Phishers Continue to Spoof WebEx
May 7, 2020 by Cofense in SEG MissesCisco IronPortMicrosoft 365 EOPPhishingPhishing Defense CenterAvailable Today: The Cofense Intelligence Q1 2020 Phishing Review
April 21, 2020 by Cofense in PhishingThreat IntelligenceCoronavirus-Themed Phish Continue to Surge
April 8, 2020 by Cofense in PhishingThreat IntelligenceCoronavirus Redefines the Phishing Threat Landscape
April 6, 2020 by Cofense in PhishingCOVID-19Threat IntelligenceEmotet Gears Up to File (Your) Taxes
February 4, 2020 by Cofense in PhishingThreat IntelligencePhishing Takeaways from the Conti Ransomware Leaks – