Criminals are capitalizing on the urgency behind gift-giving celebrations such as Black Friday, Cyber Monday, Christmas, and Hanukkah. Counterfeit activity has grown more than 50% from September through November, with a 27% increase over the course of November alone, according to Fortra’s PhishLabs. These threats are impersonating brands on social media and the open web to target consumers with...

Hybrid vishing attacks have increased 500% year-over-year as cybercriminals find success using these techniques to steal sensitive information. Listen as Agari’s John Wilson discusses the latest research from Agari and PhishLabs by Fortra. Click here to listen to the podcast. if(window.strchfSettings === undefined) window.strchfSettings = {};window.strchfSettings.stats = {url: "https://phishlabs...

The broad scope of counterfeit campaigns and unclear boundaries of abuse make it challenging to successfully mitigate online threats targeting retail brands. There is a fine line between infringement and fair use of publicly made materials, as well as immeasurable online environments where counterfeit campaigns may live and grow. Additionally, bad actors are continuously modifying attack...

Retail brands are increasingly targeted with fraudulent advertisements, fake social accounts, and falsely branded websites. These multipronged counterfeit campaigns redirect sales and compromise consumer data using brand recognition, the same component critical to driving sales within the retail industry. The massive expansion of ecommerce and online consumer-to-retail interaction creates a...

In Q2, Response-Based emails targeting corporate users reached the highest volume since 2020, according to the Agari and PhishLabs Quarterly Threat Trends & Intelligence Report. Malicious and potentially damaging emails targeting corporate inboxes have climbed to a three-quarter high, and include Response-Based scams, Credential Theft, and Malware. Every quarter, Agari and PhishLabs analyze...

Courtesy of Expert Insights Billy Smith is the Managing Director at PhishLabs by Fortra. With a wealth of experience in the IT and cybersecurity industry, Smith is an expert in using curated threat intelligence to take down cyberthreats. In his role at PhishLabs, Smith enables organizations to proactively identify and remediate threats across their digital channels, including email, social media,...

Courtesy of Agari by Fortra. What is Email Spoofing? Email spoofing is one of the most common forms of cybercriminal activity, specifically a form of identity deception that’s widely used in phishing and spam attacks. It underpins the mechanism required to conduct hacking activities, and it can take many forms. Unfortunately, most email users will eventually receive an email that has been...

It’s not news that cybercrime is a constant battle—large enterprises and small businesses everywhere are susceptible to a myriad of advanced email threats and socially engineered attacks, such as executive or brand impersonation. According to IC3’s Internet Crime Report, over $44 million in losses in 2021 were a direct result of malicious phishing and advanced email scams. Despite billions having...

The financial services cybersecurity environment is extremely complex, with a dizzying number of often-overlapping regulations, ongoing threats, and understaffed teams trying to manage it all. Despite paying significant attention to security, many organizations continue to be the targets of advanced persistent threats, fraud, sophisticated phishing campaigns, and other bold efforts to access the...

Vishing reports in Q1 2022 increased nearly 550% over Q1 2021, according to Agari and PhishLabs’ Quarterly Threat Trends & Intelligence Report. While these Response-Based attacks have recently displayed stunning numbers, malicious emails as a whole are growing steadily, and represent the top online attack vector targeting corporate users. Malicious emails are delivered primarily in the form of...

Vishing attacks targeting corporate users have more than doubled for the second consecutive quarter, according to PhishLabs’ Quarterly Threat Trends & Intelligence Report. Response-Based attacks such as these are increasingly targeting corporate users and stand alongside email-based Credential Theft and Malware attacks to make up the top attack vector targeting enterprises. Every quarter,...

Ransomware continues to grow as a thriving underground economy with limited risk and little barrier to entry. Ransomware attacks are supported by a robust ecosystem of dark web services, where many of the tasks needed to carry out an attack can be outsourced. These tasks are increasingly available and sold by threat actors who specialize in them. In this post, we take a look at Initial Access...

Phishing volume continues to outpace 2020 by 22%, according to PhishLabs’ Quarterly Threat Trends & Intelligence Report. Every quarter, PhishLabs analyzes hundreds of thousands of phishing and social media attacks targeting enterprises to identify key trends in the threat landscape. In this piece we take a look at phishing volume, industries targeted, and how attacks are being staged. 2021...

Cybercriminals continue to heavily abuse domains to launch phishing attacks. PhishLabs’ analysis of Q1 phishing attacks has found that: 96% used Legacy Generic (gTLD) or Country Code (ccTLD) Top-level Domains Almost 83% abused HTTPS Domain Validated (DV) Certificates were used 94.5% of the time For this analysis, PhishLabs looked at three categories of TLDs: Legacy gTLDs, ccTLDs,...