Resources
Blog

Active Phishing Campaign: Yousign HR Lure

By Meriam Senouci on Thu, 05/23/2024
A new, sophisticated active phishing campaigns focuses on malicious emails that leverage Yousign e-signature services to carry out phishing attacks. Learn more about this tactic through examples, high-level details, and associated threat indicators.
Online Impersonation
Datasheet

Intelligence Assessments

Fortra’s PhishLabs Intelligence Assessments provide a better understanding of the threat landscape, threat actor behavior, and the types of threats targeting organizations. Learn how Intelligence Assessments leverage a combination of threat intelligence feeds, advanced analytics, and expert analysis to help organizations enhance their cybersecurity posture.
fta-identify-and-disrupt-threats-before-attackers-strike-800x454.jpg
On-Demand Webinar

Identify and Disrupt Threats Before Attackers Strike

Join us as Fortra experts detail expanded capabilities, insight, and anti-threat measures to better address blind spots, proactively disrupt threat actors, prevent fraud, and enrich security. Attendees will learn about the newly expanded capabilities, including: Compromised Credentials Monitoring enables users to proactively defend against fraud...
Datasheet

Fortra Threat Intelligence Services

Fortra’s Threat Intelligence services empower enterprises to take proactive measures against threats by delivering critical insight to disrupt threat actors, prevent fraud, and enrich security controls.
Guide

Disrupt Counterfeit Threats

A Digital Risk Protection Playbook Counterfeit threats, such as fraudulent ads and look-alike domains, are on the rise especially with the expansion of e-commerce and online consumer-to-business interaction. However, the collection and mitigation of counterfeit activity can be complicated. Prioritizing relationships with platforms and providers along with collecting data showing evidence of...
fta-pl-emerging-threats-disrupt-counterfeit-activity-targeting-retail-brands
Video

Emerging Threats: Disrupt Counterfeit Activity Targeting Retail Brands

Eric George, Director of Solution Engineering at PhishLabs As retail brands expand their online presence to selling goods and engaging with consumers, threat actors are leveraging the credibility of reputable organizations to profit off of cannibalized sales. Counterfeit storefronts mimic legitimate brands using look-alike domains, copyrighted...
Online Impersonation
Free Domain Abuse Plummets in Q1 as Staging Methods Shift
Blog

LastPass and Fortra’s PhishLabs Work Together to Protect Customers From Phishing Scams

Tue, 09/26/2023
One of our Digital Risk Protection service customers, LastPass, is committed to monitoring the cyber threat environment to keep our customers as secure as possible. To highlight this commitment, we want to call attention to recent joint efforts to disrupt a phishing campaign targeting LastPass customers and associates that began two weeks ago. We are sharing this with you not because it is a new...
Phishing Sites Impersonating Social Media Jump in Q2
Blog

Phishing Sites Impersonating Social Media Jump in Q2

By Jessica Ryan on Thu, 08/10/2023
In Q2, phishing attacks targeting social media platforms increased more than 23%, according to Fortra’s PhishLabs. This is the greatest volume of attacks on social media in two years and puts the industry ahead of historically top targeted financial institutions. Every quarter, Fortra’s PhishLabs examines hundreds of thousands of phishing attacks targeting enterprises and their brands. In this...
Social Media Security Awareness: What you Should Know
Blog

Social Media Security Awareness: What you Should Know

Thu, 08/03/2023
The latest Verizon Data Breach Investigations report indicates that over 70% of data breaches involved the human element. Cybercriminals exploit people to trick them into clicking unsafe links, opening malicious attachments, entering their credentials into bogus login pages, sharing sensitive data, and authorizing fraudulent fund transfers. One area where many exploits take place is on social...
On-Demand Webinar

Social Media Intelligence: Real World Threats, Real World Impact

Each day, 3.5 billion people use some form of social media. This is close to half of the global population. Because of the wide spread use and adoption of these various platforms, threat actors are increasing the abuse of both the brands and their accounts faster than any other digital medium. Moreover, most platforms lack the necessary security controls to protect their users. This creates a...
The Science Behind the Scenes: How Machine Learning Combats Phishing Attacks and BEC
Blog

The Science Behind the Scenes: How Machine Learning Combats Phishing Attacks and BEC

Thu, 07/20/2023
Because email remains the most ubiquitous form of business communication, it continues to be a favorite attack vector for cybercriminals. Email has always been vulnerable because it was not originally designed with security or privacy in mind. As a result, email security vendors emerged to protect this critical communication channel. In the early days, many vendors used signature or reputation...
Top Tactics of BEC Attacks in 2023
Blog

