Cofense Phishing Prevention & Email Security Blog

Phish Found in Proofpoint-Protected Environments Week ending January 22, 2021

Zoom Phish Sent Via Constant Contact Mailer

Coronavirus Screening and Testing Phishing Emails, and a Sense of Urgency Among Employees

Secure Mailer Phish: A New Method of Swiping Users’ Credentials?

Phish Found in Proofpoint-Protected Environments Week ending January 15, 2021

Phishing Emails: All I Wanted Was for 2020 to End

By Dylan Duncan 2020 was far from ordinary.   And at the end, we learned one thing for sure: threat actors’ abilities to quickly adjust their methods to world events are pretty uncanny. Like the rest of us, they must be news junkies, too.   Every year, we see threat actors improve their methods and adapt to world events, bringing new trends to the phishing threat landscape. Last year, the COVID-19 pandemic in particular brought an unprecedented amount of disruption and financial hardship, directly leading to an increase in both volume and variety of threat activity. Threat actors continued to advance their tactics, techniques and procedures to ensure their emails would reach...

Emotet is Back for the Holidays with Updated Tactics

By Brad Haas After a lull of nearly two months, the Emotet botnet has returned with updated payloads. The changes are likely meant to help Emotet avoid detection both by victims and network defenders. Apart from these updates, the campaigns’ targeting, tactics and secondary payloads remain consistent with previous active periods. Cofense Intelligence™ released a flash alert on the newest Emotet activity to customers with details about its new features.  Emotet Background and 2020 Activity  The Emotet botnet is one of the most prolific senders of malicious emails when it is active, but it regularly goes dormant for weeks or months at a time. This year, one such hiatus lasted from February through...

Phish Found in Proofpoint-Protected Environments Week ending January 8, 2021

Phish Found in Proofpoint-Protected Environments – Week ending December 18, 2020

The Ryuk Threat: Why BazarBackdoor Matters Most

GuLoader Rises as a Top Malware Delivery Mechanism in Phishing

“You’re Invited!” to Phishing Links Inside .ics Calendar Attachments

Practice Makes Perfect

New Mass Logger Malware Could Be Massive

Zoom Phish Zooming Through Inboxes Amid Pandemic

Phishers Cast a Wider Net in the African Banking Sector

MFA Bypass Phish Caught: OAuth2 Grants Access to User Data Without a Password

A Not So Relieving Tax Relief Email: Threat Actors Take Aim at US Stimulus Efforts

Phish Found in Proofpoint-Protected Environments Week ending January 22, 2021

Zoom Phish Sent Via Constant Contact Mailer

Coronavirus Screening and Testing Phishing Emails, and a Sense of Urgency Among Employees

Secure Mailer Phish: A New Method of Swiping Users’ Credentials?

Phish Found in Proofpoint-Protected Environments Week ending January 15, 2021

Phishing Emails: All I Wanted Was for 2020 to End

By Dylan Duncan 2020 was far from ordinary.   And at the end, we learned one thing for sure: threat actors’ abilities to quickly adjust their methods to world events are pretty uncanny. Like the rest of us, they must be news junkies, too.   Every year, we see threat actors improve their methods and adapt to world events, bringing new trends to the phishing threat landscape. Last year, the COVID-19 pandemic in particular brought an unprecedented amount of disruption and financial hardship, directly leading to an increase in both volume and variety of threat activity. Threat actors continued to advance their tactics, techniques and procedures to ensure their emails would reach...

Emotet is Back for the Holidays with Updated Tactics

By Brad Haas After a lull of nearly two months, the Emotet botnet has returned with updated payloads. The changes are likely meant to help Emotet avoid detection both by victims and network defenders. Apart from these updates, the campaigns’ targeting, tactics and secondary payloads remain consistent with previous active periods. Cofense Intelligence™ released a flash alert on the newest Emotet activity to customers with details about its new features.  Emotet Background and 2020 Activity  The Emotet botnet is one of the most prolific senders of malicious emails when it is active, but it regularly goes dormant for weeks or months at a time. This year, one such hiatus lasted from February through...

Phish Found in Proofpoint-Protected Environments Week ending January 8, 2021

Phish Found in Proofpoint-Protected Environments – Week ending December 18, 2020

“You’re Invited!” to Phishing Links Inside .ics Calendar Attachments

Practice Makes Perfect

Zoom Phish Zooming Through Inboxes Amid Pandemic

Phishers Cast a Wider Net in the African Banking Sector

MFA Bypass Phish Caught: OAuth2 Grants Access to User Data Without a Password

A Not So Relieving Tax Relief Email: Threat Actors Take Aim at US Stimulus Efforts

Phishers Continue to Spoof WebEx

Want to simulate a holiday phish? This one’s from your friends at Emotet.

By Tonia Dudley Tis the season when organizations are looking to send out the year’s last phishing simulation. Often the Security Awareness team lands on a holiday theme – holiday party, holiday raffle, or even the fun ugly sweater lure. In the past, when I worked with teams to advance their phishing defense programs, I would recommend staying away from holiday themed scenarios. I’ll explain why in a moment. But my opinion has changed, thanks to the threat actors behind Emotet.

Trickbot Is Using Google Docs to Trick Proofpoint’s Gateway