Blog

Blog

Ransomware Attacks: Why Email Is Still THE Most Common Delivery Method

​Organizations face a growing danger from phishing and ransomware, which have been the most common forms of cybercrime in recent years. Most businesses have fallen victim to phishing or ransomware attacks at some point. Every business needs to act against the growing threat of phishing, the primary method through which ransomware and other malware are spread. On the bright side, organizations have...
Blog

What Is the Meaning of the SPF Email Standard and How Does It Work?

​ We're going to delve into what the meaning of SPF for email is, how to implement it, the benefits of deploying it, and how to further protect your email-sending domains. What is SPF for Email? Sender Policy Framework (SPF) is an email authentication standard that domain owners use to specify the email servers they send email from, making it harder for fraudsters to spoof sender information....
Blog

How to Gain Stakeholder Support for Email Security Investment

Email fraud is on the rise. Phishing emails were the most often used attack type last year, according to numerous reports, including the ENISA Threat Landscape 2022 report. The highest financial losses are reportedly attributable to phishing and business email compromise (BEC) assaults, in which the attacker poses as a coworker or senior executive at a company via email. Email scams are so popular...
Blog

What Is an Enterprise’s Secondary Line of Defense Against Phishing Emails?

One of the most popular attack strategies used by criminals to mislead consumers into doing the wrong thing is phishing. Phishing can occur via text message (SMS or instant messaging apps, coined SMiShing), social media or via phone, but email-based attacks are the ones most often linked to the term. It's easy for phishing emails to reach millions of users at once and to blend in with the many...
Blog

DKIM vs. SPF Email Standards: Do I Need Them Both?

When it comes to email authentication standards, should you use DKIM, SPF, or both? We’re going to cover these terms, when you should use them, what they do—and how best to protect your email domains. Is it Either/Or—or Both? Should the battle really be SPF vs. DKIM? While not mandatory, it’s highly recommended to use both SPF and DKIM to protect your email domains from spoofing attacks and...
Blog

What Is an Enterprise’s Primary Line of Defense Against Phishing Emails?

Phishing is one of the most prevalent forms of cyberattack used by bad threat actors to either steal personal data, or to gain entrance into a business’ network. These surreptitious and malicious email messages trick unsuspecting recipients into clicking a link or opening an attachment that contains malware, ransomware, or in the case of Business Email Compromise (BEC), employs impersonation...
Blog

QBot Campaigns Overwhelmingly Lead Reported Payloads in Q4

QBot was the most reported payload targeting employee inboxes in Q4, according to Fortra’s PhishLabs. This is the fourth consecutive month QBot has led malware activity as bad actors target organizations with a steady stream of high-volume attack campaigns. QBot previously represented the second most reported payload family, trailing behind RedLine Stealer in Q3. Email payloads remain the primary...
Blog

What to do with Suspicious Emails (Don’t Reply!)  

Sometimes when sending phishing simulations to our clients, we setup a reply-to address to see if people will reply to suspicious emails and many do. Many people interpret our simulations as scams and articulate that in colorful language. Others provide information that would be dangerous in the hands of a threat actor, such as contact information for the appropriate employee for us to connect...
Blog

DKIM Guide: How to Set Up the Email Standard Step by Step

In this DKIM setup guide, we’ll walk you through the steps on how to set up DKIM correctly, test it, avoid common pitfalls, and fix common mistakes. In case you’re new to DKIM, or DomainKeys Identified Mail, we’ll start with a high-level overview before getting to the step-by-step instructions, but you can first look up your DKIM record here. What is DKIM? A Brief Introduction DKIM is a...
Blog

What is a DMARC Policy?: The 3 Types Which to Use

In this post, we’ll briefly explain what a DMARC policy is, how to set up your DMARC email record, what the three types of DMARC policies are and when to implement each one, and how to diagnose and fix any issues associated with it. Basically, your DMARC policy tells email receivers what to do with illegitimate or possibly fraudulent emails—whether to reject, quarantine, or accept them. Overall,...
Blog

