Resources

Blog

Social Media Attacks Focus on Financials, Executives in Q4

In Q4, impersonation threats made up more than 45% of total attacks on social media, with the vast majority targeting banking and financial services. Impersonation on social media continues to grow, with threats specifically targeting corporate executives responsible for driving the majority of volume for three consecutive quarters. The average number of social media attacks per business has...
Datasheet

Clearswift Anti-Spam

Inside the Clearswift Secure Email Gateway appliance, there is a multi-layer Anti-Spam solution designed to deliver 99% detection with minimal false positives. The anti-spam feature detects messages as being spam, phishing attempts, or newsletters, and allows system administrators to configure policies to either block, sanitize, hold, tag, or deliver. Reputations – This is powered by TRUSTmanager...
Blog

What is a DMARC Policy?: The 3 Types, Which to Implement & Other Requirements

In this post, we’ll briefly explain what a DMARC policy is , how to set up your DMARC email record, what the three types of DMARC policies are and when to implement each one, and how to diagnose and fix any issues associated with it. Basically, your DMARC policy tells email receivers what to do with illegitimate or possibly fraudulent emails—whether to reject, quarantine, or accept them. Overall...
Blog

O365 Volume Up in Q4 as Cybercriminals Target Brands in Credential Theft Attacks

The majority of malicious emails reported in user inboxes contained a link to a phishing site, making credential theft emails the attack method of choice for cybercriminals in Q4. Credential theft made up nearly 60% of all reported incidents, with more than half of the volume attributed to O365 attacks. Despite the threat actor preference toward this threat type, credential theft attacks declined...
Live Webinar
Join Fortra Email Security experts, as well as guest speakers from The National Cybersecurity Alliance, as they present highlights and discuss results from the 2023 Gone Phishing Tournament, co-sponsored by Microsoft.
Live Webinar
Most organizations have security controls in place to inspect URLs in emails to prevent the risk of credential phishing and business email compromise (BEC) attacks. However, threat adversaries have pivoted their tactics in order to bypass security stacks. The QR code is now the carrier of choice for delivering these types of payloads via email. Is your organisation ready to tackle this new...
Live Event
Mar
21

DMARC Revisited: Email Authentication in 2024

In this webinar, our experts outline how Agari DMARC Protection can lead you through a safe and efficient DMARC implementation and keep you compliant with the latest email provider authentication standards and deadlines.
Live Event
Mar
21

DMARC Revisited: Email Authentication in 2024

In this webinar, our experts outline how Agari DMARC Protection can lead you through a safe and efficient DMARC implementation and keep you compliant with the latest email provider authentication standards and deadlines.
Blog

Phishing-as-a-Service Profile: LabHost Threat Actor Group

Fortra is monitoring malicious activity targeting Canadian banks conducted by Phishing-as-a-Service group LabHost. Throughout 2022 and 2023, Fortra has observed phishing attacks connected with Phishing-as-a-Service (PhaaS) groups grow as threat actors use the tools provided through membership services to launch a variety of campaigns. The providers of these platforms boast features such as access...
Blog

Record Number of Phishing Sites Impersonate Social Media to Target Victims in Q4

Phishing sites impersonated the social media industry more than any other in Q2, Q3, and Q4 of 2023. In Q4 alone, social media phish leapt nearly 20%, reaching the highest volume of abuse (over 67%) since Fortra has reported on this data point. Every quarter, Fortra’s PhishLabs examines hundreds of thousands of phishing attacks targeting enterprises and their brands. In this post, we break down...
Blog

How Threat Actors will Leverage Domain Impersonation in 2024

Historically, the average brand is targeted by 40 look-alike domains per month. Look-alikes are a strategic component of malicious lures and websites and used in a variety of spaces including social platforms, text messages, the open web, and email. An attack that incorporates a look-alike domain can mean the difference between a convincing campaign and a suspicious one, with a versatility that...
Blog

QR Codes That Don't Bode Well - The Harm That Quishing Attacks Can Do

Most organisations have security controls in place to inspect URLs in emails to prevent the risk of credential phishing and business email compromise (BEC) attacks. However, threat adversaries have pivoted their tactics to bypass security stacks. And clicking these types of attacks often leads to account takeover. In fact, data from Fortra’s PhishLabs in Q2 2023 reported more than three-quarters...
Blog

Cybercriminal Focus in the New Year – Top 2024 Threat Trends

Criminals are constantly innovating ways to enhance deliverability and increase the success of their campaigns. Email phishing remains one of the most significant threats to organizations, but a growing number of campaigns are first touching victims via non-traditional lures or through engagement on platforms where users are more susceptible to scams. Understanding how online threats are evolving...
Blog

Getting the Board on Board: Explaining Cybersecurity ROI

In this Tripwire guest blog, we break down how to best communicate the significance of a cybersecurity investment. Despite increasing data breaches, ransomware attacks, and assorted cyber threats, convincing the Board of Directors to invest in robust cybersecurity isn't always easy for many businesses. The challenge originates mainly from the need to demonstrate a quantifiable Return On Investment...
Blog

Dark Web Threats Targeting the Airline Industry

The allure of airline status and points, along with the abundance of personally identifiable information (PII) of customers and employees, make the airline industry a prime target for threat actors on the dark web. Depending on the goal of the actor and the nature of the stolen data, criminals can find airline-specific materials for sale on a variety of markets. Nick Oram, security operations...
Blog

The Email Security Gaps in Your Cloud

According to Gartner, Microsoft lacks the ability to detect and eradicate 20% of the advanced email threats. Email security expert, Ravisha Chugh, shares why current cloud email security solutions are insufficient against advanced email threats, and why she's excited to be a part of Fortra's Cloud Email Protection.
On-Demand Webinar

Introduction to Fortra’s Cloud Email Protection Platform

Advanced email threats continue to be a stark reality for enterprises. Even with Secure Email Gateways in place, deceptive attacks like BEC, targeted social engineering ploys, and spear phishing attempts can still get into user inboxes. In this video, Fortra’s Advanced Email Security experts discuss how Fortra’s Cloud Email Protection, a new integrated cloud email security platform, delivers multi...