Cofense Blog

Phish Found in Proofpoint-Protected Environments – Week ending November 20, 2020

Threat Actor Utilizes COVID-19 Uncertainty to Target Users

Phish Found in Proofpoint-Protected Environments – Week ending November 13, 2020

Document Sharing Services Represent a Vector for Phishing Campaigns

Variants of Emotet Malware

Business Email Compromise (BEC) Scam Advances Alert About Fraud

At the User’s Expense: Threat Actors Weaponize Companies’ Employee Reimbursements During the Pandemic

Coronavirus Test Results Return Data-Exfiltrating Ransomware

Phish Found in Proofpoint-Protected Environments – Week ending November 6, 2020

Phish Found in Proofpoint-Protected Environments – Week ending October 30, 2020

The Ryuk Threat: Why BazarBackdoor Matters Most

GuLoader Rises as a Top Malware Delivery Mechanism in Phishing

“You’re Invited!” to Phishing Links Inside .ics Calendar Attachments

Practice Makes Perfect

New Mass Logger Malware Could Be Massive

Zoom Phish Zooming Through Inboxes Amid Pandemic

Phishers Cast a Wider Net in the African Banking Sector

MFA Bypass Phish Caught: OAuth2 Grants Access to User Data Without a Password

A Not So Relieving Tax Relief Email: Threat Actors Take Aim at US Stimulus Efforts

Phishers Continue to Spoof WebEx

Phish Found in Proofpoint-Protected Environments – Week ending November 20, 2020

Threat Actor Utilizes COVID-19 Uncertainty to Target Users

Phish Found in Proofpoint-Protected Environments – Week ending November 13, 2020

Document Sharing Services Represent a Vector for Phishing Campaigns

Variants of Emotet Malware

Business Email Compromise (BEC) Scam Advances Alert About Fraud

At the User’s Expense: Threat Actors Weaponize Companies’ Employee Reimbursements During the Pandemic

Coronavirus Test Results Return Data-Exfiltrating Ransomware

Phish Found in Proofpoint-Protected Environments – Week ending November 6, 2020

Phish Found in Proofpoint-Protected Environments – Week ending October 30, 2020

“You’re Invited!” to Phishing Links Inside .ics Calendar Attachments

Practice Makes Perfect

Zoom Phish Zooming Through Inboxes Amid Pandemic

Phishers Cast a Wider Net in the African Banking Sector

MFA Bypass Phish Caught: OAuth2 Grants Access to User Data Without a Password

A Not So Relieving Tax Relief Email: Threat Actors Take Aim at US Stimulus Efforts

Phishers Continue to Spoof WebEx

Want to simulate a holiday phish? This one’s from your friends at Emotet.

By Tonia Dudley Tis the season when organizations are looking to send out the year’s last phishing simulation. Often the Security Awareness team lands on a holiday theme – holiday party, holiday raffle, or even the fun ugly sweater lure. In the past, when I worked with teams to advance their phishing defense programs, I would recommend staying away from holiday themed scenarios. I’ll explain why in a moment. But my opinion has changed, thanks to the threat actors behind Emotet.

Trickbot Is Using Google Docs to Trick Proofpoint’s Gateway

Remote Access Trojan Uses Sendgrid to Slip through Proofpoint

The CofenseTM Phishing Defense CenterTM observed a malware campaign masquerading as an email complaint from the Better Business Bureau to deliver the notorious Orcus RAT, part of the free DNS domain ChickenKiller which we blogged about in 2015. Here’s how it works: