Resources

fta-identify-and-disrupt-threats-before-attackers-strike-800x454.jpg
On-Demand Webinar

Identify and Disrupt Threats Before Attackers Strike

Join us as Fortra experts detail expanded capabilities, insight, and anti-threat measures to better address blind spots, proactively disrupt threat actors, prevent fraud, and enrich security. Attendees will learn about the newly expanded capabilities, including: Compromised Credentials Monitoring enables users to proactively defend against fraud...
fta-pl-social-platform-impersonations-types-consequences-defenses-800x454.jpg
On-Demand Webinar

Social Platform Impersonations: Types, Consequences, and Defenses

Social media is bigger than ever and threats are getting more sophisticated, but gone are the days when people could simply request to have an impersonation removed. Learn how to sift through the social media threat noise and get effective mitigation of social media threats including impersonations.
fta-pl-2023-domain-impersonation-report-key-findings
On-Demand Webinar

2023 Domain Impersonation Report - Key Findings

2023 Domain Protection Report – Key Findings The average brand is targeted by 40 look-alike domains per month. Domain impersonation is the foundation for a multitude of online threats. Watch Elyse Neumann, Fortra’s Sr. Director of Client Operations, and Eric George, Fortra’s Director of Solutions Engineering, as they discuss the key findings from...
Executive Attacks on Social Media Hit All-Time High as Analysts Point to AI
Blog

Executive Attacks on Social Media Hit All-Time High as Analysts Point to AI

By Jessica Ryan on Tue, 01/16/2024
Executive impersonation on social media is at an all-time high as threat actors take advantage of AI to improve and scale their attacks. In Q3, accounts pretending to belong to high-ranking executives on social media climbed to more than 54% of total impersonation volume, surpassing brand attacks for the first time since Fortra began tracking this data. The volume and composition of these attacks...
LastPass Fortra's PhishLabs Partnership: A Focus on Proactive Customer Protection Pays Off in 2023
Blog

LastPass Fortra's PhishLabs Partnership: A Focus on Proactive Customer Protection Pays Off in 2023

Tue, 12/05/2023
As we approach the end of the year, LastPass Labs has reviewed the last 12 months to take account of the threat environment and how it has changed, as well as our accomplishments. Throughout 2023, the Threat Intelligence, Mitigation, and Escalations (TIME) team focused on rapidly expanding our capabilities to protect our customers from phishing sites and/or infostealers. A major part of this...
U.S. News Highlights Fortra’s Tips to Protecting Against 401k Scams
Blog

U.S. News Highlights Fortra’s Tips to Protecting Against 401k Scams

By Jessica Ryan on Thu, 10/05/2023
Is your 401k a target for cybercriminals? According to the latest article from U.S. News, warning signs such as missing contributions and unexplained transactions could indicate your retirement funds are at risk. Check out the article here to learn what signs could indicate that something is amiss, and best practices from Fortra’s security expert Eric George on how to protect your accounts. if...
Visibility: An Essential Component of Industrial Cyber Security
Blog

Visibility: An Essential Component of Industrial Cyber Security

Thu, 09/28/2023
In July 2021, the White House established a voluntary initiative for industrial control systems (ICS) to promote cooperation between the critical infrastructure community and the federal government. The fundamental purpose of the initiative was “to defend the nation’s critical infrastructure community by encouraging and facilitating the deployment of technologies and systems that provide threat...
Social Media Attacks Targeting Banks See Greatest Increase Since 2021
Blog

Social Media Attacks Targeting Banks See Greatest Increase Since 2021

By Jessica Ryan on Thu, 09/07/2023
Banks were targeted on social media more in Q2, after the largest spike in activity since 2021, according to Fortra’s PhishLabs. While cybercriminal focus on financial institutions remains high, the average number of social media attacks per business, per month in 2023 is trending lower than in 2022. In Q2 specifically, businesses experienced nearly 18 fewer attacks on social channels on average...
QBot Operations Peak Pre-Takedown, O365 Attacks Increase in Q2
Blog

QBot Operations Peak Pre-Takedown, O365 Attacks Increase in Q2

By Jessica Ryan on Fri, 09/01/2023
Cybercriminals doubled down on popular threat types and preferred malicious software in Q2, with O365 phish and QBot malware dominating inboxes by significant margins. QBot operations eclipsed all other malware once again, reaching their highest volume of share just before a multinational takedown Tuesday removed malicious code from more than 700,000 computers. Similarly, but lacking in...
The Top Three Domain Protection Best Practices
Blog

The Top Three Domain Protection Best Practices

Tue, 08/29/2023
Domain Impersonation: When Imitation Is Not the Sincerest Form of Flattery It’s no secret that an organization’s domain is a critical piece of the organization’s identity and business. People rarely need to manually enter a website address in their browser as search engines can give people a list of domains after entering just 2-3 letters. But how many people pay close attention to a domain...
Original Research from Fortra Reveals Pervasiveness, Types of Look-Alike Domains Targeting Brands
Blog

