Products
Products
Detection
Response
Intelligence
About Cofense
About Cofense
Leadership
Free Tools
Free Tools
Build Resilience
Create Transparency
Speed Response

Cofense Phishing Prevention & Email Security Blog

STAY CURRENT ON INDUSTRY TRENDS & COFENSE NEWS

Domain Doppelgangers: Your Good Name as Phishing Bait?

June 15, 2021 by Cofense in Phishing

Does your company have an evil twin on the web? Threat actors may be leveraging a lookalike version of your company’s name to deliver malware through phishing that plays off your brand. Say the company name is Cofense, with the internet domain name cofense[.]com. What would happen if someone registered a copycat domain name using, for example, Confense, with the domain confense[.]com? Wouldn’t the search engine just route users to the real deal, or wouldn’t it be obvious quickly that the name was misspelled?    Cofense, Confense. Big deal, right? Wrong. Here’s why.   Every day, attackers are busy registering lookalike, or doppelganger, domains that mimic reputable brands to lure users through phishing emails, malware delivery and more. The domains are designed to trick users into believing they’re...

READ MORE

Cofense TAP Program Still Setting the Standard for Threat Intelligence Five Years After Launching the Program

June 9, 2021 by Cofense in Phishing

Email attacks are the primary mechanism impacting companies to deploy ransomware, steal credentials, or trick recipients with business email compromise (BEC) attacks. When they occur, these attacks are capable of inflicting financial and reputational damage to an organization. That’s where the Cofense Technology Alliance Program (TAP) comes in. For more than five years, Cofense has been strengthening phishing detection and response for security teams through our technology partnerships. And our list of partners keeps growing. Current Cofense TAP partners and areas of focus below include: Cofense integrations enable customers to simplify deployment, improve efficiency, reduce costs, and optimize their overall...

READ MORE

Maneuvering the Wave of Ransomware

June 4, 2021 by Cofense in Phishing

By Tonia Dudley For several years, Cofense Intelligence has been predicting the threat of ransomware increasing. Organizations have barely been able to catch their breath from the SolarWinds breach and agency alerts on infrastructure vulnerabilities that needed to be patched. We’ve come a long way from the days of advanced persistent threats (APT) when organizations kept attacks on the down-low; assumptions were made when suits would show up or statements were issued by major incident response firms. Remember the few years when “APT” made it to the buzzword bingo at RSA? We’ve seen some of the recent major incidents, such...

READ MORE

DARKSIDE Ransomware Operations Abuse Trusted Platforms Including Google Drive

May 14, 2021 by Cofense in Phishing

By Dylan Duncan DARKSIDE Ransomware Operations DARKSIDE Ransomware first emerged in August 2020 and is used as a Ransomware-as-a-Service. The ransomware has been confirmed by the FBI as responsible for the compromise of the Colonial Pipeline networks. Traditionally, the goal of ransomware is to infect an organization that can pay the ransom. This attack certainly shows the financial impact a successful ransomware infection can have in terms of operational and economic disruption. Since the malware release, DARKSIDE ransomware operators, and affiliates that use the service, have been seen targeting a variety of major organizations across most sectors. A report from FireEye sheds light...

READ MORE

Domain Doppelgangers: Your Good Name as Phishing Bait?

June 15, 2021 by Cofense in Phishing

Does your company have an evil twin on the web? Threat actors may be leveraging a lookalike version of your company’s name to deliver malware through phishing that plays off your brand. Say the company name is Cofense, with the internet domain name cofense[.]com. What would happen if someone registered a copycat domain name using, for example, Confense, with the domain confense[.]com? Wouldn’t the search engine just route users to the real deal, or wouldn’t it be obvious quickly that the name was misspelled?    Cofense, Confense. Big deal, right? Wrong. Here’s why.   Every day, attackers are busy registering lookalike, or doppelganger, domains that mimic reputable brands to lure users through phishing emails, malware delivery and more. The domains are designed to trick users into believing they’re...

READ MORE

Cofense TAP Program Still Setting the Standard for Threat Intelligence Five Years After Launching the Program

June 9, 2021 by Cofense in Phishing

Email attacks are the primary mechanism impacting companies to deploy ransomware, steal credentials, or trick recipients with business email compromise (BEC) attacks. When they occur, these attacks are capable of inflicting financial and reputational damage to an organization. That’s where the Cofense Technology Alliance Program (TAP) comes in. For more than five years, Cofense has been strengthening phishing detection and response for security teams through our technology partnerships. And our list of partners keeps growing. Current Cofense TAP partners and areas of focus below include: Cofense integrations enable customers to simplify deployment, improve efficiency, reduce costs, and optimize their overall...

READ MORE

Maneuvering the Wave of Ransomware

June 4, 2021 by Cofense in Phishing

By Tonia Dudley For several years, Cofense Intelligence has been predicting the threat of ransomware increasing. Organizations have barely been able to catch their breath from the SolarWinds breach and agency alerts on infrastructure vulnerabilities that needed to be patched. We’ve come a long way from the days of advanced persistent threats (APT) when organizations kept attacks on the down-low; assumptions were made when suits would show up or statements were issued by major incident response firms. Remember the few years when “APT” made it to the buzzword bingo at RSA? We’ve seen some of the recent major incidents, such...

READ MORE

DARKSIDE Ransomware Operations Abuse Trusted Platforms Including Google Drive

May 14, 2021 by Cofense in Phishing

By Dylan Duncan DARKSIDE Ransomware Operations DARKSIDE Ransomware first emerged in August 2020 and is used as a Ransomware-as-a-Service. The ransomware has been confirmed by the FBI as responsible for the compromise of the Colonial Pipeline networks. Traditionally, the goal of ransomware is to infect an organization that can pay the ransom. This attack certainly shows the financial impact a successful ransomware infection can have in terms of operational and economic disruption. Since the malware release, DARKSIDE ransomware operators, and affiliates that use the service, have been seen targeting a variety of major organizations across most sectors. A report from FireEye sheds light...

READ MORE

Want to simulate a holiday phish? This one’s from your friends at Emotet.

December 23, 2019 by Cofense in PhishingCofense Solutions

By Tonia Dudley Tis the season when organizations are looking to send out the year’s last phishing simulation. Often the Security Awareness team lands on a holiday theme – holiday party, holiday raffle, or even the fun ugly sweater lure. In the past, when I worked with teams to advance their phishing defense programs, I would recommend staying away from holiday themed scenarios. I’ll explain why in a moment. But my opinion has changed, thanks to the threat actors behind Emotet.

READ MORE