PhishMe Blog

STAY CURRENT ON INDUSTRY TRENDS & PHISHME NEWS

Sage and Locky Ransomware Now Sharing Delivery Infrastructure in Phishing Attacks

BY PhishMe IN Internet Security Awareness, Phishing

BY BRENDAN GRIFFIN AND GARY WARNER Threat actors have demonstrated that despite the past two years’ explosion in new ransomware varieties, ransomware developers still believe that the market has not reached the point of saturation. Examples of encryption ransomware like Sage have made notable appearances on the phishing threat landscape in the early days of 2017, continuing the ransomware trend from 2016.

READ MORE

0 comments

Kovter Ad Fraud Trojan Now Shipping with Locky Ransomware

BY Paul Burbage IN Phishing

Over the past couple of months, the PhishMe Research Team has observed Locky ransomware being distributed alongside the Kovter ad fraud trojan. We have looked at this malware distribution channel in the past, and since then, the threat actors have evolved from using a fake file encryption threat to using a well known and effective ransomware family: Locky. In this post we will examine the history of the Kovter actors’ experimentation with ransomware and walk through a sample campaign that our PhishMe Threat Intelligence Team captured. Ransomware Evolution The distributors behind Kovter have been experimenting with “ransomware” since as early as January 2016. We place the word…

READ MORE

0 comments

With apologies to Led Zeppelin fans: The (BEC) Song (Still) Remains the Same

BY Heather McCalley IN Phishing

Almost three months have passed since I last updated you on the Business Email Compromise scam, also known as the CEO Fraud scam. Though the volume of these attacks remains high, the information security community has continued to collaborate well regarding this type of fraud, preempting the transfer of millions of dollars and identifying numerous mules in control of bank accounts around the world. Just last week, yet another phisher tried to phish PhishMe. Our CTO, Aaron Higbee, reported on early attempts in September 2015 when he also described the use of PhishMe Reporter to phish-back and collect details of the phisher’s…

READ MORE

0 comments

Fortifying Defenses with Human-Verified Phishing Intelligence

BY Mike Saurbaugh IN Cyber Incident Response, Phishing, Threat Intelligence

Mining Phish in the IOCs PhishMe® and Palo Alto Networks® are providing security teams with the ability to ingest human-verified phishing intelligence in a standard format that can be automatically enforced as new protections for the Palo Alto Networks Next-Generation Security Platform through the MineMeld application. Through this integration, PhishMe and Palo Alto Networks are providing a powerful approach to identifying and preventing potentially damaging phishing attacks. The challenge of operationalizing threat intelligence Ransomware, business email compromise (BEC), malware infections, and credential-based theft all primarily stem from a single vector of compromise – phishing. Operationalizing threat intelligence, especially when it…

READ MORE

0 comments

An Open Enrollment Reminder – Phishers Want Your HSA Money!

BY Gary Warner IN Internet Security Awareness, Phishing

As the end of the year approaches, many companies are communicating with their employees about benefits and Health Savings Accounts via email. Criminals realize this and have decided to get in on the action!  More consumers than ever are using HSAs as a way to save pre-tax income for future medical expenses. A report released by Devenir Research shared that, as of August 2016, 18.2 million HSA accounts currently hold $34.7 billion in assets – a 22% growth over 2015, and projects that by the end of 2018, more than $50 billion will be on deposit in HSA accounts. That’s…

READ MORE

0 comments

A Warning on Christmas Delivery Scams

BY PhishMe IN Internet Security Awareness, Threat Intelligence

The time of year has once again arrived when post offices are busier than the freeway on a Friday evening. We buy gifts, online and in stores, and we send and expect packages to and from the far corners of the country, continent, and even the world. Yet behind this frenzy of merriment skulk a series of dangers. Although Christmas is still more than a month away, scammers of this kind have already been active in various areas across the US. For a number of years, security experts have grown to expect a hike in the number of internet scams being…

READ MORE

0 comments