Phishing Incident Response – Human-Verified Phishing Intelligence Meets OSINT
Ransomware, business email compromise (BEC), malware infections, and credential-based theft all stem from a primary vector of compromise – phishing. And no business large or small is exempt!
Any hopes, however remote, that 2016 might bring relief from the troubling phishing trends prevalent in 2015 have been conclusively dashed by a thorough analysis of malware threats in the first quarter of this year. Not only has phishing intensified, but it’s also increasingly used to deliver ransomware.
Global leader in enterprise phishing defense and intelligence unveils highly anticipated update to help organizations resist Ransomware, Business Email Compromise (BEC) and other timely threats
LEESBURG, VA – London, UK – June 8 2016 – PhishMe Inc., the leading provider of human phishing defense solutions, announced today the integration of critical content into PhishMe Simulator™ to help prepare employees for trending phishing attacks and damaging payloads. The Active Threats update allows operators to quickly utilize phishing templates based on current real-world attacks that are targeting organizations, such as Business Email Compromise (BEC) and Ransomware. Simulating these types of attacks ensures users are aware of the new techniques used by phishers and empowers operators with a resource to combat new threats early on.
PhishMe’s Analysis of phishing campaigns, in first three months of 2016, shows an intensified 789% year-over-year spike in malware and phishing threats
Leesburg, (Va. USA) & London (UK) – June 04 2016- PhishMe, a global provider of phishing-defense solutions for the enterprise, today revealed that its analysis of phishing email campaigns from the first three months of 2016 has seen a 6.3 million increase in raw numbers, due primarily to a ransomware upsurge against the last quarter of 2015. That is a staggering 789% jump.
Published today, PhishMe’s Q1 2016 Malware Review identified three key trends previously recorded throughout 2015, but have come to full fruition in the last few months:
Today, our research team released our 2016 Q1 Malware Review, detailing more than 600 Active Threat Reports and the waves of phishing emails that delivered malware to victims across the globe each day last quarter. Among the sea of threats reported, the proliferation of ransomware stood out as one of the most common types of malware used through soft targeting and massively distributed attacks.
In another highly visible ransomware event, Techcrunch recently reported that Congress was warned about ransomware attacks that were impacting the House of Representatives. While ransomware is by no means new, Congress was warned that these attacks were personalized and are specifically targeting third-party email services such as Yahoo or Gmail. Additionally, Congress was warned that their machine could be encrypted by simply clicking the link within the message.
Reuse of infrastructure supporting malware distribution is a well-documented characteristic of online crime and a key way to track and classify threat actors. While it may seem simplistic for monitoring threat actor activities, the IP addresses, domains, hostnames, and URLs contacted by malware tools betray a significant amount of information about threat actor groups. For some malware attacks, it’s possible to determine the threat actor’s identity based on the infrastructure used, but, other times, the lines are blurred because some organizations harbor cyber criminals.