Embedded Secrets in Webpage DOMs (and How to Use this Data to Protect Your Assets)
The dangerous impact of typosquat domains, and how frequently bad actors are mimicking legitimate brands is not an unknown problem for security leaders. It’s critical for security and IT teams to properly scan and monitor for brand threats that live across the internet, using machine learning technology to identify domains ... Read More
Widespread Brand Impersonation Scam Campaign Targeting Hundreds of the Most Popular Apparel Brands
Bolster’s threat research team recently uncovered a widespread brand impersonation scam campaign targeting 100+ popular clothing, footwear, and apparel brands. Among the notable brands affected by this campaign are Nike, Puma, Adidas, Casio, Crocs, Sketchers, Caterpillar, New Balance, Fila, Vans, and numerous others. This campaign came live around June 2022 ... Read More
Compare the Top 8 Open Source Phishing Threat Intel Feeds
Phishing threats evolve and adapt quickly. Even before one phishing domain is taken down, many more emerge. It can become a game of whac-a-mole for security and IT teams with a lot on their plates. Keeping track of newly emerging phishing threats is necessary to protect users. As more and ... Read More
Web Beacons: How To Effectively Use Them For Phishing Detection
Web Beacons are a proactive measure to safeguard your brand's reputation and detect potential phishing and scam attempts. Learn how to use Web Beacons to take timely action to protect your brand and minimize threat impact ... Read More
Web Beacons: How To Effectively Use Them For Phishing Detection
Phishing attacks are the most common attack vector for hackers targeting brands of all sizes, costing brands across the market an average of $323 billion in damages yearly. With fraudulent emails, malicious links, and fake profiles inundating your employees and customers, it takes a robust cybersecurity detection and takedown strategy ... Read More
How Scammers Use Google Ads to Target Brands & Customers
Did you know, that scammers can weaponize Google Ads to target a brand and its customers? Anyone can buy and run ads on Google Search for any set of keywords. All they need to do is pick and keyword and pay for it to be on top of the results ... Read More
How SSL Monitoring Can Help Safeguard Your Brand’s Identity
SSL certificate monitoring can help detect phishing attacks targeting brands in early stages and help safeguard brand identity and protect users ... Read More
SEO Poisoning Attack Linked to 144,000 Phishing Packages
Threat actors have uploaded 144k malicious packages to NuGet, PyPI, and NPM, containing links to phishing and scam sites as part of a BlackHat SEO campaign to manipulate search engine results and promote scam pages through backlinks from trusted websites ... Read More
Embedded Secrets in Webpage DOMs
Website developers accidently end up embedding API keys to public facing webpage DOMs. We scanned 1.5 million webpage DOMs for embedded API keys ... Read More
IP Range Filtering in Phishing Kits
Threat actors use various techniques to restrict researchers & automated crawlers from discovering their phishing websites. The sooner a phishing website is found and flagged as malicious by scan engines like VirusTotal, and Google Safe Browsing, the less effective that campaign becomes ... Read More
