloads remain the primary delivery method of ransomware targeting organizations. PhishLabs continuously monitors payload families reported in corporate inboxes to help mitigate...

In Q2, four out of five phishing sites were staged using infrastructure that required no investment on the part of threat actors, including Compromised Sites and Free Tools and Services, according to the Agari & PhishLabs Quarterly Threat Trends & Intelligence Report. Although the volume of Paid Domain Registrations associated with phishing sites grew slightly, threat actors continue to choose no...

In Q2, Response-Based attacks targeting corporate inboxes climbed to their highest volume since 2020, according to the latest Quarterly Threat Trends & Intelligence Report from Agari and PhishLabs. Response-Based threats such as Advanced-Fee Fraud, Business Email Compromise (BEC), and hybrid Vishing attacks all demonstrated increased volume in Q2, with Vishing specifically growing 625% over the...

Courtesy of Digital Guardian by Fortra Attackers continue to find clever new ways to disguise phishing emails. Here are 10 different ways you can identify a phishing email. While large-scale ransomware and distributed denial of service (DDoS) attacks may be taking up up the bulk of people’s cybersecurity news feeds, organizations have more to worry about than the newest and most sophisticated...

Cyber attacks targeting retail brands have increased dramatically over the last year. Since Q3 2021, retail has experienced a nearly 500% increase in attacks on social media alone. Counterfeit websites and look-alike domains are also among the top threats to online retailers. Attackers incorporate stolen designs and trademarks to stand up counterfeit sites, outbid legitimate businesses with...

In Q1, more than 51% of phishing sites abused paid services, according to the Agari and PhishLabs Quarterly Threat Trends & Intelligence Report. This is the first time in five consecutive quarters where the majority of phishing sites were staged using Paid Domain Registrations or Compromised Sites. Phishing volume as a whole continues to increase in 2022 in comparison to the same time period last...

Vishing attacks have increased almost 550 percent over the last twelve months, according to Agari and PhishLabs’ Quarterly Threat Trends & Intelligence Report. The May report uses hundreds of thousands of phishing and social media threats analyzed and mitigated by Agari and PhishLabs, both of which are part of the Fortra cybersecurity portfolio. By identifying and mitigating attacks targeting...

PhishLabs has identified a Browser-in-the-Browser (BitB) campaign targeting financial institutions with a fake Office 365 (O365) authorization protocol. The attack is delivered via phishing email and redirects the victim to a website impersonating an O365 single sign-on (SSO) page. A BitB attack is a novel phishing technique that replicates pop-up windows used for SSO in an effort to steal login...

Qbot payloads targeting enterprises contributed to almost three quarters of all email-based malware since the beginning of 2022. Although reported malware activity among families continues to fluctuate dramatically from quarter to quarter, QBot reports in Q1 represent the highest volume of a single malware variety over the past 12 months. Phishing lures delivering payloads remain the primary...

In this guest blog, Dr Ed Amoroso, CEO, Tag Cyber, provides a high-level overview of the Fortra cybersecurity portfolio value proposition based on a mapping of its component solution offerings to the NIST Cybersecurity Framework (CSF) phases. Forty years ago, an engineer in Minnesota decided that computer costs for the IBM System/38 were getting too high. So, he began investigating and building...

Courtesy of Agari by Fortra. You probably already know this, but it bears repeating: Email by itself is NOT secure; anyone can use someone else’s identity to send emails. In fact, email is the #1 way cyberattackers can target your customers and your email ecosystem. No brand is untouchable when it comes to attackers using or spoofing email domains to send spam, phishing attempts, malware, or...

Phishing site volume increased 28% over the course of 2021, according to PhishLabs Quarterly Threat Trends & Intelligence Report. Attacks last year displayed increasingly volatile behavior on a month-to-month basis, often intermixed with a variety of attack vectors. Despite a lack of congruency, phishing unequivocally remains the most dominant attack method targeting organizations. Every quarter,...

Hybrid Vishing attacks have increased 554% in volume, according to PhishLabs’ Quarterly Threat Trends & Intelligence Report. Response-Based attacks such as these, combined with Credential Theft and Malware Delivery, collectively represent the top online attack vector targeting corporate users. Every quarter, PhishLabs analyzes hundreds of thousands of phishing and social media attacks targeting...

Phishing attacks targeting consumers during 2021 have increased nearly 32% from 2020, according to PhishLabs’ Quarterly Threat Trends & Intelligence Report. While trends have been erratic, multiple spikes in activity continue to make phishing the most dominant attack method on the threat landscape. Threat actors are experimenting with a variety of tactics to target enterprises with these attacks,...