Resources
Blog

Active Phishing Campaign: Yousign HR Lure

By Meriam Senouci on Thu, 05/23/2024
A new, sophisticated active phishing campaigns focuses on malicious emails that leverage Yousign e-signature services to carry out phishing attacks. Learn more about this tactic through examples, high-level details, and associated threat indicators.
Online Impersonation
Financials and Card Data Top Q3 Targets on the Dark Web
Blog

Abusing Data to Avoid Detection: Cybercriminal Adoption of Browser Fingerprinting

Fri, 04/05/2024
Browser fingerprinting is one of many tactics phishing site authors use to evade security checks and lengthen the lifespan of malicious campaigns. While browser fingerprinting has been used by legitimate organizations to uniquely identify web browsers for nearly 15 years, it is now commonly exploited by cybercriminals. Today, it is considered widely used for phishing purposes.
Online Impersonation
fta-pl-handling-threats-that-land-in-user-inboxes
Video

On-Demand Webinar: Handling Threats That Land in User Inboxes

The risk of a user receiving a socially engineered attack is higher than ever, and technological solutions often miss the most devastating of them. Though technology is both an important and required component in protecting the enterprise, security teams need to remain vigilant and educated on quickly identifying threats which make it past...
Account Takeover Protection
Executive Protection
Online Impersonation
External Data Leaks
fta-pl-evolving-your-cyber-threat-intel-program-into-action
Video

Digital Risk Protection: Evolving Your Cyber Threat Intel Program Into Action

Now Available On-demand Digital Risk Protection is an emerging technology that is on the rise in Gartner’s latest Hype Cycle for Security Operations. In this webinar, PhishLabs’ Manager of Solutions Engineering, Eric George, will break down Digital Risk Protection, explain how it works, and share recent use cases. You will learn how enterprises use...
External Data Leaks
fta-domain-protection-best-practices-webinar
Video

Domain Protection Best Practices Webinar

Domains are the cornerstone of an organization’s digital presence and IT infrastructure, which means domains are also lucrative to cybercriminals who use domain impersonation to create fake email addresses and websites for personal gain. Organizations cannot afford to keep domain protection out of their overall cybersecurity strategy. Watch Eric...
Online Impersonation
cyber threat defense report thumbnail
Video

Key Insights from the 2023 Cyberthreat Defense Report

Eric George, Director of Solutions Engineering at Fortra, and Steve Piper, CEO of CyberEdge The 2023 Cyberthreat Defense Report provides deep insight into the perspectives of cybersecurity professionals. Join us to learn what your peers are thinking and doing Thursday, May 4, at 11 a.m. ET. Eric George, Director of Solutions Engineering at Fortra, and Steve Piper, CEO of CyberEdge, will present...
Account Takeover Protection
Online Impersonation
fta-pl-emerging-threats-disrupt-counterfeit-activity-targeting-retail-brands
Video

Emerging Threats: Disrupt Counterfeit Activity Targeting Retail Brands

Eric George, Director of Solution Engineering at PhishLabs As retail brands expand their online presence to selling goods and engaging with consumers, threat actors are leveraging the credibility of reputable organizations to profit off of cannibalized sales. Counterfeit storefronts mimic legitimate brands using look-alike domains, copyrighted...
Online Impersonation
Top Brand Threats and Defense Tactics
Guide

Brand Threats Masterclass

In 2024, organizations face growing brand protection challenges with online impersonation attacks targeting their assets through non-traditional means. These attacks are spanning channels not typically protected by corporate controls and leveraging AI to generate lures, making detection increasingly broad and mitigation nuanced. To better understand the top brand risks, Fortra held a roundtable...
Account Takeover Protection
External Data Leaks
On-Demand Webinar

ҰourDoma1п.com: How Look-alike Domains Drive BEC, Brand Abuse, and More

Domains are often the first source of interaction with customers. However, anyone can register a look-alike domain, create a fraudulent website, and start impersonating a trusted company – quickly diminishing brand credibility. In this webinar, PhishLabs’ Founder and CTO, John LaCour, will cover why cyber criminals register hundreds of thousands of look-alike domains every year and how they use...
Online Impersonation
On-Demand Webinar

Quarterly Threat Trends & Intelligence Webinar (August 2022)

John Wilson, Senior Fellow for Threat Research at Agari by Fortra Throughout Q2, Agari and PhishLabs detected and mitigated hundreds of thousands of phishing, social media, email, and dark web threats targeting a broad range of enterprises and brands. The Quarterly Threat Trends & Intelligence Report provides an analysis of the latest findings and insights into key trends shaping the threat...
Account Takeover Protection
Executive Protection
Online Impersonation
External Data Leaks
On-Demand Webinar

