PhishMe Launches New ‘Active Threats’ Phishing Simulations To Help Combat Ransomware

Global leader in enterprise phishing defense and intelligence unveils highly anticipated update to help organizations resist Ransomware, Business Email Compromise (BEC) and other timely threats 

LEESBURG, VA – London, UK – June 8 2016 – PhishMe Inc., the leading provider of human phishing defense solutions, announced today the integration of critical content into PhishMe Simulator™ to help prepare employees for trending phishing attacks and damaging payloads. The Active Threats update allows operators to quickly utilize phishing templates based on current real-world attacks that are targeting organizations, such as Business Email Compromise (BEC) and Ransomware. Simulating these types of attacks ensures users are aware of the new techniques used by phishers and empowers operators with a resource to combat new threats early on.

Q1 2016 Sees 93% of Phishing Emails Contain Ransomware

PhishMe’s Analysis of phishing campaigns, in first three months of 2016, shows an intensified 789% year-over-year spike in malware and phishing threats

Leesburg, (Va. USA) & London (UK) – June 04 2016-  PhishMe, a global provider of phishing-defense solutions for the enterprise, today revealed that its analysis of phishing email campaigns from the first three months of 2016 has seen a 6.3 million increase in raw numbers, due primarily to a ransomware upsurge against the last quarter of 2015. That is a staggering 789% jump.

Published today, PhishMe’s Q1 2016 Malware Review identified three key trends previously recorded throughout 2015, but have come to full fruition in the last few months:

2016 Q1 Malware Review – Available Now

Today, our research team released our 2016 Q1 Malware Review, detailing more than 600 Active Threat Reports and the waves of phishing emails that delivered malware to victims across the globe each day last quarter. Among the sea of threats reported, the proliferation of ransomware stood out as one of the most common types of malware used through soft targeting and massively distributed attacks.

New Tactic Bypasses Existing Security Controls – Most Recent PayPal Phish Reveals Stealthy HTML Attachment

Incident response is always a cat and mouse game.  Organizations spend heavily on people and technology to help protect their enterprise, while threat actors continue to find new and unique ways to bypass those controls.  We’ve seen this trend continue over time, whether it be with the shift to MHTML files by Locky or the delivery of malicious PowerPoint show files.  The PhishMe intelligence team has noticed another change, this one by the actors who are phishing for login credentials, and their tactics reveal that they are actively working to bypass security controls.

Ransomware targeting US Congress specifically? Probably not.

In another highly visible ransomware event, Techcrunch recently reported that Congress was warned about ransomware attacks that were impacting the House of Representatives. While ransomware is by no means new, Congress was warned that these attacks were personalized and are specifically targeting third-party email services such as Yahoo or Gmail. Additionally, Congress was warned that their machine could be encrypted by simply clicking the link within the message.

Bolek: Leaked Carberp KBot Source Code Complicit in New Phishing Campaigns

Reuse of infrastructure supporting malware distribution is a well-documented characteristic of online crime and a key way to track and classify threat actors. While it may seem simplistic for monitoring threat actor activities, the IP addresses, domains, hostnames, and URLs contacted by malware tools betray a significant amount of information about threat actor groups. For some malware attacks, it’s possible to determine the threat actor’s identity based on the infrastructure used, but, other times, the lines are blurred because some organizations harbor cyber criminals.