University W2 Phishing and CEO Impersonation

At PhishMe we talk frequently about a familiar concept that cyber attacks and phishing emails are very rarely sent to only one organization. While  security teams tend to focus on threats to your organization, PhishMe Intelligence is watching for email-based threats for EVERY organization. As we were gathering information about tax-related phishing scams this year, we noticed that institutes of higher learning were being hit quite broadly by this year’s W2 related scams.

RockLoader – New Upatre-like Downloader Pushed by Dridex, Downloads all the Malwares

On 4/6, the Phishing Intelligence team came across a wave of phishing emails that contained a .js file packaged inside of a zip file used to deliver malware. This is nothing new, and has been seen being pushed out by resources associated with the Dridex botnet and the Locky encryption ransomware. The interesting piece is that the attackers are using a new piece of malware called RockLoader to download and install the malware on remote systems. Downloaders are nothing new, as Upatre was used with Dyre and Gameover ZeuS in the past. RockLoader has several tricks up its sleeve.

Gone Phishing: 2015 Global Malware Round Up Report – Available Now

Today, we happily launched our comprehensive end-of-year report Gone Phishing: 2015 Global Malware Round Up Report completely free to the public and our customers. This whitepaper provides information security professionals, incident response teams, threat intelligence analysts and C-level technology leaders across the globe with insights on the most effective phishing attacks used today and the malware payloads they deliver.