Top Tactics of BEC Attacks in 2023

By Jessica Ryan on Thu, 04/27/2023
Email impersonation is the fastest growing and most successful means of bypassing email security controls. In Q4 2022, the response-based and credential theft attacks that make up email impersonation reached their highest percentage of share of all email threat volume, contributing to more than 97% of attacks reported by end users. In this series, we look at the top email impersonation threats...
What to Know About Business Email Compromise (BEC) Scams
Blog

What to Know About Business Email Compromise (BEC) Scams

Thu, 04/06/2023
Business email compromise (BEC) is a dangerous type of email spoofing that targets businesses, aiming to damage them in some way. Overall, BEC “is one of the most financially damaging online crimes,” according to a joint Cybersecurity Advisory by the Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of...
More than Half of All Phishing Sites Impersonate Financials in Q4
Blog

More than Half of All Phishing Sites Impersonate Financials in Q4

By Jessica Ryan on Thu, 02/16/2023
Phishing sites impersonating reputable organizations continue to represent the top online threat to businesses and their brands. In Q4, Financial Institutions were targeted most by credential theft phish, experiencing the largest share of malicious sites recorded since 2021, according to Fortra’s PhishLabs. Within the group, criminals capitalized on the broad customer bases and recognizable names...
What Is an Enterprise’s Secondary Line of Defense Against Phishing Emails?
Blog

What Is an Enterprise’s Secondary Line of Defense Against Phishing Emails?

Mon, 01/23/2023
One of the most popular attack strategies used by criminals to mislead consumers into doing the wrong thing is phishing. Phishing can occur via text message (SMS or instant messaging apps, coined SMiShing), social media or via phone, but email-based attacks are the ones most often linked to the term. It's easy for phishing emails to reach millions of users at once and to blend in with the many...
What Is an Enterprise’s Primary Line of Defense Against Phishing Emails?
Blog

What Is an Enterprise’s Primary Line of Defense Against Phishing Emails?

By Monica Delyani on Wed, 01/18/2023
Phishing is one of the most prevalent forms of cyberattack used by bad threat actors to either steal personal data, or to gain entrance into a business’ network. These surreptitious and malicious email messages trick unsuspecting recipients into clicking a link or opening an attachment that contains malware, ransomware, or in the case of Business Email Compromise (BEC), employs impersonation...
Holiday Season Triggers Rise in Counterfeit Activity
Blog

Holiday Season Triggers Rise in Counterfeit Activity

Thu, 12/08/2022
Criminals are capitalizing on the urgency behind gift-giving celebrations such as Black Friday, Cyber Monday, Christmas, and Hanukkah. Counterfeit activity has grown more than 50% from September through November, with a 27% increase over the course of November alone, according to Fortra’s PhishLabs. These threats are impersonating brands on social media and the open web to target consumers with...
Financials See Increase in Phishing Attacks, Compromised Sites Lead Staging Methods in Q3
Blog

Financials See Increase in Phishing Attacks, Compromised Sites Lead Staging Methods in Q3

By Jessica Ryan on Thu, 11/10/2022
In Q3, nearly 80% of threat actors opted to compromise existing websites or abuse free tools when staging phishing sites, according to the latest data from Fortra’s PhishLabs. While Compromised Sites represented the lion’s share of staging activity, URL Shorteners, Free Domain Registrations, and Developer Tools all experienced increased abuse in Q3 and pointed to sustained criminal interest in no...
How to Mitigate Online Counterfeit Threats
Blog

How to Mitigate Online Counterfeit Threats

Thu, 09/22/2022
The broad scope of counterfeit campaigns and unclear boundaries of abuse make it challenging to successfully mitigate online threats targeting retail brands. There is a fine line between infringement and fair use of publicly made materials, as well as immeasurable online environments where counterfeit campaigns may live and grow. Additionally, bad actors are continuously modifying attack...
How to Collect Intelligence on Threats Targeting Retail Brands
Blog

How to Collect Intelligence on Threats Targeting Retail Brands

Thu, 09/15/2022
Retail brands are increasingly targeted with fraudulent advertisements, fake social accounts, and falsely branded websites. These multipronged counterfeit campaigns redirect sales and compromise consumer data using brand recognition, the same component critical to driving sales within the retail industry. The massive expansion of ecommerce and online consumer-to-retail interaction creates a...