Phishers Continue to Spoof WebEx
May 7, 2020 by Cofense in SEG MissesCisco IronPortMicrosoft 365 EOPPhishingPhishing Defense CenterAvailable Today: The Cofense Intelligence Q1 2020 Phishing Review
April 21, 2020 by Cofense in PhishingThreat IntelligenceCoronavirus-Themed Phish Continue to Surge
April 8, 2020 by Cofense in PhishingThreat IntelligenceCoronavirus Redefines the Phishing Threat Landscape
April 6, 2020 by Cofense in PhishingCOVID-19Threat IntelligenceEmotet Gears Up to File (Your) Taxes
February 4, 2020 by Cofense in PhishingThreat IntelligenceAutoHotKey Leveraged by Metamorfo/Mekotio Banking Trojan
March 11, 2021 by Cofense in PhishingCelebrating 5 Years of Zero Breaches with Managed Phishing Detection and Response
March 10, 2021 by Cofense in PhishingMeeting with A Phish: Zoom-Themed Phish in Use
March 9, 2021 by Cofense in PhishingIRS Phishing Email – Up and Coming Phishing Campaign Is Taxing to Users
March 2, 2021 by Cofense in PhishingTelegram Utilized for Harvesting Credentials
February 22, 2021 by Cofense in PhishingCofense PhishMe: Our FedRAMP Journey
February 18, 2021 by Cofense in PhishingPhish Found in SEG-Protected Environments Week ending February 19, 2021
February 19, 2021 by Cofense in PhishingProofpointSEG MissesPhish Found in SEG-Protected Environments Week ending February 12, 2021
February 12, 2021 by Cofense in PhishingProofpointSEG MissesPhish Found in Proofpoint-Protected Environments Week ending February 5, 2021
February 5, 2021 by Cofense in PhishingProofpointSEG MissesRemote Access Trojan Uses Sendgrid to Slip through Proofpoint
August 14, 2019 by Marcel Feller in Phishing Defense CenterProofpointSEG MissesThe CofenseTM Phishing Defense CenterTM observed a malware campaign masquerading as an email complaint from the Better Business Bureau to deliver the notorious Orcus RAT, part of the free DNS domain ChickenKiller which we blogged about in 2015. Here’s how it works:
This Phishing Attacker Takes American Express—and Victims’ Credentials
July 16, 2019 by Milo Salvia in Phishing Defense CenterInternet Security AwarenessMicrosoft 365 ATPRecently, the CofenseTM Phishing Defense CenterTM observed a phishing attack against American Express customers, both merchant and corporate card holders. Seeking to harvest account credentials, the phishing emails use a relatively new exploit to bypass conventional email gateway URL filtering services.
UK Banking Phish Targets 2-Factor Information
July 10, 2019 by Milo Salvia in Phishing Defense CenterMicrosoft 365 EOPSEG MissesUnder the Radar – Phishing Using QR Codes to Evade URL Analysis
June 28, 2019 by Nick Guarino in PhishingPhishing Defense CenterSEG MissesSymantecPhishing Attacks on High Street Target Major Retailer
June 21, 2019 by Cofense in PhishingPhishing Defense CenterSEG MissesSymantecHoudini Worm Transformed in New Phishing Attack
June 14, 2019 by Cofense in Threat IntelligencePhishing Defense CenterSEG MissesSymantecBy Nick Guarino and Aaron Riley The Cofense Phishing Defense Center™ (PDC) and Cofense Intelligence™ have identified a new variant of Houdini Worm targeting commercial banking customers with campaigns containing either URLs, .zip, or .mht files. This new variant is named WSH Remote Access Tool (RAT) by the malware’s author and was released on June 2, 2019. Within five days, WSH RAT was observed being actively distributed via phishing. Figure 1 shows an example message from this campaign.
This ‘Voice Mail’ Is a Phish—and an Email Gateway Fail
June 11, 2019 by Cofense in Phishing Defense CenterProofpointSEG MissesThe Zombie Phish Is Back with a Vengeance
June 4, 2019 by Milo Salvia in Phishing Defense CenterSEG MissesSymantecKeep a close on your inboxes—the Zombie Phish is back and it’s hitting hard. Last October, on the eve of Halloween, the CofenseTM Phishing Defense CenterTM reported on a new phishing threat dubbed the Zombie Phish. This phish spreads much like a traditional worm. Once a mailbox’s credentials have been compromised, the bot will reply to long-dead emails (hence, Zombie) in the inbox of the infected account, sending a generic phishing email intended to harvest more victims for the Zombie hoard.