PhishMe Blog

STAY CURRENT ON INDUSTRY TRENDS & PHISHME NEWS

Beware: Encryption Ransomware Varieties Pack an Extra Malware Punch

BY Brendan Griffin IN Threat Intelligence

As the public becomes more and more aware of ransomware threats through journalistic outlets and the advice of security professionals, threat actors face more challenges in successfully monetizing the deployment of their tools. The longevity of ransomware as a viable criminal enterprise relies upon the continued innovation that ensures threat actors can deliver and monetize infected machines. Much of the innovation seen in 2016 was focused on defying the expectations for how ransomware is delivered such as steganographic embedding of ransomware binaries, other forms of file obfuscation, and requirements for command line argumentation. These were all put forward as ways…

READ MORE

0 comments

Unscrupulous Locky Threat Actors Impersonate US Office of Personnel Management to Deliver Ransomware

BY Brendan Griffin IN Threat Intelligence

Update 2016-11-11: It is important to PhishMe to avoid hyperbolic conclusions whenever possible. In the interest of clarifying some conclusions that have been drawn from this blog post, it is important to keep in mind the nature of Locky distribution and how this malware is delivered to victims. We consider it a serious responsibility to report on very real threats in a way that lends itself to our credibility as well that the credibility of all information security professionals. PhishMe has no reason to believe that this set of emails was delivered only to victims of the OPM incident nor…

READ MORE

0 comments

Viotto Keylogger: Freemium Keylogger for the Skids

BY Paul Burbage IN Phishing

The PhishMe Research team recently received a campaign escalated by one or our analysts. We’ll explore the campaign delivery, malicious attachments, and analysis of the malicious attachments, and we’ll provide a simple method for extracting the credentials being used for this keylogger family’s data exfiltration. Campaign The PhishMe Triage platform allows SOC analysts to identify, analyze, and respond to email threats that have targeted their organization. For this particular campaign, the suspicious email had an ARJ archive attachment, which contained a Windows PE32 executable. Although Windows OS does not natively open archive files with the ARJ extension, a number of third-party applications,…

READ MORE

0 comments

The PhishMe Advantage – ROI

BY PhishMe IN Phishing

Return on Investment Measuring the return on investment (ROI) from your PhishMe solution is simple and easy. The most obvious and significant impact is the dramatic reduction you will see in the overall risk of a phishing attack both getting past your perimeter protection and your skilled users but there are other ways to measure your investment: Monetary ROI Customers can realize monetary ROI from PhishMe by reducing their overall risk to phishing and other security threats. Adversaries have successfully employed phishing tactics to steal intellectual property, personally identifiable information, and other sensitive information that can harm an organization’s competitive advantage…

READ MORE

0 comments

The (BEC) Song Remains the Same

BY Heather McCalley IN Phishing

I had a dream, a crazy dream, that we stopped responding to ridiculous email messages demanding that a wire be sent immediately.  Also in that dream, all the bad guys were caught and had to pay restitution and go to jail. While that second part may never happen, there has been definite progress toward the dream goal and there are definite steps to take to ensure that you – and others in your company – do not fall victim to a BEC email. Coordinated by the National Cyber-Forensics & Training Alliance (NCFTA), contact information and incident details are being swapped quickly…

READ MORE

0 comments

Behavioral Conditioning, Not Awareness, Is the Answer to Phishing

BY PhishMe IN Internet Security Awareness, Phishing

BY AARON HIGBEE AND SCOTT GREAUX You don’t stop phishing attacks by raising user awareness. A recent study conducted by a German university confirms what we at PhishMe have known all along: Focusing on awareness isn’t the point. The real solution is behavioral conditioning. The study, conducted by Friedrich-Alexander University (FAU) of Erlangen-Nuremberg, Germany, used 1,700 students to simulate spear phishing attacks. An August 31 Ars Technica article published preliminary results of the study showing at least 50% of students clicked simulated phishes, even though they understood the risks. With its headline, “So Much for Counter-phishing Training: Half of People…

READ MORE

0 comments