Resources

On-Demand Webinar

Quarterly Threat Trends & Intelligence Webinar (May 2022)

Throughout Q1, Agari and PhishLabs detected and mitigated hundreds of thousands of phishing, social media, email, and dark web threats targeting a broad range of enterprises and brands. The Quarterly Threat Trends & Intelligence Report provides an analysis of the latest findings and insights into key trends shaping the threat landscape. Join our Quarterly Threat Trends & Intelligence webinar...
Blog

Qbot Payloads Dominate Q1

Qbot payloads targeting enterprises contributed to almost three quarters of all email-based malware since the beginning of 2022. Although reported malware activity among families continues to fluctuate dramatically from quarter to quarter, QBot reports in Q1 represent the highest volume of a single malware variety over the past 12 months. Phishing lures delivering payloads remain the primary...
Blog

Social Media as a Threat Channel

Social media offers an important outline for people of all ages and walks of life to connect, share life experiences and post pictures of their breakfast. But oversharing - or not being wary of impostors - can lead to serious compromises in personal and professional security. In a press release on the report's findings, Phishlabs “enterprises must broaden their line of defense [in 2022,]...
Blog

Understanding the What, How, and Why of DMARC

Courtesy of Agari by Fortra. You probably already know this, but it bears repeating: Email by itself is NOT secure; anyone can use someone else’s identity to send emails. In fact, email is the #1 way cyberattackers can target your customers and your email ecosystem. No brand is untouchable when it comes to attackers using or spoofing email domains to send spam, phishing attempts, malware, or...
Blog

Average Organization Sees Two-Fold Increase in Social Media Attacks in 2021

Social Media attacks targeting enterprises increased 103% in 2021, according to PhishLabs Quarterly Threat Trends & Intelligence Report. Social Media is rapidly becoming the threat channel of choice for criminals. The rapid expansion of consumer/business relationships through social platforms, coupled with less refined and controllable online security measures, makes social media a prime target...
Blog

Vishing Volume Increases 554% in 2021

Hybrid Vishing attacks have increased 554% in volume, according to PhishLabs’ Quarterly Threat Trends & Intelligence Report. Response-Based attacks such as these, combined with Credential Theft and Malware Delivery, collectively represent the top online attack vector targeting corporate users. Every quarter, PhishLabs analyzes hundreds of thousands of phishing and social media attacks targeting...
Blog

Top Social Media Threats Targeting the Retail Industry

Social media threats targeting enterprises more than doubled last year. Attacks on the retail industry specifically have grown, as threat actors are targeting victims with impersonation and counterfeit ad campaigns. Purchasing behavior is increasingly influenced by social media, making it an attractive vector for these kinds of campaigns. The tendency of social media users to consume information...
On-Demand Webinar

Quarterly Threat Trends & Intelligence Webinar (Feb 2022)

Throughout 2021, PhishLabs detected and mitigated hundreds of thousands of phishing, social media, email, and dark web threats targeting a broad range of enterprises and brands. The PhishLabs Quarterly Threat Trends & Intelligence Report provides an analysis of the latest findings and insights into key trends shaping the threat landscape. Join our Quarterly Threat Trends & Intelligence webinar...
Blog

Social Media Attacks Double in 2021 According to Latest PhishLabs Report

Social Media attacks targeting organizations increased 103% in 2021, according to PhishLabs’ Threat Trends & Intelligence Report. The February 2022 report uses hundreds of thousands of threats analyzed and mitigated by PhishLabs to identify the top phishing and social media attacks targeting enterprises, employees, and their brands, as well as determine emerging trends throughout the threat...
Blog

Social Media Attacks Increase 82%

Attacks targeting enterprises on Social Media have increased 82% since January, according to PhishLabs Quarterly Threat Trends & Intelligence Report. Threat actors are increasingly abusing Social Media to launch attacks, as lack of security vigilance among users and critical brand presence among organizations makes platforms a desirable way to engage in malicious activity and spoof legitimate...
Blog

