PhishMe Blog

STAY CURRENT ON INDUSTRY TRENDS & PHISHME NEWS

TrickBot Targeting Financial and Cryptocurrency Data

BY Brendan Griffin IN Internet Security Awareness, Malware Analysis, Phishing

While a great deal of focus for research into botnet trojans is on the multipurpose utility of this malware, many of these same tools are still utilized for direct financial crimes and fraud. This configuration data, provides a prima-facie insight into some of the preferred means for monetary gains by threat actors. An example of this can be found in the most recent rounds of TrickBot malware configurations. These XML documents describe the targeted login pages for online services and the action the malware is to take when a victim visits one. Many of the targeted resources reference the login…

READ MORE

0 comments

5 Reasons Our UK Phishing Report Would Make Winston Churchill Scowl

BY phishme IN Cyber Incident Response, Internet Security Awareness, Phishing

The US and UK share a lot of things. History. Political traditions. A language, if one is feeling generous. And now some worrisome phishing data that jumps out of two reports PhishMe® has commissioned, most recently in the UK.

READ MORE

0 comments

Endpoint Phishing Incident Response with PhishMe and Carbon Black

BY phishme IN Cyber Incident Response, Phishing, Threat Intelligence

Hunting Phished Endpoints with PhishMe Intelligence™ and Carbon Black® Response While sipping coffee and reading the morning headlines, the CISO notices a global mass-phishing campaign that took place overnight. Picking up the phone and calling the SOC, the CISO asks; “Are there any computers that may have been infected with ‘X’ that I read about this morning? I need answers before my meeting in an hour”.

READ MORE

0 comments

Customized Phishing Simulations Keep You “Left of Breach”

BY John Robinson IN Cyber Incident Response, Internet Security Awareness, Phishing

Part 3 in a series on being “Left of Breach” in the Phishing Kill Chain. In part 2 we looked at Self-Enumeration, assessing security and business process gaps that phishing attackers exploit. It’s the first step in being “Left of Breach” (see figure below), the process that builds a proactive phishing defense strategy.

READ MORE

0 comments

Phishing Incident Response: Get Started in 3 Steps

BY phishme IN Cyber Incident Response, Internet Security Awareness, Phishing

So, you want to improve your response to phishing threats? Smart idea. PhishMe®’s recent report on phishing response trends shows that phishing is the #1 security concern, but almost half of organizations say they’re not ready for an attack.

READ MORE

0 comments

Identity Crisis – The Real Cost of a PII Data Breach

BY John Robinson IN Cyber Incident Response, Internet Security Awareness, Phishing

As the success of phishing attacks continues to broaden and gain traction in the modern news cycle, it’s important that we understand the differences in impacts based on the type of breach.

READ MORE

0 comments

Catching Phish with PhishMe Intelligence and ThreatQ

BY phishme IN Cyber Incident Response, Phishing, Threat Intelligence

PhishMe IntelligenceTM Integrates with ThreatQuotient’s ThreatQ Platform Swimming in a sea of threat intelligence indicators and services, security teams have been working towards effective ways to centralize, de-duplicate, and correlate massive amounts of threat data. The challenge, once this is done, is acting on what matters most. This requires intelligence, not just data.

READ MORE

0 comments

To Get “Left of Breach,” First Know Thyself

BY John Robinson IN Cyber Incident Response, Malware Analysis, Phishing

Part 2 in a series on being “Left of Breach” in the Phishing Kill Chain. In part 1 of this series, we talked about getting front of data breaches by taking proactive steps—everything to the left of the bullseye in the figure shown here:

READ MORE

0 comments

Human Phishing Defense Tackle Box – PhishMe Intelligence™ and IBM QRadar®

BY phishme IN Cyber Incident Response, Internet Security Awareness, Threat Intelligence

PhishMe® and IBM have teamed up to provide security operations with essentials for their phishing defense program. Security teams don’t want standalone security products; they need holistic security solutions and through partner integrations. That’s why PhishMe and IBM have partnered to help enterprise businesses defend against credential-stealing, malware, ransomware, and Business Email Compromise (BEC) phishing.

READ MORE

0 comments

PhishMe Triage Catches and Mitigates a Phishing Attack on Day 1

BY phishme IN Cyber Incident Response, Malware Analysis, Phishing

BY JOHN TRAVISE AND NICOLAS OCTAVIANI PhishMe Triage™ immediately reveals an active, ongoing phishing attack against a new customer during a configuration and deployment.

