Abuse of HTTPS on Nearly Three-Fourths of all Phishing Sites

Abuse of HTTPS on Nearly Three-Fourths of all Phishing Sites

| | APWG, HTTPS
Since 2015, PhishLabs has and continues to track how threat actors abuse HTTPS or SSL certs. In particular, threat actors often use HTTPS on their phishing sites to add a layer of legitimacy, better mimic the target site in question, and reduce being flagged or blocked from some browsers ... Read More
Reporting Cyber Threats: Executives at Risk

Reporting Cyber Threats: Executives at Risk

Across the cybersecurity industry, white papers and reports typically highlight high-level trends related to cyber threats. However, what is often overlooked is a more granular analysis that focuses on individuals within an organization. More specifically, the high-value targets that threat actors focus much of their attention on ... Read More
COVID-19: New Daily Intel Download and Webinar Next Week

COVID-19: New Daily Intel Download and Webinar Next Week

| | COVID-19
In the past month, we have identified and documented the methods in which threat actors have exploited the novel coronavirus (COVID-19). As fear and uncertainty around the global pandemic continue to grow, threat actors are working in tandem to develop relevant malicious lures and cyber threats ... Read More
Social Media Phishing: Beyond Credential Theft

Social Media Phishing: Beyond Credential Theft

|
In the past few weeks, our team highlighted how social media is abused by threat actors seeking to steal credentials and to administer phishing attacks. While these are both two of the most prominent cybersecurity threats distributed through social media, there are some other tactics in play, too ... Read More
Beyond Marketing: Getting Ahead of Brand Issues

Beyond Marketing: Getting Ahead of Brand Issues

|
Today’s marketing organization uses countless SaaS-based tools and platforms that live outside of an organization’s network. As their digital footprint grows, so does their potential for digital risks targeting their enterprise, brands, and customers. Even if they don’t join the latest social media platform, in most cases there are not ... Read More
How to Handle Brand Impersonation on Social Media

How to Handle Brand Impersonation on Social Media

| | social media
Social media is undoubtedly a huge asset to modern organizations. It helps them spread their message, promote their products and services, and communicate directly with customers, and users ... Read More
Marketing Teams Are Not Equipped to Monitor Social Media Threats

Marketing Teams Are Not Equipped to Monitor Social Media Threats

Every second, 5,787 tweets are published. Every minute, 300 hours of video are uploaded to YouTube. These are just two of the more popular social networks, and among these data points are the occasional references to a specific organization, its brands, and even customers or employees ... Read More
APWG: Two-Thirds of all Phishing Sites Used SSL protection in Q3

APWG: Two-Thirds of all Phishing Sites Used SSL protection in Q3

| | APWG, HTTPS
This week, APWG released its findings from Q3 that compiles insights from their member companies and provides an analysis of how phishing is changing. The key findings from the latest report show that phishing attacks continued to rise throughout the year, 40% of BEC attacks involve domains registered by the ... Read More
Social Media Account Takeover is as Vicious as a BEC Attack

Social Media Account Takeover is as Vicious as a BEC Attack

|
At the height of social media adoption, users willingly shared everything from the lunch they just ate to the exact places they visited throughout the day. While some of this has been reduced as consumers learned how sharing private information could impact their privacy, many people still hide these kinds ... Read More
APWG: Phishing Continues to Rise, Threat Actors Love Gift Cards

APWG: Phishing Continues to Rise, Threat Actors Love Gift Cards

| | APWG, bec, HTTPS, Phishing
This week APWG released its findings from Q2 of this year that compiles insights from their member companies and provides an analysis of how phishing is changing. This quarter's report shows that phishing attacks continue to increase, both SaaS and email service providers are prime targets, BEC attacks are focused ... Read More