Original Research from Fortra Reveals Pervasiveness, Types of Look-Alike Domains Targeting Brands

By Jessica Ryan on Thu, 08/24/2023
In the ever-evolving landscape of cybercrime, look-alike domains remain a constant component in the vast majority of threats. Look-alike domains or, URLs that resemble those of a legitimate brand, can cause significant damage to brand reputation by way of fraudulent websites, phishing schemes, malware distribution, and more. Original research conducted by Fortra’s PhishLabs analyzes how look...
The Use of Natural Language Processing for Identifying and Mitigating Threats
Blog

The Use of Natural Language Processing for Identifying and Mitigating Threats

Thu, 08/17/2023
As technology advances, the battle between cyber criminals and organizations intensifies. Cyber threats have become more sophisticated, complex, and widespread, posing a significant risk to the security and integrity of sensitive data. In Q1 2023 alone, the number of global cyber attacks increased by 7%, with an average of 1,248 attacks reported per week. In a separate report by The Independent...
Q2 Payload Report
Blog

Q2 Payload Report

By Jessica Ryan on Thu, 07/27/2023
QBot dominated as the top payload in Q2 with more than 95% of reported volume, according to Fortra’s PhishLabs. This is the third consecutive quarter QBot has led all other malware varieties by a significant majority. QBot was also consistently reported as a top payload in 2022, falling second only to Emotet and Redline Stealer before its current streak. Email payloads remain the primary delivery...
On-Demand Webinar

Social Media Intelligence: Real World Threats, Real World Impact

Each day, 3.5 billion people use some form of social media. This is close to half of the global population. Because of the wide spread use and adoption of these various platforms, threat actors are increasing the abuse of both the brands and their accounts faster than any other digital medium. Moreover, most platforms lack the necessary security controls to protect their users. This creates a...
Common Social Media Scams and How to Avoid Them
Blog

Common Social Media Scams and How to Avoid Them

Thu, 07/13/2023
While there are an estimated 30,000 daily cyber attacks on business websites, there are roughly ten times as many attacks against social media accounts every single day, equating to roughly 1.4 billion accounts every month. Social media attacks and scams have become pervasive problems, with threat actors finding innovative new ways to deceive users and steal their information. While social media...
DMARC Quarantine vs. DMARC Reject: Which Should You Implement?
Blog

DMARC Quarantine vs. DMARC Reject: Which Should You Implement?

By Monica Delyani on Wed, 07/05/2023
You did it! You can now take a quiz and accurately answer "What Is DMARC?"! Next you've generated your DMARC record, implemented your policy, and authenticated your email domains. DMARC is no easy feat in itself and now, after DNS requests, third-party conference calls and writing internal policies, you are ready...to enforce a stricter DMARC policy! If your DMARC policy has been set to p=none...
Understanding how Polymorphic and Metamorphic malware evades detection to infect systems
Blog

Understanding how Polymorphic and Metamorphic malware evades detection to infect systems

Thu, 06/29/2023
Polymorphic and metamorphic malware constantly changes itself in order to avoid detection and persistently remain on the system. This adaptive behavior is the main distinctive attribute of these types of malware, which is also why they are harder to detect; it is also why they pose a great threat to systems. On the surface, the functionality of this sort of changing and mutating malware appears...
99% of User-Related Threats Are Email Impersonation Attempts
Blog

99% of User-Related Threats Are Email Impersonation Attempts

Thu, 06/22/2023
Threats in corporate inboxes hit new highs with a quarter of all reported emails classified as malicious or untrustworthy. 99% of these threats were email impersonation threats, such as BEC and credential theft lures, that lack attachments or URLs delivering malware payloads. Cybercriminals continue to bypass traditional email security tools and reach end users by impersonating individuals,...
Social Media Attacks Targeting Banks and Retail Climb in Q1
Blog

Social Media Attacks Targeting Banks and Retail Climb in Q1

By Jessica Ryan on Thu, 06/08/2023
Social media attacks targeting businesses have jumped 12.2% in Q1 from the previous quarter, according to Fortra’s PhishLabs. Attacks on social channels are also trending higher than Q1 2022, with the average business experiencing more than 81 attacks per month. External platforms, such as social media, are widely used by cybercriminals to engage in fraud and distribute misinformation. Threatening...
Free Domain Abuse Plummets in Q1 as Staging Methods Shift
Blog

Free Domain Abuse Plummets in Q1 as Staging Methods Shift

By Jessica Ryan on Thu, 05/25/2023
Free domain registrations used to stage phishing sites have experienced a significant drop in activity, contributing to just under 2% of phishing abuse in Q1. Free domain registrations and other no-cost means of staging phishing infrastructures are historically a favorite of threat actors. While no-cost methods as a whole did make up the majority of abuse in Q1, the decline in free domains can be...