A Spotlight on Cybersecurity: 2022 Trends and 2023 Predictions

In 2022, geopolitical unrest and an expanding online attack surface contributed to the emergence of several themes across the cyber landscape. Infrastructures associated with opposing ideologies were highly targeted, with government agencies, supply chains, and IOT devices falling victim to high-profile campaigns. Cybercriminals launched increasingly advanced attacks on vulnerable entities, with...
Blog

How to Recognize and Respond to Emerging Social Media Cybersecurity Threats

Facebook. Twitter. Instagram. LinkedIn. YouTube. Pinterest. Mastodon. The list goes on. Whether you love or loathe social media, these platforms have become integral to how we communicate as individuals and businesses. Cybercriminals have also taken note, embracing these communication channels wholeheartedly to reach vast audiences quickly, anonymously, and cheaply, successfully defrauding targets...
Blog

Holiday Season Triggers Rise in Counterfeit Activity

Criminals are capitalizing on the urgency behind gift-giving celebrations such as Black Friday, Cyber Monday, Christmas, and Hanukkah. Counterfeit activity has grown more than 50% from September through November, with a 27% increase over the course of November alone, according to Fortra’s PhishLabs. These threats are impersonating brands on social media and the open web to target consumers with...
Blog

Financials and Card Data Top Q3 Targets on the Dark Web

In Q3, Credit Unions nearly overtook National Banks as the top targeted industry on the Dark Web, according to recent data from Fortra’s PhishLabs. Credit Unions have been increasingly targeted on underground channels, with Q3 2022 representing the highest incident count for the industry in four consecutive quarters. Compromised data associated with Financial Institutions as a whole is...
Blog

Attacks Targeting Businesses on Social Media Jump 40% YoY

In Q3, the volume of social media attacks targeting the average business was 40.4% higher than the same time last year, according to the latest data from Fortra’s PhishLabs. Social media attack volume has grown significantly year-over-year with the average business in 2022 experiencing 84.5 malicious incidents per month versus 50.59 in 2021. Fortra analyzes hundreds of thousands of social media...
Blog

Emails Reported as Malicious Reach Four-Quarter High in Q3

The volume of malicious emails reported in corporate inboxes has reached a four-quarter high, according to the latest data from Fortra’s PhishLabs. These threats are largely composed of Response-Based, Credential Theft, and Malware attacks targeting employees. Every quarter, Fortra analyzes hundreds of thousands of phishing and social media attacks targeting enterprises, brands, and employees. In...
Blog

Financials See Increase in Phishing Attacks, Compromised Sites Lead Staging Methods in Q3

In Q3, nearly 80% of threat actors opted to compromise existing websites or abuse free tools when staging phishing sites, according to the latest data from Fortra’s PhishLabs. While Compromised Sites represented the lion’s share of staging activity, URL Shorteners, Free Domain Registrations, and Developer Tools all experienced increased abuse in Q3 and pointed to sustained criminal interest in no...
Blog

Social Media Mitigation Best Practices for All Financial Institutions

The financial industry continues to experience the largest volume of abuse among all industries on social media. In Q3 banks, credit unions, and other F.I.’s contributed to nearly three-quarters of all attacks on social platforms, with national banks alone more than tripling the volume of the top targeted non-financial, retail. The top threats to financial institutions on social media consist of...
Blog

RedLine Stealer Leads Payloads in Q3

In Q3, Redline Stealer represented nearly half of all malware attacks targeting corporate user inboxes. This is the first quarter Redline has led payload volume since PhishLabs began reporting on malware activity. Email payloads remain the primary delivery method of ransomware targeting organizations. PhishLabs continuously monitors payload families reported in corporate inboxes to help mitigate...
Blog

What is Email Spoofing?

Courtesy of Agari by Fortra Email spoofing is one of the most common forms of cybercriminal activity, specifically a form of identity deception that's widely used in phishing and spam attacks. It underpins the mechanism required to conduct hacking activities, and it can take many forms. Unfortunately, most email users will eventually receive an email that has been spoofed—whether they know it or...