Products
Products
Response
Intelligence
About Cofense
About Cofense
Leadership

Cofense Phishing Prevention & Email Security Blog

STAY CURRENT ON INDUSTRY TRENDS & COFENSE NEWS

Emotet Disrupted but Likely to Return

January 28, 2021 by Cofense in Internet Security AwarenessPhishing

By Brad Haas, Cofense Threat Intelligence  Background  Originally a banking Trojan, Emotet evolved to become more of a gateway for other malware families such as Ryuk, TrickBot, and QakBot. For the last few years, it has been among the top producers of malicious emails, using innovative and regularly updated techniques. For example, recently it harvested email reply chains from victims, and used those to create effective lures to send to the victims’ contacts. It also uses several tactics to avoid detection, such as delivery via password-protected zip file attachments and hosting itself on a large collection of legitimate but compromised websites. Emotet’s authors have shown remarkable patience and willingness to...

READ MORE

Emotet Disrupted but Likely to Return

January 28, 2021 by Cofense in Internet Security AwarenessPhishing

By Brad Haas, Cofense Threat Intelligence  Background  Originally a banking Trojan, Emotet evolved to become more of a gateway for other malware families such as Ryuk, TrickBot, and QakBot. For the last few years, it has been among the top producers of malicious emails, using innovative and regularly updated techniques. For example, recently it harvested email reply chains from victims, and used those to create effective lures to send to the victims’ contacts. It also uses several tactics to avoid detection, such as delivery via password-protected zip file attachments and hosting itself on a large collection of legitimate but compromised websites. Emotet’s authors have shown remarkable patience and willingness to...

READ MORE

Want to simulate a holiday phish? This one’s from your friends at Emotet.

December 23, 2019 by Cofense in PhishingCofense Solutions

By Tonia Dudley Tis the season when organizations are looking to send out the year’s last phishing simulation. Often the Security Awareness team lands on a holiday theme – holiday party, holiday raffle, or even the fun ugly sweater lure. In the past, when I worked with teams to advance their phishing defense programs, I would recommend staying away from holiday themed scenarios. I’ll explain why in a moment. But my opinion has changed, thanks to the threat actors behind Emotet.

READ MORE