READ MORE

0 comments

NanoCore Variant Delivered Through UUE Files

BY Marcel Feller IN Malware Analysis, Phishing, Phishing Defense Center

Over the past few weeks, our Phishing Defense Center has observed several emails with malicious PDF attachments that prompt the user to download a .UUE file from Dropbox. UUE files (Unix to Unix Encoding) are files encoded with uuencode, a program that converts binary files to text format for easy transfer while still allowing for the files to be easily opened using Winzip or similar un-archiving applications. When file extensions are not displayed in Windows, the downloaded file looks like any other compressed file (as shown in Figure 1), which makes it harder to spot that this file is indeed…

READ MORE

0 comments

Want to Get In Front of Breaches? Be Like the Marines.

BY John Robinson IN Cyber Incident Response, Internet Security Awareness, Phishing

Part 1 in our series on being “Left of Breach” in the Phishing Kill Chain. Too often in the information/cyber security industry, we focus our efforts on mitigation of breaches after they occur, relying on incident response teams to find the needles in the haystack. According to “Left of Bang: How the Marine Corps’ Combat Hunter Program Can Save Your Life,” (by Patrick Van Horne and Jason A. Riley; Foreword by Steven Pressfield) The Marine’s Combat Hunter training program works on this premise: by understanding what “normal” looks like, we are much more likely to recognize activities and behaviors that…

READ MORE

0 comments

5 Reasons Hackers Target SMBs—and 1 Free Way to Fight Back

BY phishme IN Cyber Incident Response, Internet Security Awareness, Phishing

Last week PhishMe® released PhishMe® Free, a no-cost version of our award-winning anti-phishing solution, to protect SMBs from phishing attacks and resulting threats. A new PhishMe white paper shows the urgent need for SMBs to bolster their defenses.

READ MORE

0 comments

10 Ways to Defend Against Business Email Compromise / CEO Email Fraud Scams

BY Heather McCalley IN Internet Security Awareness, Malware Analysis, Phishing

Cybercriminals continue to successfully hack and spoof emails to impersonate supervisors, CEOs, and suppliers and then request seemingly legitimate business payments. Because the emails look authentic and seem to come from known authority figures, many employees comply. But later they discover they’ve been tricked into wiring money or depositing checks into criminals’ bank accounts.

READ MORE

0 comments

The Newest Delivery Method for the Locky Ransomware

BY phishme IN Malware Analysis, Phishing

Since its introduction in early 2016 and throughout this year, the distribution of the Locky ransomware has been overwhelmingly facilitated by attached script applications written in JScript or Visual Basic. These script applications have been delivered as the content of an attached archive such as a Zip or RAR file delivered as part of the email messages.

READ MORE

0 comments

Locky Ransomware Keeps Returning After Repeated Absences

BY phishme IN Malware Analysis, Phishing

It seems that each time the information security community is ready to declare the Locky ransomware dead and gone, phishing threat actors launch new campaigns with new characteristics. Locky’s presence on the threat landscape dates back to February 2016 when this malware formalized and matured the ransomware business model in phishing emails. Coupled with a tenacious distribution strategy, Locky dominated the phishing markets throughout 2016. Since early 2017, Locky’s presence on the threat landscape has been far more tepid. Its subdued presence on the threat landscape and intermittent distributions led to rumors that Locky was a thing of the past;…

READ MORE

0 comments

Zeus Panda’s Modular Functions Provide Insight into Botnet Malware Capabilities

BY phishme IN Malware Analysis, Phishing

One core element of the information security mission is the successful assessment of the risk posed to an organization by a malware sample or malware variety delivered by a phishing email. In 2017, phishers have embraced the use of adaptable and flexible malware to gain initial footholds in a network before monetizing the infected host. The intersection of these two missions creates a scenario in which open-ended, adaptable botnet malware challenges information security professionals to prepare for a wide array of malware capabilities–in some case without much insight into the real risks posed by a malware tool. However, in some…

READ MORE

0 comments

The PhishMe 2017 Excellence Awards Nominations are Open!

BY phishme IN Phishing

Make your nominations for the 2017 PhishMe® Excellence Awards today! Every day, 1000s of companies use PhishMe as a cornerstone of their phishing defense program. The PhishMe Excellence Awards recognize the outstanding achievements of security professionals and organizations with innovative, successful anti-phishing and phishing defense programs to minimize the risk and impacts associated with phishing attacks.

READ MORE

0 comments

Ransomware: Don’t Make It Too Easy to Hit Your WordPress Site

BY Aaron Higbee IN Internet Security Awareness, Malware Analysis

Ransomware is a business.  And like all smart business people, hackers look for efficiencies to increase revenue and lower cost of delivery.

READ MORE

0 comments

PhishMe Free Launches to Protect SMBs

BY phishme IN Internet Security Awareness, Phishing

When it comes to cyberattacks, small businesses are big targets. That’s why we recently introduced PhishMe® Free, a no-cost, easy-to-use version of our award-winning anti-phishing simulation solution.

READ MORE

0 comments