Quarterly Threat Trends & Intelligence Webinar (May 2022)

Throughout Q1, Agari and PhishLabs detected and mitigated hundreds of thousands of phishing, social media, email, and dark web threats targeting a broad range of enterprises and brands. The Quarterly Threat Trends & Intelligence Report provides an analysis of the latest findings and insights into key trends shaping the threat landscape. Join our Quarterly Threat Trends & Intelligence webinar...
Account Takeover Protection
Executive Protection
Online Impersonation
External Data Leaks
Qbot Payloads Dominate Q1
Blog

Qbot Payloads Dominate Q1

By Jessica Ryan on Thu, 04/28/2022
Qbot payloads targeting enterprises contributed to almost three quarters of all email-based malware since the beginning of 2022. Although reported malware activity among families continues to fluctuate dramatically from quarter to quarter, QBot reports in Q1 represent the highest volume of a single malware variety over the past 12 months. Phishing lures delivering payloads remain the primary...
External Data Leaks
On-Demand Webinar

Quarterly Threat Trends & Intelligence Webinar (Feb 2022)

Throughout 2021, PhishLabs detected and mitigated hundreds of thousands of phishing, social media, email, and dark web threats targeting a broad range of enterprises and brands. The PhishLabs Quarterly Threat Trends & Intelligence Report provides an analysis of the latest findings and insights into key trends shaping the threat landscape. Join our Quarterly Threat Trends & Intelligence webinar...
Account Takeover Protection
Executive Protection
Online Impersonation
External Data Leaks
Despite their Simplicity, New Emotet Attacks Forecast Threatening Future
Blog

Despite their Simplicity, New Emotet Attacks Forecast Threatening Future

By Jessica Ryan on Thu, 12/02/2021
PhishLabs has recently observed attacks targeting enterprises with Emotet payloads for the first time since January, when coordinated efforts by authorities to disrupt operations led this family of threat actors to halt activity. Emotet’s primary function is providing malicious software initial access to compromised systems. It is one of the most widely distributed and well-connected malware...
External Data Leaks
On-Demand Webinar

What Threat Actors Don’t Want You to Know: Active Evasion Techniques

Cybercriminals constantly evolve their tactics to evade detection. This is especially true for phishing campaigns. Threat actors frequently use new techniques to make phishing sites more difficult to detect, leading to more stolen credentials and greater fraud losses. In this 30-minute session, PhishLabs will detail the top techniques cybercriminals use to keep phishing sites under the radar and...
External Data Leaks
Emotet Dismantled, Trickbot, ZLoader, and BazarLoader Step In
Blog

Emotet Dismantled, Trickbot, ZLoader, and BazarLoader Step In

By Jessica Ryan on Tue, 02/09/2021
Recently, we published a piece highlighting early stage loaders often used in ransomware attacks. One of the most prolific was Emotet, which has since been taken down via a coordinated, multi-national effort. How will this impact the threat landscape? In this post, we take a look at loader activity in the aftermath of the Emotet takedown. Predominant Payloads In 2020, Emotet, Trickbot, and...
External Data Leaks
Data Leakage on Social Media: Credit Card Info, Confidential Docs
Blog

Data Leakage on Social Media: Credit Card Info, Confidential Docs

By Jessica Ryan on Thu, 06/11/2020
When the term data leak comes to mind, most enterprises think of the dark web. Although compromised information can damage an organization when distributed through gated and anonymous platforms, we are seeing social channels being used to allow for a more rapid and potentially destructive outcome. These platforms have an overwhelming number of global participants, with almost half of the world...
External Data Leaks
On-Demand Webinar

Domains and the Open Web: Defending Against Ever-Evolving Threats Webinar

Big or small, enterprise or startup, in today’s world nearly every business across the globe has some form of digital presence. In most cases this is a website, in others, this may include social media or apps. This is due in part to the ease in establishing these properties, which makes it more accessible than ever before. However, as easy as it is to establish a brand online, so too is it for a...
Online Impersonation
Recap: How to Proactively Protect Users with Email Incident Response
Blog

Recap: How to Proactively Protect Users with Email Incident Response

By Jessica Ryan on Thu, 10/31/2019
This year organizations are estimated to have spent more than $124 billion on security, yet phishing attacks continue to bypass email security technology. Is it possible to proactively stop threats that would otherwise make it past your infrastructure? If you attended our most recent webinar, you know the answer is yes. Before we get into the how, our host and Director of Product Management,...
External Data Leaks