Resources

Blog

COVID-19 Phishing Update: Threat Actors on Twitter Want You to Pay for Your Stolen Passwords

Cyber criminals are using COVID-19 to manipulate users on Twitter and steal funds through payment applications. Our latest example demonstrates how victims are being targeted with fake credential dumps. We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This post and others are meant to help the security community stay up-to-date on how threat...
Blog

COVID-19 Phishing Update: BEC Lures use Pandemic to Enhance Attacks

Threat actors are using the novel coronavirus to add credibility in recent Business Email Compromise (BEC) attacks. Below are three examples of how they are doing it. We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This post and others are meant to help the security community stay up-to-date on how threat actors are exploiting the pandemic. ...
Blog

COVID-19 Phishing Update: Money Mule Scams Use Remote Opportunities to Entice Victims

As job losses grow due to the coronavirus pandemic, cybercriminals are taking advantage of the situation to recruit individuals into money mule scams. Below are two examples that reference work-from-home opportunities. We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This post and others are meant to help the security community stay up-to-date...
Blog

COVID-19 Phishing Update: Scammers Impersonating Financial Institutions on Instagram

Threat actors are using the novel coronavirus to impersonate accounts on social media. The example below targets members of a credit union. We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This post and others are meant to help the security community stay up-to-date on how threat actors are exploiting the pandemic. The threat actor...
On-Demand Webinar

Domains and the Open Web: Defending Against Ever-Evolving Threats Webinar

Big or small, enterprise or startup, in today’s world nearly every business across the globe has some form of digital presence. In most cases this is a website, in others, this may include social media or apps. This is due in part to the ease in establishing these properties, which makes it more accessible than ever before. However, as easy as it is to establish a brand online, so too is it for a...
On-Demand Webinar

Benchmarking from the World's Largest Phishing Exercise

Theo Zafirakos, CISO, Terranova by Fortra More than a million corporate users worldwide take part in the Gone Phishing Tournament, hosted by Terranova Security and Microsoft. In this PhishLabs webinar, we’ve invited Theo Zafirakos, CISO of fellow Fortra solution Terranova, to share the latest trends and benchmarking data from the global tournament. Attend the webinar to learn: Average click...
Blog

COVID-19 Phishing Update: Money-Flipping Schemes Promise Coronavirus Cash

Threat actors are using social media to engage in money-flipping scams abusing the novel coronavirus. The two examples below demonstrate how they are doing it. We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This post and others are meant to help the security community stay up-to-date on how threat actors are exploiting the pandemic. The...
Blog

COVID-19 Phishing Update: Threat Actors Abusing Utility Concerns

In response to the financial difficulties resulting from COVID-19, many utilities have announced policy changes to suspend disconnects and provide relief to customers. As a result, many people are uncertain about what will happen should they be unable to pay their utility bills during the pandemic. As our latest example shows, this uncertainty is being exploited by threat actors. We are...
Blog

COVID-19 Phishing Update: Bad Actors Use Stimulus Payment Delays to Capture Banking Credentials

With many U.S. citizens still waiting to receive their government-mandated stimulus, we are again seeing cyber criminals shift their tactics in accordance with the news cycle. Below is one example of a lure abusing access to an undeliverable stimulus payment. We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This post and others are meant to...
Blog

COVID-19 Phishing Update: Voicemail Attacks Surface Targeting Office 365 Users

Cyber criminals are using coronavirus-themed voicemail notifications in the latest efforts to act on pandemic fears and steal credentials. The example below shows how they are doing it. We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This post and others are meant to help the security community stay up-to-date on how threat actors are...
Blog

COVID-19 Phishing Update: Workplace Concerns Exploited to Distribute Malware

In recent efforts to deliver attacks that abuse the novel coronavirus, threat actors are exploiting workplace concerns about outbreak prevention and shipment delays. Below are two examples sent with the intent of delivering malware. We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This post and others are meant to help the security community stay...
Blog

COVID-19: New Daily Intel Download and Webinar Next Week

In the past month, we have identified and documented the methods in which threat actors have exploited the novel coronavirus (COVID-19). As fear and uncertainty around the global pandemic continue to grow, threat actors are working in tandem to develop relevant malicious lures and cyber threats. In our continued effort to provide the most relevant cyber threat intelligence, today we are...
Blog

COVID-19 Phishing Update: Promise of Payments Fuel Financial Fraud

Cyber criminals are using the stimulus bill and relief payments to exploit growing concerns about financial security. The examples below are impersonating financial institutions. This post and others are meant to help the security community stay up-to-date on how threat actors are exploiting the pandemic. The first example spoofs the sender's address to target a medical center. The actual...
Blog

COVID-19 Phishing Update: Nigerian Prince Lures Evolve with Crisis

Threat actors are repurposing Nigerian Prince or 419 lures with novel coronavirus messaging to capitalize on the current pandemic. Today's examples demonstrate how they are doing it. We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This post and others are meant to help the security community stay up-to-date on how threat actors are exploiting the...
Blog

COVID-19 Phishing Update: Infected Coworker Email Targets Enterprise O365 Credentials

Threat actors are exploiting employee concerns about infected colleagues. Our latest example targets Office 365 accounts at a large Canadian company by falsely claiming a colleague has died from the virus. We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This post and others are meant to help the security community stay up-to-date on how threat...
Blog

COVID-19 Phishing Update: Email Posing as Scam Guidance Delivers Malware Instead

The novel coronavirus is giving opportunistic threat actors new means of deploying malicious lures on unsuspecting targets. Today's example shows the attacker leveraging the pandemic by offering guidance on how to avoid coronavirus scams. Unfortunately, it's also a scam. We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This post and others are...
Blog

COVID-19 Phishing Update: Your Bank is Not Texting You About Coronavirus

Threat actors continue using COVID-19 fears to exploit individuals on a variety of channels. Today we are taking a look at two new, related SMS lures. We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This post and others are meant to help the security community stay up-to-date on how threat actors are exploiting the pandemic. The first...
Blog

COVID-19 Phishing Update: Threat Actors Impersonating CDC, WHO

As COVID-19 continues to spread, we are seeing an increase in threat actors impersonating public health organizations and luring victims in with fake links to government agencies. The four examples below impersonate the Center for Disease Control and Prevention (CDC) and the World Health Organization (WHO) using lures we have recently observed. We are providing ongoing updates on coronavirus...
Blog

COVID-19 Phishing Update: Campaigns Exploiting Hope for a Cure

We continue to see a wide range of lures exploiting coronavirus fears. In this post, we take a look at three recently observed lure samples that use the possibility of a cure to entice victims. We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This post and others are meant to help the security community stay up-to-date on how threat actors are...
Blog

COVID-19 Phishing Update: Insurance Coverage Lures

As COVID-19 cases have further spread over the past few weeks, our team has come across new lures that target an individual's fear of coronavirus as it relates to their health insurance coverage. Both examples lead to malicious sites that attempt to steal Microsoft Office 365 login credentials. We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This...