Despite their Simplicity, New Emotet Attacks Forecast Threatening Future

PhishLabs has recently observed attacks targeting enterprises with Emotet payloads for the first time since January, when coordinated efforts by authorities to disrupt operations led this family of threat actors to halt activity. Emotet’s primary function is providing malicious software initial access to compromised systems. It is one of the most widely distributed and well-connected malware...
Blog

Vishing Hybrid, Response-Based Attacks on the Rise

Vishing attacks targeting corporate users have more than doubled for the second consecutive quarter, according to PhishLabs’ Quarterly Threat Trends & Intelligence Report. Response-Based attacks such as these are increasingly targeting corporate users and stand alongside email-based Credential Theft and Malware attacks to make up the top attack vector targeting enterprises. Every quarter,...
Blog

Initial Access Brokers: Selling Entry into Your Network

Ransomware continues to grow as a thriving underground economy with limited risk and little barrier to entry. Ransomware attacks are supported by a robust ecosystem of dark web services, where many of the tasks needed to carry out an attack can be outsourced. These tasks are increasingly available and sold by threat actors who specialize in them. In this post, we take a look at Initial Access...
Blog

New Quarterly Threat Trends Intelligence Report Available

Vishing attacks have more than doubled for the second consecutive quarter, according to the PhishLabs Quarterly Threat Trends & Intelligence Report. The November 2021 report uses hundreds of thousands of attacks analyzed and mitigated by PhishLabs to identify the top threats targeting brands and determine emerging trends throughout the threat landscape. Key Findings of the Quarterly Threat Trends...
Blog

Multi-Stage Vishing Attacks Skyrocket

Multi-stage vishing attacks have more than doubled since Q2, overtaking BEC attacks as the second most reported response-based threat. These two-pronged attacks differ from conventional vishing by combining malicious emails and phone calls to trick victims into disclosing sensitive information. Emails associated with these campaigns are particularly adept at getting past attack controls because...
Blog

Fake Mobile Apps Leave Users Vulnerable, Damage Brands

Cloned and spoofed mobile applications can damage a brand’s reputation and compromise user data. Fake mobile apps are widely available on both third-party and official app stores and rely heavily on brand impersonation to build trust and drive downloads. Many mobile users lack the security posture normally practiced on desktops, leaving devices vulnerable to compromise. Fake Apps Cloned Mobile...
Blog

Free Tools and Services Fuel Phishing Increase

Phishing volume continues to outpace 2020 by 22%, according to PhishLabs’ Quarterly Threat Trends & Intelligence Report. Every quarter, PhishLabs analyzes hundreds of thousands of phishing and social media attacks targeting enterprises to identify key trends in the threat landscape. In this piece we take a look at phishing volume, industries targeted, and how attacks are being staged. 2021...
Blog

Top 10 TLDs Abused

Domains are some of the most highly abused tools threat actors use to manipulate victims and execute phishing attacks. In the latest PhishLabs Quarterly Threat Trends & Intelligence report, we break down how actors are abusing Legacy Generic (gTLD) and Country Code (ccTLD) Top-level domains, HTTPS, and free security certificates to target enterprises. Top-level Domain Abuse Percent of Phish...
Blog

Social Media Attacks Increase 47%

Social media threats targeting enterprises have increased 47% since January 2021, according to PhishLabs Quarterly Threat Trends & Intelligence Report. While the attack volume varies by industry, today the average organization is being targeted on social media with increasing frequency. Every quarter, PhishLabs analyzes and mitigates hundreds of thousands of phishing and social media attacks...
Blog

3 Strategies to Enhance Brand Threat Intelligence

Brand threats have accounted for 68% of fraud attacks so far this year. Contrary to traditional cyber attacks, which are designed to compromise the infrastructure or circumvent controls, brand threats live outside of the organization’s control and compromise the reputation of your brand. Common types of brand misrepresentation include spoofed emails, social media scams, and fake mobile apps. The...