Collaborate Disseminate
By Lucas Ashbaugh “There is an explosive device (tronitrotoluene) in the building where your business is conducted […] there will be many victims if it explodes” Recap Late last week, multiple customers notified CofenseTM of bomb-threat phishing emails… Continue reading Threats of Terror Pervade Recent Extortion Phishing Campaigns
By: Lucas Ashbaugh, Nick Guarino, Max Gannon Out of nowhere, someone responds to an email conversation that wrapped up months ago. It’s a real conversation that actually happened. Maybe it’s about a meeting, a job opportunity, or a reply to that proble… Continue reading Re: The Zombie Phish
Email is the most common attack vector in today’s threat landscape. Not only does email deliver over 92% of malware1, but by the end of 2017 the average user received 16 malicious emails per month.2 Cyber-criminals and APT actors abuse email to deliver… Continue reading Email Security Gateway (to Your Next Breach)
By Jerome Doaty and Garrett Primm The Cofense™ Phishing Defense Center (PDC) has recently defended against a resurgence of Astaroth, with dozens of hits across our customer base in the last week. In just one week, some estimated 8,000 machines h… Continue reading We’re Seeing a Resurgence of the Demonic Astaroth WMIC Trojan
By Lucas Ashbaugh Laziness and sloppy work are the twenty first century’s newest business model, and for phishing actors it’s a gold rush. The real winners from modern phishing have taken a chapter out of the entrepreneur’s handbook: The Lean Startup…. Continue reading The Lazy Man’s Guide to Phishing
Over the past couple of weeks, the Cofense™ Phishing Defence Center (PDC) has observed a rise in PowerShell-based malware. PowerShell is a very powerful scripting language that is legitimately used in many organisations. PowerShell is packed wit… Continue reading An Analyst’s View of Surging PowerShell-based Malware
The CofenseTM Phishing Defense Center has observed a phishing email targeting Canadian taxpayers, similar to HMRC scams we recently reported in the United Kingdom. It’s the latest in a surge of tax-rebate phishing scams seen across the globe, prompting… Continue reading Another Tax-Rebate Phishing Scam, This Time in Canada
The CofenseTM Phishing Defense Center (PDC) has observed a phishing campaign masquerading as a Customer Satisfaction Survey from Cathay Pacific. Fake surveys are an old tactic, but the PDC has recently seen an increase in their use. Examining the follo… Continue reading Customer Satisfaction Survey Leads to Credential Phishing
The Cofense™ Phishing Defence Center has observed a convincing new phishing campaign targeting taxpaying UK nationals. The threat actors posing as Her Majesty’s Revenue and Customs (HMRC) have imitated the Government Gateway tool which is common… Continue reading A Very Convincing Tax-Rebate Phishing Campaign Is Targeting UK Users
“Man in the Inbox” phishing attacks come from compromised email accounts. They look like someone from within a business, for example the HR director, sent an email directing employees to do something legitimate—like logging onto a fabricated page to re… Continue reading This “Man in the Inbox” Phishing Attack Highlights a Concerning Gap in Perimeter Technology Defenses