Business Email Compromise attacks are some of the most costly and vicious forms of phishing. Unlike the standard pray and spray approaches to phishing, they take a great deal of research and personalization to persuade a victim to hand over their credentials or wire them funds. This week we're taking a closer look at how invoice scams work, just one of the many sub-types of BEC or spearphishing...

This week, the Department of Justice for the U.S. Attorney's Office for the Northern District of Georgia announced the final of three sentences to be carried out by cybercriminals that plead guilty to carrying out phishing campaigns involving vishing and SMiShing. I'm proud to say that the apprehension and conviction of these criminals was supported in part by intelligence PhishLabs provided in...

Business email compromise (BEC) attacks are among the most effective forms of phishing in our modern world. Regardless of the technology in place, the social engineering involved easily will bypass it and can trick even trained users. Most Common Types of Business Email Compromise (BEC) attacks: Invoice Scams Account Compromise/Takeover CEO or Executive Fraud Legal Impersonation Data...

Defining phishing is simple, right? Not exactly. With more than 18,400,000 results appearing on Google when trying to find the definition there is a lot for you to choose from. Even Wikipedia has its own version, which may be more accurate, but still misses a few key elements. As a company, PhishLabs has seen the scope of how phishing is changing since first being named, which is why it's time...

If you have ever worked for an organization that uses Microsoft-based systems, there is a high likelihood that your IT or security team has implemented a policy that occasionally forces you to create a new password. Years ago it was every three months, then every two, and so on. This policy was heavily encouraged by Microsoft, but as of May of this year, they have reversed course. According to...

Each year new phishing techniques result in more attacks successfully landing in user inboxes. In most cases, threat actors are no different than anyone else, and follow the hottest trends in an effort to be more relevant. During tax season they may push out tax scams, during elections they may push bogus political-inspired healthcare emails, and there are even Game of Thrones inspired...

In this year's annual Phishing Trends and Intelligence report we identified phishing sites targeting more than 1,200 different brands belonging to 773 parent institutions. Of the top five targeted industries, they accounted for 83.9% of total phishing volume. There are two big takeaways from this finding: financial institutions are back on top, and each industry is still at risk. Through our...

Phishing has and will continue to be a threat to anyone connected to the web. This is a fact set in stone, and regardless of advancements in technology, social engineering will allow these attacks to continue to be successful. Today, we are releasing our latest version of the annual Phishing Trends and Intelligence report. Using data collected from millions of social engineering attacks...

Recently, our Director of Product Management, Cary Hudgins, discussed how to develop a digital risk protection plan for the modern enterprise. One of the many reasons why such a plan should be created is because, in today's world, an enterprise organization's digital footprint can be vast and will continue to grow. Take for example the average employee who receives an average of 90 emails per...

Taking Advantage of Our Tendency to Simplify There's an old joke floating around the Internet that claims NASA, upon discovering that standard ballpoint pens would not work in space, invested millions of dollars and years of R&D. The resulting pen was supposedly capable of writing in zero-G, on any surface, and in temperatures that would surely kill any astronaut. When confronted with the same...

In May of 2018, we reported on three Romanian threat actors who were extradited to the U.S. for their involvement in a SMiShing and Vishing fraud scheme. At the time of reporting, the expected losses were listed around $18 million but have since risen to more than $21 million. Between July 12 and October 31, 2011, PhishLabs' analysts detected a number of telephone phishing (known as vishing)...

It's time to take action against phish! Phishing attacks are no longer few and far between, they are the norm. Regardless of your company's investments in filtering technologies and countermeasures, suspicious and malicious emails make it into employee inboxes. It only takes one to cost your company time, money, and lost reputation. Unfortunately, even with traditional security awareness...

We've previously reported on how, due to the rise in phishing attempts leveraging SSL certificates, the icon in your web browser gives your users a false sense of security. The threat, however, doesn't end with your web browser. Although first observed as early as 2016, PhishLabs analysts have observed a dramatic uptick in the imitation of flags, banners, and other markup used by applications...

You are affected by social engineering tactics every day.Okay, let me explain. From an information security standpoint, Wikipedia says that social engineering is the psychological manipulation of people into performing actions or divulging confidential information[1]. That's true, but social engineering isn't limited to information security; it's something we all experience, every day.In most...

We've recently noticed two significant changes in C2 tactics used by the threat actors behind BankBot Anubis, a mobile banking trojan. First is the use of Chinese characters to encode the C2 strings (in addition to base64 encoding). The second is the use of Telegram Messenger in addition to Twitter for communicating C2 URLs. Previously reported by PhishLabs, the criminals behind BankBot...

It happens on a daily basis, it's even likely that at some point it happened to you: social media account takeovers. A quick Google search shows a new batch of celebrities, politicians, companies, and other high profile users becoming the victim of account takeovers on a weekly basis. It's concerning, it can cause a ruckus, and depending on what happened after the fact it can even cause damage...

Since September 21, PhishLabs analysts have detected a number of phishing sites hosted on emoji domains. So far, all detected sites have a few things in common: They are hosted on the .WS Top Level Domain (TLD) They utilize domains with numerous subdomains (also emojis) They make use of redirects to avoid detection At the time of writing, PhishLabs analysts are investigating active...