Resources
Blog

Active Phishing Campaign: Yousign HR Lure

By Meriam Senouci on Thu, 05/23/2024
A new, sophisticated active phishing campaigns focuses on malicious emails that leverage Yousign e-signature services to carry out phishing attacks. Learn more about this tactic through examples, high-level details, and associated threat indicators.
Online Impersonation
fta-identify-and-disrupt-threats-before-attackers-strike-800x454.jpg
On-Demand Webinar

Identify and Disrupt Threats Before Attackers Strike

Join us as Fortra experts detail expanded capabilities, insight, and anti-threat measures to better address blind spots, proactively disrupt threat actors, prevent fraud, and enrich security. Attendees will learn about the newly expanded capabilities, including: Compromised Credentials Monitoring enables users to proactively defend against fraud...
fta-pl-2023-domain-impersonation-report-key-findings
On-Demand Webinar

2023 Domain Impersonation Report - Key Findings

2023 Domain Protection Report – Key Findings The average brand is targeted by 40 look-alike domains per month. Domain impersonation is the foundation for a multitude of online threats. Watch Elyse Neumann, Fortra’s Sr. Director of Client Operations, and Eric George, Fortra’s Director of Solutions Engineering, as they discuss the key findings from...
fta-pl-handling-threats-that-land-in-user-inboxes
Video

On-Demand Webinar: Handling Threats That Land in User Inboxes

The risk of a user receiving a socially engineered attack is higher than ever, and technological solutions often miss the most devastating of them. Though technology is both an important and required component in protecting the enterprise, security teams need to remain vigilant and educated on quickly identifying threats which make it past...
Account Takeover Protection
Executive Protection
Online Impersonation
External Data Leaks
fta-pl-evolving-your-cyber-threat-intel-program-into-action
Video

Digital Risk Protection: Evolving Your Cyber Threat Intel Program Into Action

Now Available On-demand Digital Risk Protection is an emerging technology that is on the rise in Gartner’s latest Hype Cycle for Security Operations. In this webinar, PhishLabs’ Manager of Solutions Engineering, Eric George, will break down Digital Risk Protection, explain how it works, and share recent use cases. You will learn how enterprises use...
External Data Leaks
fta-domain-protection-best-practices-webinar
Video

Domain Protection Best Practices Webinar

Domains are the cornerstone of an organization’s digital presence and IT infrastructure, which means domains are also lucrative to cybercriminals who use domain impersonation to create fake email addresses and websites for personal gain. Organizations cannot afford to keep domain protection out of their overall cybersecurity strategy. Watch Eric...
Online Impersonation
cyber threat defense report thumbnail
Video

Key Insights from the 2023 Cyberthreat Defense Report

Eric George, Director of Solutions Engineering at Fortra, and Steve Piper, CEO of CyberEdge The 2023 Cyberthreat Defense Report provides deep insight into the perspectives of cybersecurity professionals. Join us to learn what your peers are thinking and doing Thursday, May 4, at 11 a.m. ET. Eric George, Director of Solutions Engineering at Fortra, and Steve Piper, CEO of CyberEdge, will present...
Account Takeover Protection
Online Impersonation
fta-pl-emerging-threats-disrupt-counterfeit-activity-targeting-retail-brands
Video

Emerging Threats: Disrupt Counterfeit Activity Targeting Retail Brands

Eric George, Director of Solution Engineering at PhishLabs As retail brands expand their online presence to selling goods and engaging with consumers, threat actors are leveraging the credibility of reputable organizations to profit off of cannibalized sales. Counterfeit storefronts mimic legitimate brands using look-alike domains, copyrighted...
Online Impersonation
The Email Security Gaps in Your Cloud
Blog

The Email Security Gaps in Your Cloud

Thu, 12/14/2023
It’s not news that most enterprises operate in the cloud. Migration to the cloud leads to better collaboration, data storage, and lower costs compared to on-premises resources. Odds are your organization is currently enjoying the conveniences of the cloud. The cloud has reshaped the way organizations operate, but with the migration comes new obstacles in email security, and the cloud has its own...
LastPass Fortra's PhishLabs Partnership: A Focus on Proactive Customer Protection Pays Off in 2023
Blog

LastPass Fortra's PhishLabs Partnership: A Focus on Proactive Customer Protection Pays Off in 2023

Tue, 12/05/2023
As we approach the end of the year, LastPass Labs has reviewed the last 12 months to take account of the threat environment and how it has changed, as well as our accomplishments. Throughout 2023, the Threat Intelligence, Mitigation, and Escalations (TIME) team focused on rapidly expanding our capabilities to protect our customers from phishing sites and/or infostealers. A major part of this...
New Cyber Security Intelligence Article Covers Fortra’s Insights, Actions Against QR Phishing
Blog

