At PhishMe we talk frequently about a familiar concept that cyber attacks and phishing emails are very rarely sent to only one organization. While security teams tend to focus on threats to your organization, PhishMe Intelligence is watching for email-based threats for EVERY organization. As we were gathering information about tax-related phishing scams this year, we noticed that institutes of higher learning were being hit quite broadly by this year’s W2 related scams.
On 4/6, the Phishing Intelligence team came across a wave of phishing emails that contained a .js file packaged inside of a zip file used to deliver malware. This is nothing new, and has been seen being pushed out by resources associated with the Dridex botnet and the Locky encryption ransomware. The interesting piece is that the attackers are using a new piece of malware called RockLoader to download and install the malware on remote systems. Downloaders are nothing new, as Upatre was used with Dyre and Gameover ZeuS in the past. RockLoader has several tricks up its sleeve.
Today, we happily launched our comprehensive end-of-year report Gone Phishing: 2015 Global Malware Round Up Report completely free to the public and our customers. This whitepaper provides information security professionals, incident response teams, threat intelligence analysts and C-level technology leaders across the globe with insights on the most effective phishing attacks used today and the malware payloads they deliver.
Today, we are excited to announce the launch of our brand new PhishMe Community. The site is designed exclusively for PhishMe customers as a centralized hub where users can build a collaborative knowledge base, learn technical tips and tricks, engage with peers to share new ideas, and grow existing anti-phishing programs.