Resources
Blog

Active Phishing Campaign: Yousign HR Lure

By Meriam Senouci on Thu, 05/23/2024
A new, sophisticated active phishing campaigns focuses on malicious emails that leverage Yousign e-signature services to carry out phishing attacks. Learn more about this tactic through examples, high-level details, and associated threat indicators.
Online Impersonation
fta-identify-and-disrupt-threats-before-attackers-strike-800x454.jpg
On-Demand Webinar

Identify and Disrupt Threats Before Attackers Strike

Join us as Fortra experts detail expanded capabilities, insight, and anti-threat measures to better address blind spots, proactively disrupt threat actors, prevent fraud, and enrich security. Attendees will learn about the newly expanded capabilities, including: Compromised Credentials Monitoring enables users to proactively defend against fraud...
fta-pl-social-platform-impersonations-types-consequences-defenses-800x454.jpg
On-Demand Webinar

Social Platform Impersonations: Types, Consequences, and Defenses

Social media is bigger than ever and threats are getting more sophisticated, but gone are the days when people could simply request to have an impersonation removed. Learn how to sift through the social media threat noise and get effective mitigation of social media threats including impersonations.
fta-pl-2023-domain-impersonation-report-key-findings
On-Demand Webinar

2023 Domain Impersonation Report - Key Findings

2023 Domain Protection Report – Key Findings The average brand is targeted by 40 look-alike domains per month. Domain impersonation is the foundation for a multitude of online threats. Watch Elyse Neumann, Fortra’s Sr. Director of Client Operations, and Eric George, Fortra’s Director of Solutions Engineering, as they discuss the key findings from...
Executive Attacks on Social Media Hit All-Time High as Analysts Point to AI
Blog

Executive Attacks on Social Media Hit All-Time High as Analysts Point to AI

By Jessica Ryan on Tue, 01/16/2024
Executive impersonation on social media is at an all-time high as threat actors take advantage of AI to improve and scale their attacks. In Q3, accounts pretending to belong to high-ranking executives on social media climbed to more than 54% of total impersonation volume, surpassing brand attacks for the first time since Fortra began tracking this data. The volume and composition of these attacks...
2023 domain impersonation thumbnail
Guide

Domain Impersonation Report

Current Domain Threats, Trends, and Techniques Domain impersonation is the foundation for a multitude of online threats. Because a domain is dynamic, identifying when and how it will be used for malicious purposes can be challenging for security teams, and requires constant monitoring for behavior that will validate removal. In this Domain Impersonation Report, we review look-alike domain...
fta-pl-handling-threats-that-land-in-user-inboxes
Video

On-Demand Webinar: Handling Threats That Land in User Inboxes

The risk of a user receiving a socially engineered attack is higher than ever, and technological solutions often miss the most devastating of them. Though technology is both an important and required component in protecting the enterprise, security teams need to remain vigilant and educated on quickly identifying threats which make it past...
Account Takeover Protection
Executive Protection
Online Impersonation
External Data Leaks
fta-pl-evolving-your-cyber-threat-intel-program-into-action
Video

Digital Risk Protection: Evolving Your Cyber Threat Intel Program Into Action

Now Available On-demand Digital Risk Protection is an emerging technology that is on the rise in Gartner’s latest Hype Cycle for Security Operations. In this webinar, PhishLabs’ Manager of Solutions Engineering, Eric George, will break down Digital Risk Protection, explain how it works, and share recent use cases. You will learn how enterprises use...
External Data Leaks
fta-domain-protection-best-practices-webinar
Video

Domain Protection Best Practices Webinar

Domains are the cornerstone of an organization’s digital presence and IT infrastructure, which means domains are also lucrative to cybercriminals who use domain impersonation to create fake email addresses and websites for personal gain. Organizations cannot afford to keep domain protection out of their overall cybersecurity strategy. Watch Eric...
Online Impersonation
cyber threat defense report thumbnail
Video

Key Insights from the 2023 Cyberthreat Defense Report

Eric George, Director of Solutions Engineering at Fortra, and Steve Piper, CEO of CyberEdge The 2023 Cyberthreat Defense Report provides deep insight into the perspectives of cybersecurity professionals. Join us to learn what your peers are thinking and doing Thursday, May 4, at 11 a.m. ET. Eric George, Director of Solutions Engineering at Fortra, and Steve Piper, CEO of CyberEdge, will present...
Account Takeover Protection
Online Impersonation
fta-pl-emerging-threats-disrupt-counterfeit-activity-targeting-retail-brands
Video

