Phishers Continue to Spoof WebEx
May 7, 2020 by Cofense in SEG MissesCisco IronPortMicrosoft 365 EOPPhishingPhishing Defense CenterAvailable Today: The Cofense Intelligence Q1 2020 Phishing Review
April 21, 2020 by Cofense in PhishingThreat IntelligenceCoronavirus-Themed Phish Continue to Surge
April 8, 2020 by Cofense in PhishingThreat IntelligenceCoronavirus Redefines the Phishing Threat Landscape
April 6, 2020 by Cofense in PhishingCOVID-19Threat IntelligenceEmotet Gears Up to File (Your) Taxes
February 4, 2020 by Cofense in PhishingThreat IntelligencePhishing as a Ransomware Precursor
September 21, 2021 by Cofense in Internet Security AwarenessPhishingIT Support Lures Users into Mimecast Phish
September 16, 2021 by Cofense in Internet Security AwarenessPhishingMobile Messaging Service Abused for Phishing
August 26, 2021 by Cofense in Internet Security AwarenessPhishingFalse Payment Promises Lead To Microsoft Credential Phish
August 19, 2021 by Cofense in Internet Security AwarenessPhishingPhishing Your Calendar for A Court Date
August 16, 2021 by Cofense in Internet Security AwarenessPhishingCofense Triage AND (not OR) Cortex XSOAR – Next Level Phishing Analysis and Response
August 12, 2021 by Cofense in Internet Security AwarenessPhishingScammers Impersonate the Australian Taxation Office for Tax Season
August 11, 2021 by Cofense in Internet Security AwarenessPhishingRemote Access Trojan Uses Sendgrid to Slip through Proofpoint
August 14, 2019 by Marcel Feller in Phishing Defense CenterProofpointSEG MissesThe CofenseTM Phishing Defense CenterTM observed a malware campaign masquerading as an email complaint from the Better Business Bureau to deliver the notorious Orcus RAT, part of the free DNS domain ChickenKiller which we blogged about in 2015. Here’s how it works:
This Phishing Attacker Takes American Express—and Victims’ Credentials
July 16, 2019 by Milo Salvia in Phishing Defense CenterInternet Security AwarenessMicrosoft 365 ATPRecently, the CofenseTM Phishing Defense CenterTM observed a phishing attack against American Express customers, both merchant and corporate card holders. Seeking to harvest account credentials, the phishing emails use a relatively new exploit to bypass conventional email gateway URL filtering services.
UK Banking Phish Targets 2-Factor Information
July 10, 2019 by Milo Salvia in Phishing Defense CenterMicrosoft 365 EOPSEG MissesUnder the Radar – Phishing Using QR Codes to Evade URL Analysis
June 28, 2019 by Nick Guarino in PhishingPhishing Defense CenterSEG MissesSymantecPhishing Attacks on High Street Target Major Retailer
June 21, 2019 by Cofense in PhishingPhishing Defense CenterSEG MissesSymantecHoudini Worm Transformed in New Phishing Attack
June 14, 2019 by Cofense in Threat IntelligencePhishing Defense CenterSEG MissesSymantecBy Nick Guarino and Aaron Riley The Cofense Phishing Defense Center™ (PDC) and Cofense Intelligence™ have identified a new variant of Houdini Worm targeting commercial banking customers with campaigns containing either URLs, .zip, or .mht files. This new variant is named WSH Remote Access Tool (RAT) by the malware’s author and was released on June 2, 2019. Within five days, WSH RAT was observed being actively distributed via phishing. Figure 1 shows an example message from this campaign.
This ‘Voice Mail’ Is a Phish—and an Email Gateway Fail
June 11, 2019 by Cofense in Phishing Defense CenterProofpointSEG MissesThe Zombie Phish Is Back with a Vengeance
June 4, 2019 by Milo Salvia in Phishing Defense CenterSEG MissesSymantecKeep a close on your inboxes—the Zombie Phish is back and it’s hitting hard. Last October, on the eve of Halloween, the CofenseTM Phishing Defense CenterTM reported on a new phishing threat dubbed the Zombie Phish. This phish spreads much like a traditional worm. Once a mailbox’s credentials have been compromised, the bot will reply to long-dead emails (hence, Zombie) in the inbox of the infected account, sending a generic phishing email intended to harvest more victims for the Zombie hoard.