Domain Doppelgangers: Your Good Name as Phishing Bait?
June 15, 2021 by Cofense in PhishingDoes your company have an evil twin on the web? Threat actors may be leveraging a lookalike version of your company’s name to deliver malware through phishing that plays off your brand. Say the company name is Cofense, with the internet domain name cofense[.]com. What would happen if someone registered a copycat domain name using, for example, Confense, with the domain confense[.]com? Wouldn’t the search engine just route users to the real deal, or wouldn’t it be obvious quickly that the name was misspelled? Cofense, Confense. Big deal, right? Wrong. Here’s why. Every day, attackers are busy registering lookalike, or doppelganger, domains that mimic reputable brands to lure users through phishing emails, malware delivery and more. The domains are designed to trick users into believing they’re...
Cofense TAP Program Still Setting the Standard for Threat Intelligence Five Years After Launching the Program
June 9, 2021 by Cofense in PhishingEmail attacks are the primary mechanism impacting companies to deploy ransomware, steal credentials, or trick recipients with business email compromise (BEC) attacks. When they occur, these attacks are capable of inflicting financial and reputational damage to an organization. That’s where the Cofense Technology Alliance Program (TAP) comes in. For more than five years, Cofense has been strengthening phishing detection and response for security teams through our technology partnerships. And our list of partners keeps growing. Current Cofense TAP partners and areas of focus below include: Cofense integrations enable customers to simplify deployment, improve efficiency, reduce costs, and optimize their overall...
Linktree Abused to Send Phishing Links
June 8, 2021 by Cofense in Internet Security AwarenessPhishingManeuvering the Wave of Ransomware
June 4, 2021 by Cofense in PhishingBy Tonia Dudley For several years, Cofense Intelligence has been predicting the threat of ransomware increasing. Organizations have barely been able to catch their breath from the SolarWinds breach and agency alerts on infrastructure vulnerabilities that needed to be patched. We’ve come a long way from the days of advanced persistent threats (APT) when organizations kept attacks on the down-low; assumptions were made when suits would show up or statements were issued by major incident response firms. Remember the few years when “APT” made it to the buzzword bingo at RSA? We’ve seen some of the recent major incidents, such...
BEC. How Can I Help You?
June 3, 2021 by Cofense in Internet Security AwarenessPhishingPhishing for Credentials: New Tactics as COVID’s Grip Eases
May 27, 2021 by Cofense in Internet Security AwarenessPhishingCan genericization become a credential-theft threat? Beware of phish in plain email wrappers.
May 20, 2021 by Cofense in PhishingThere Are Phish in Your Inbox!
May 19, 2021 by Cofense in PhishingDARKSIDE Ransomware Operations Abuse Trusted Platforms Including Google Drive
May 14, 2021 by Cofense in PhishingBy Dylan Duncan DARKSIDE Ransomware Operations DARKSIDE Ransomware first emerged in August 2020 and is used as a Ransomware-as-a-Service. The ransomware has been confirmed by the FBI as responsible for the compromise of the Colonial Pipeline networks. Traditionally, the goal of ransomware is to infect an organization that can pay the ransom. This attack certainly shows the financial impact a successful ransomware infection can have in terms of operational and economic disruption. Since the malware release, DARKSIDE ransomware operators, and affiliates that use the service, have been seen targeting a variety of major organizations across most sectors. A report from FireEye sheds light...