Emerging Threats: Disrupt Counterfeit Activity Targeting Retail Brands

Eric George, Director of Solution Engineering at PhishLabs As retail brands expand their online presence to selling goods and engaging with consumers, threat actors are leveraging the credibility of reputable organizations to profit off of cannibalized sales. Counterfeit storefronts mimic legitimate brands using look-alike domains, copyrighted...
Online Impersonation
Top Brand Threats and Defense Tactics
Guide

Brand Threats Masterclass

In 2024, organizations face growing brand protection challenges with online impersonation attacks targeting their assets through non-traditional means. These attacks are spanning channels not typically protected by corporate controls and leveraging AI to generate lures, making detection increasingly broad and mitigation nuanced. To better understand the top brand risks, Fortra held a roundtable...
Account Takeover Protection
External Data Leaks
domain impersonation report thumbnail
Guide

Domain Impersonation Whitepaper

Preventing Domain Impersonation: How to Stop Look-Alike Domains and Spoofing In the first half of 2023, cybercriminals targeted company brands using an average of 40 look-alike domains per month. Domain impersonation threats trick users into giving away sensitive information by convincing them an email is from a trusted source or a website is authentic. It’s crucial that companies take...
Guide

How to Defend Against Look-alike Domain Threats: A Digital Risk Protection Playbook

Look-alike domains are one of the most versatile tools a threat actor can use to attack an organization. They lay the foundation for a wide range of cyberthreats, including reputation abuse, phishing sites, and email scams. This playbook breaks down: The domain lifecycle and how domains are abused Threats criminals use to deceive and defraud their targets How look-alike domain attacks are...
The Email Security Gaps in Your Cloud
Blog

The Email Security Gaps in Your Cloud

Thu, 12/14/2023
It’s not news that most enterprises operate in the cloud. Migration to the cloud leads to better collaboration, data storage, and lower costs compared to on-premises resources. Odds are your organization is currently enjoying the conveniences of the cloud. The cloud has reshaped the way organizations operate, but with the migration comes new obstacles in email security, and the cloud has its own...
LastPass Fortra's PhishLabs Partnership: A Focus on Proactive Customer Protection Pays Off in 2023
Blog

LastPass Fortra's PhishLabs Partnership: A Focus on Proactive Customer Protection Pays Off in 2023

Tue, 12/05/2023
As we approach the end of the year, LastPass Labs has reviewed the last 12 months to take account of the threat environment and how it has changed, as well as our accomplishments. Throughout 2023, the Threat Intelligence, Mitigation, and Escalations (TIME) team focused on rapidly expanding our capabilities to protect our customers from phishing sites and/or infostealers. A major part of this...
Press Release

IT Security Wire: Cybersecurity in 2023: Top Three Predictions

In this IT Security Wire article, cybersecurity experts Eric George and Tom Gorup, Vice President of Security Operations at Fortra’s Alert Logic, share their 2023 cybersecurity predictions. Originally published in IT Security Wire “PaaS (phishing-as-a-service) platforms simplify the creation and execution of credential theft phishing attacks which target the customers or employees of enterprise...
New Cyber Security Intelligence Article Covers Fortra’s Insights, Actions Against QR Phishing
Blog

New Cyber Security Intelligence Article Covers Fortra’s Insights, Actions Against QR Phishing

By Jessica Ryan on Thu, 10/19/2023
QR phishing is currently considered a high priority risk capable of bypassing existing security controls, according to the latest article from Cyber Security Intelligence. QR Phishing, otherwise known as Quishing, is an extension of phishing attacks that is gaining popularity among threat actors who understand many email systems have difficulty reading the contents of the code. Similar to...
Threat Actor Profile: Strox Phishing-as-a-Service
Blog

Threat Actor Profile: Strox Phishing-as-a-Service

Thu, 10/12/2023
Threat Background & History Beginning in the first half of 2022, Fortra has monitored a significant ongoing upward trend in fraud activity originating from various Phishing-as-a-Service (PhaaS) operations. Some of these services have thrived, while the popularity of others has diminished. One PhaaS operation that has notably been present throughout the past two years is known as Strox (aka Strox...