Results from Terranova Security's 2023 Gone Phishing Tournament Webinar

Results from Terranova Security's 2023 Gone Phishing Tournament Webinar
Join Fortra Email Security experts, as well as guest speakers from The National Cybersecurity Alliance, as they present highlights and discuss results from the 2023 Gone Phishing Tournament, co-sponsored by Microsoft.
monica.delyani Thu, 02/22/2024 - 16:23
Advanced Persistent Threats (APT),
Account Takeover,
Business Email Compromise,
Social Engineering,
Spear Phishing,
Advanced Threat Protection,
Live Event

DMARC Revisited: Email Authentication in 2024

In this webinar, our experts outline how Agari DMARC Protection can lead you through a safe and efficient DMARC implementation and keep you compliant with the latest email provider authentication standards and deadlines.

Phishing-as-a-Service Profile: LabHost Threat Actor Group

Fortra is monitoring malicious activity targeting Canadian banks conducted by Phishing-as-a-Service group LabHost. Throughout 2022 and 2023, Fortra has observed phishing attacks connected with Phishing-as-a-Service (PhaaS) groups grow as threat actors use the tools provided through membership services to launch a variety of campaigns. The providers of these platforms boast features such as access...

Record Number of Phishing Sites Impersonate Social Media to Target Victims in Q4

Phishing sites impersonated the social media industry more than any other in Q2, Q3, and Q4 of 2023. In Q4 alone, social media phish leapt nearly 20%, reaching the highest volume of abuse (over 67%) since Fortra has reported on this data point. Every quarter, Fortra’s PhishLabs examines hundreds of thousands of phishing attacks targeting enterprises and their brands. In this post, we break down...

How Threat Actors will Leverage Domain Impersonation in 2024

Historically, the average brand is targeted by 40 look-alike domains per month. Look-alikes are a strategic component of malicious lures and websites and used in a variety of spaces including social platforms, text messages, the open web, and email. An attack that incorporates a look-alike domain can mean the difference between a convincing campaign and a suspicious one, with a versatility that...

QR Codes That Don't Bode Well - The Harm That Quishing Attacks Can Do

Most organisations have security controls in place to inspect URLs in emails to prevent the risk of credential phishing and business email compromise (BEC) attacks. However, threat adversaries have pivoted their tactics to bypass security stacks. And clicking these types of attacks often leads to account takeover. In fact, data from Fortra’s PhishLabs in Q2 2023 reported more than three-quarters...

Cybercriminal Focus in the New Year – Top 2024 Threat Trends

Criminals are constantly innovating ways to enhance deliverability and increase the success of their campaigns. Email phishing remains one of the most significant threats to organizations, but a growing number of campaigns are first touching victims via non-traditional lures or through engagement on platforms where users are more susceptible to scams. Understanding how online threats are evolving...

Getting the Board on Board: Explaining Cybersecurity ROI

In this Tripwire guest blog, we break down how to best communicate the significance of a cybersecurity investment. Despite increasing data breaches, ransomware attacks, and assorted cyber threats, convincing the Board of Directors to invest in robust cybersecurity isn't always easy for many businesses. The challenge originates mainly from the need to demonstrate a quantifiable Return On Investment...

Dark Web Threats Targeting the Airline Industry

The allure of airline status and points, along with the abundance of personally identifiable information (PII) of customers and employees, make the airline industry a prime target for threat actors on the dark web. Depending on the goal of the actor and the nature of the stolen data, criminals can find airline-specific materials for sale on a variety of markets. Nick Oram, security operations...

The Email Security Gaps in Your Cloud

According to Gartner, Microsoft lacks the ability to detect and eradicate 20% of the advanced email threats. Email security expert, Ravisha Chugh, shares why current cloud email security solutions are insufficient against advanced email threats, and why she's excited to be a part of Fortra's Cloud Email Protection.
On-Demand Webinar

Introduction to Fortra’s Cloud Email Protection Platform

Advanced email threats continue to be a stark reality for enterprises. Even with Secure Email Gateways in place, deceptive attacks like BEC, targeted social engineering ploys, and spear phishing attempts can still get into user inboxes. In this video, Fortra’s Advanced Email Security experts discuss how Fortra’s Cloud Email Protection, a new integrated cloud email security platform, delivers multi...

Suspicious Email Analysis

Detect, Analyze & Mitigate Advanced Threats Enterprises struggle to stop email threats from routinely reaching user inboxes, leading to Business Email Compromise (BEC) and ransomware attacks. While users become more adept at identifying suspicious emails and enterprises invest in increasingly sophisticated email security stacks, threat actors continue to deploy emails designed to trick employees...

BEC: Why This Basic Threat Is Difficult to Detect

Revenue lost to payment fraud saw an increase in every major global region from 2021 to 2022, and odds are your organization is still seeing email impersonation threats in inboxes. But why? This article provides insights on Business Email Compromise to help you understand just why these threats are so effective for cybercriminals.

Brand Threats Masterclass: Experts Reveal Top Attacks and Defense Tactics

There is little doubt that AI-fueled impersonation campaigns and novel attacks via non-traditional channels have emerged as a primary concern for security teams. Brand impersonation is on the rise, with nearly 40 look-alike domains targeting brands each month. On social media, impersonation attacks account for almost half of all threatening content. And online counterfeit campaigns are...

Google and Yahoo Take Stance on Email Authentication

Google's and Yahoo's email authentication requirements are rapidly approaching. At Fortra, we commend this push to require email authentication as a huge step in the ongoing fight against spoofing and abuse. Find out what the requirements are and how Fortra can help you through the email authentication journey.

How Organizations Can Use Dark Web Intelligence

The scope of intelligence on underground marketplaces is vast and navigating the dark web in search of brand mentions and potential threats can be time-consuming and complex. In order to proactively defend against attacks and mitigate the threat of leaked information, organizations should consistently monitor marketplaces and forums for data pertaining to their brand. If questionable data is...