Resources

On-Demand Webinar

2024 Brand Threats and Fraud Webinar

In the first half of 2024, Fortra detected and mitigated millions of external threats targeting a broad range of enterprises and their brands. In this webinar, Fortra experts will review the newly-released 2024 Brand Threats and Fraud Report, provide insight into the latest trends shaping the threat landscape, and discuss mitigation tactics.
Blog

Active Phishing Campaign: Twilio SendGrid Abuse

Active Phishing Campaigns are coordinated attacks that Fortra has observed bypassing email security gateways and filtering tools. The following analysis includes examples, high-level details, and associated threat indicators. Sample Email Lure Sample 1: Vishing Example Sample 2: Office365 Phishing Example...
Blog

UDRP Domain Takeovers vs. Domain Takedowns

What’s the difference between UDRP Domain Takeovers and Domain Takedowns?In the world of domain ownership, the need for disputes and enforcement can occur. But how should they be handled? What’s the difference between Uniform Domain-Name Dispute-Resolution Policy (UDRP) domain takeovers and a domain takedown? Let’s take a closer look at the processes.What Is a UDRP Domain Takeover? Established by...
Blog

Active Phishing Campaign: QR Code Attachment O365 Attack

Active Phishing Campaigns are coordinated attacks that Fortra has observed bypassing email security gateways and filtering tools. The following analysis includes examples, high-level details, and associated threat indicators. Sample Email Lure Sender...
Guide

2024 Brand Threats and Fraud Report

To bolster your organization’s cybersecurity, you need to assess the threat actors’ capabilities and tactics. Fortra analyzed hundreds of thousands of domain, social media, counterfeit, and dark web cyberattacks targeting organizations including one that saw an 80% YoY increase!In this Brand Threats and Fraud Report, Fortra experts detail key threat...
Blog

Active Phishing Campaign: Form Assembly Abuse

Active Phishing Campaigns are coordinated attacks that Fortra has observed bypassing email security gateways and filtering tools. The following analysis includes examples, high-level details, and associated threat indicators. To protect the privacy of Fortra’s clients, the brand targeted in this attack has been anonymized and is generically referred to as “Brand” whenever their name appears in the...
On-Demand Webinar

Proaktive Cyberabwehr - Digitale Risiken minimieren mit PhishLabs

Erfahren Sie, wie Sie die Lösungen von PhishLabs nutzen können, um Ihre Cyberabwehr proaktiv zu gestalten und digitale Risiken effektiv zu minimieren.Dieses Video beinhaltet:- Wie Sie Bedrohungen frühzeitig erkennen und abwehren können.- Welche Strategien zur Risikominimierung am effektivsten sind.- Wie PhishLabs Ihnen helfen kann, Ihre Sicherheitsinfrastruktur zu stärken...
Blog

What Are External Security Threats in Cybersecurity?

According to Cybersecurity Ventures, cybercrime would be the world’s third-largest economy (after the U.S. and China) if measured as a country as its damages may total $9.5 trillion globally in 2024. While this may be a surprising stat, it should reiterate the importance of your cybersecurity plan and solutions. External threats play a large part in digital threat landscape, and like the name...
Blog

What Is Tactical Threat Intelligence?

Of the three forms of threat intelligence (strategic, operational, and tactical), tactical threat intelligence is the most directly actionable. Tactical threat intelligence also enables defenders to engage in threat hunting or root cause analysis activities when examining historical (attempted) intrusions. This is useful in detecting breaches that may have occurred, understanding the cause of a previous breach, and understanding whether a particular adversary or TTP is being attempted against your organization.
Blog

Cyberattack Anatomy: Banking Smish

Cyberattack anatomies are a detailed outline of various attack methodologies, techniques, and tactics. This blog post will outline the anatomy of a recent smishing campaign identified by Fortra’s threat researchers. The Smishing Attack The smishing text contains a banking alert about a transaction being put on hold and urges the reader to visit the...
Blog

Active Phishing Campaign: Tax Extension Help Lure

Active Phishing Campaigns are coordinated attacks that Fortra has observed bypassing email security gateways and filtering tools. The following analysis includes examples, high-level details, and associated threat indicators. Sample Email Lure Sender VerificationSender’s Email: ogawa@kidscorp[.]jp Sender’s Name: Beth KolcunReply-To Address: beth...
Blog

Active Phishing Campaign: Yousign HR Lure

A new, sophisticated active phishing campaigns focuses on malicious emails that leverage Yousign e-signature services to carry out phishing attacks. Learn more about this tactic through examples, high-level details, and associated threat indicators.
Datasheet

Intelligence Assessments

Fortra’s PhishLabs Intelligence Assessments provide a better understanding of the threat landscape, threat actor behavior, and the types of threats targeting organizations. Learn how Intelligence Assessments leverage a combination of threat intelligence feeds, advanced analytics, and expert analysis to help organizations enhance their cybersecurity posture.
On-Demand Webinar

Identify and Disrupt Threats Before Attackers Strike

Join us as Fortra experts detail expanded capabilities, insight, and anti-threat measures to better address blind spots, proactively disrupt threat actors, prevent fraud, and enrich security. Attendees will learn about the newly expanded capabilities, including: Compromised Credentials Monitoring enables users to proactively defend against fraud...
On-Demand Webinar

Social Platform Impersonations: Types, Consequences, and Defenses

Social media is bigger than ever and threats are getting more sophisticated, but gone are the days when people could simply request to have an impersonation removed. Learn how to sift through the social media threat noise and get effective mitigation of social media threats including impersonations.
Blog

Abusing Data to Avoid Detection: Cybercriminal Adoption of Browser Fingerprinting

Browser fingerprinting is one of many tactics phishing site authors use to evade security checks and lengthen the lifespan of malicious campaigns. While browser fingerprinting has been used by legitimate organizations to uniquely identify web browsers for nearly 15 years, it is now commonly exploited by cybercriminals. Today, it is considered widely used for phishing purposes.