Press Release

Fortra Recognized as Market Leader for Email Security

Fortra announced today their recognition as a “Top Player” in The Radicati Group’s Secure Email Market Quadrant, 2024. The Radicati Group’s analysis found that Fortra provides both breadth and depth of functionality while shaping the market with innovative technology and a compelling strategic vision.

Fortra Named Top Player in Radicati's 2024 Secure Email Market Quadrant Report

Fortra has been recognized as a “Top Player” in The Radicati Group’s Secure Email Market Quadrant, 2024 . The Radicati Group’s analysis found that Fortra provides both breadth and depth of functionality, while shaping the market with innovative technology and a compelling strategic vision. As the report illustrated: "Fortra’s Cloud Email Protection brings together an impressive set of solutions...

O365 Active Phishing Campaign with Verizon Invoice Lure

Recent O365 Active Phishing Campaign Active Phishing Campaigns are concerted, coordinated attacks that Fortra has observed bypassing email security gateways, like SEGs, and default filtering tools. The following analysis includes examples, high-level details, and associated threat indicators. As of this posting, Fortra has automatically detected and removed 46 instances of this threat across...

The Email Security Gaps in Your Cloud

According to Gartner, Microsoft lacks the ability to detect and eradicate 20% of the advanced email threats. Email security expert, Ravisha Chugh, shares why current cloud email security solutions are insufficient against advanced email threats, and why she's excited to be a part of Fortra's Cloud Email Protection.

Social Media Attacks Focus on Financials, Executives in Q4

In Q4, impersonation threats made up more than 45% of total attacks on social media, with the vast majority targeting banking and financial services. Impersonation on social media continues to grow, with threats specifically targeting corporate executives responsible for driving the majority of volume for three consecutive quarters. The average number of social media attacks per business has...

Clearswift Anti-Spam

Inside the Clearswift Secure Email Gateway appliance, there is a multi-layer Anti-Spam solution designed to deliver 99% detection with minimal false positives. The anti-spam feature detects messages as being spam, phishing attempts, or newsletters, and allows system administrators to configure policies to either block, sanitize, hold, tag, or deliver. Reputations – This is powered by TRUSTmanager...

What is a DMARC Policy?: The 3 Types, Which to Implement & Other Requirements

In this post, we’ll briefly explain what a DMARC policy is , how to set up your DMARC email record, what the three types of DMARC policies are and when to implement each one, and how to diagnose and fix any issues associated with it. Basically, your DMARC policy tells email receivers what to do with illegitimate or possibly fraudulent emails—whether to reject, quarantine, or accept them. Overall...

O365 Volume Up in Q4 as Cybercriminals Target Brands in Credential Theft Attacks

The majority of malicious emails reported in user inboxes contained a link to a phishing site, making credential theft emails the attack method of choice for cybercriminals in Q4. Credential theft made up nearly 60% of all reported incidents, with more than half of the volume attributed to O365 attacks. Despite the threat actor preference toward this threat type, credential theft attacks declined...

Phishing-as-a-Service Profile: LabHost Threat Actor Group

Fortra is monitoring malicious activity targeting Canadian banks conducted by Phishing-as-a-Service group LabHost. Throughout 2022 and 2023, Fortra has observed phishing attacks connected with Phishing-as-a-Service (PhaaS) groups grow as threat actors use the tools provided through membership services to launch a variety of campaigns. The providers of these platforms boast features such as access...

Record Number of Phishing Sites Impersonate Social Media to Target Victims in Q4

Phishing sites impersonated the social media industry more than any other in Q2, Q3, and Q4 of 2023. In Q4 alone, social media phish leapt nearly 20%, reaching the highest volume of abuse (over 67%) since Fortra has reported on this data point. Every quarter, Fortra’s PhishLabs examines hundreds of thousands of phishing attacks targeting enterprises and their brands. In this post, we break down...

How Threat Actors will Leverage Domain Impersonation in 2024

Historically, the average brand is targeted by 40 look-alike domains per month. Look-alikes are a strategic component of malicious lures and websites and used in a variety of spaces including social platforms, text messages, the open web, and email. An attack that incorporates a look-alike domain can mean the difference between a convincing campaign and a suspicious one, with a versatility that...

QR Codes That Don't Bode Well - The Harm That Quishing Attacks Can Do

Most organisations have security controls in place to inspect URLs in emails to prevent the risk of credential phishing and business email compromise (BEC) attacks. However, threat adversaries have pivoted their tactics to bypass security stacks. And clicking these types of attacks often leads to account takeover. In fact, data from Fortra’s PhishLabs in Q2 2023 reported more than three-quarters...

Cybercriminal Focus in the New Year – Top 2024 Threat Trends

Criminals are constantly innovating ways to enhance deliverability and increase the success of their campaigns. Email phishing remains one of the most significant threats to organizations, but a growing number of campaigns are first touching victims via non-traditional lures or through engagement on platforms where users are more susceptible to scams. Understanding how online threats are evolving...

Getting the Board on Board: Explaining Cybersecurity ROI

In this Tripwire guest blog, we break down how to best communicate the significance of a cybersecurity investment. Despite increasing data breaches, ransomware attacks, and assorted cyber threats, convincing the Board of Directors to invest in robust cybersecurity isn't always easy for many businesses. The challenge originates mainly from the need to demonstrate a quantifiable Return On Investment...

Dark Web Threats Targeting the Airline Industry

The allure of airline status and points, along with the abundance of personally identifiable information (PII) of customers and employees, make the airline industry a prime target for threat actors on the dark web. Depending on the goal of the actor and the nature of the stolen data, criminals can find airline-specific materials for sale on a variety of markets. Nick Oram, security operations...