New Cyber Security Intelligence Article Covers Fortra’s Insights, Actions Against QR Phishing

By Jessica Ryan on Thu, 10/19/2023
QR phishing is currently considered a high priority risk capable of bypassing existing security controls, according to the latest article from Cyber Security Intelligence. QR Phishing, otherwise known as Quishing, is an extension of phishing attacks that is gaining popularity among threat actors who understand many email systems have difficulty reading the contents of the code. Similar to...
Threat Actor Profile: Strox Phishing-as-a-Service
Blog

Threat Actor Profile: Strox Phishing-as-a-Service

Thu, 10/12/2023
Threat Background & History Beginning in the first half of 2022, Fortra has monitored a significant ongoing upward trend in fraud activity originating from various Phishing-as-a-Service (PhaaS) operations. Some of these services have thrived, while the popularity of others has diminished. One PhaaS operation that has notably been present throughout the past two years is known as Strox (aka Strox...
U.S. News Highlights Fortra’s Tips to Protecting Against 401k Scams
Blog

U.S. News Highlights Fortra’s Tips to Protecting Against 401k Scams

By Jessica Ryan on Thu, 10/05/2023
Is your 401k a target for cybercriminals? According to the latest article from U.S. News, warning signs such as missing contributions and unexplained transactions could indicate your retirement funds are at risk. Check out the article here to learn what signs could indicate that something is amiss, and best practices from Fortra’s security expert Eric George on how to protect your accounts. if...
Visibility: An Essential Component of Industrial Cyber Security
Blog

Visibility: An Essential Component of Industrial Cyber Security

Thu, 09/28/2023
In July 2021, the White House established a voluntary initiative for industrial control systems (ICS) to promote cooperation between the critical infrastructure community and the federal government. The fundamental purpose of the initiative was “to defend the nation’s critical infrastructure community by encouraging and facilitating the deployment of technologies and systems that provide threat...
Cyber Defense Magazine: New PhishLabs Research Details .ZIP Abuse
Blog

Cyber Defense Magazine: New PhishLabs Research Details .ZIP Abuse

By Jessica Ryan on Thu, 09/21/2023
Fortra’s PhishLabs has identified two separate incidents of new Google top-level domain (TLD) .zip used in phishing attacks. The attacks, detailed in the September issue of Cyber Defense Magazine, use .zip to impersonate a social media conglomerate and global technology company. Look-alike domains using common file extensions are increasingly used to enhance the perceived legitimacy of cyber...
QBot Operations Peak Pre-Takedown, O365 Attacks Increase in Q2
Blog

QBot Operations Peak Pre-Takedown, O365 Attacks Increase in Q2

By Jessica Ryan on Fri, 09/01/2023
Cybercriminals doubled down on popular threat types and preferred malicious software in Q2, with O365 phish and QBot malware dominating inboxes by significant margins. QBot operations eclipsed all other malware once again, reaching their highest volume of share just before a multinational takedown Tuesday removed malicious code from more than 700,000 computers. Similarly, but lacking in...
The Top Three Domain Protection Best Practices
Blog

The Top Three Domain Protection Best Practices

Tue, 08/29/2023
Domain Impersonation: When Imitation Is Not the Sincerest Form of Flattery It’s no secret that an organization’s domain is a critical piece of the organization’s identity and business. People rarely need to manually enter a website address in their browser as search engines can give people a list of domains after entering just 2-3 letters. But how many people pay close attention to a domain...
Original Research from Fortra Reveals Pervasiveness, Types of Look-Alike Domains Targeting Brands
Blog

Original Research from Fortra Reveals Pervasiveness, Types of Look-Alike Domains Targeting Brands

By Jessica Ryan on Thu, 08/24/2023
In the ever-evolving landscape of cybercrime, look-alike domains remain a constant component in the vast majority of threats. Look-alike domains or, URLs that resemble those of a legitimate brand, can cause significant damage to brand reputation by way of fraudulent websites, phishing schemes, malware distribution, and more. Original research conducted by Fortra’s PhishLabs analyzes how look...
The Use of Natural Language Processing for Identifying and Mitigating Threats
Blog

The Use of Natural Language Processing for Identifying and Mitigating Threats

Thu, 08/17/2023
As technology advances, the battle between cyber criminals and organizations intensifies. Cyber threats have become more sophisticated, complex, and widespread, posing a significant risk to the security and integrity of sensitive data. In Q1 2023 alone, the number of global cyber attacks increased by 7%, with an average of 1,248 attacks reported per week. In a separate report by The Independent...