Cofense Blog

Phish Found in Proofpoint-Protected Environments – Week Ending August 2, 2020

Twitter Announces Hackers Gained Access via Phishing Attack

GuLoader Rises as a Top Malware Delivery Mechanism in Phishing

Adding a Human Layer of Defense to Email Security

Threat Actors Bypass Gateways with Google Ad Redirects

Phish Found in Proofpoint-Protected Environments – Week Ending July 26, 2020

Phish Found in Proofpoint-Protected Environments – Week Ending July 19, 2020

FedRAMP Authorization: Why ‘Moderate’ Matters

Invoice Themed Phishing Emails Are Spreading from Trusted Links

Phish Found in Proofpoint-Protected Environments – Week Ending July 12, 2020

GuLoader Rises as a Top Malware Delivery Mechanism in Phishing

“You’re Invited!” to Phishing Links Inside .ics Calendar Attachments

Practice Makes Perfect

New Mass Logger Malware Could Be Massive

Zoom Phish Zooming Through Inboxes Amid Pandemic

Phishers Cast a Wider Net in the African Banking Sector

MFA Bypass Phish Caught: OAuth2 Grants Access to User Data Without a Password

A Not So Relieving Tax Relief Email: Threat Actors Take Aim at US Stimulus Efforts

Phishers Continue to Spoof WebEx

Available Today: The Cofense Intelligence Q1 2020 Phishing Review

Phish Found in Proofpoint-Protected Environments – Week Ending August 2, 2020

Twitter Announces Hackers Gained Access via Phishing Attack

GuLoader Rises as a Top Malware Delivery Mechanism in Phishing

Adding a Human Layer of Defense to Email Security

Threat Actors Bypass Gateways with Google Ad Redirects

Phish Found in Proofpoint-Protected Environments – Week Ending July 26, 2020

Phish Found in Proofpoint-Protected Environments – Week Ending July 19, 2020

FedRAMP Authorization: Why ‘Moderate’ Matters

Invoice Themed Phishing Emails Are Spreading from Trusted Links

Phish Found in Proofpoint-Protected Environments – Week Ending July 12, 2020

“You’re Invited!” to Phishing Links Inside .ics Calendar Attachments

Practice Makes Perfect

Zoom Phish Zooming Through Inboxes Amid Pandemic

Phishers Cast a Wider Net in the African Banking Sector

MFA Bypass Phish Caught: OAuth2 Grants Access to User Data Without a Password

A Not So Relieving Tax Relief Email: Threat Actors Take Aim at US Stimulus Efforts

Phishers Continue to Spoof WebEx

Want to simulate a holiday phish? This one’s from your friends at Emotet.

By Tonia Dudley Tis the season when organizations are looking to send out the year’s last phishing simulation. Often the Security Awareness team lands on a holiday theme – holiday party, holiday raffle, or even the fun ugly sweater lure. In the past, when I worked with teams to advance their phishing defense programs, I would recommend staying away from holiday themed scenarios. I’ll explain why in a moment. But my opinion has changed, thanks to the threat actors behind Emotet.

Trickbot Is Using Google Docs to Trick Proofpoint’s Gateway

Remote Access Trojan Uses Sendgrid to Slip through Proofpoint

The CofenseTM Phishing Defense CenterTM observed a malware campaign masquerading as an email complaint from the Better Business Bureau to deliver the notorious Orcus RAT, part of the free DNS domain ChickenKiller which we blogged about in 2015. Here’s how it works: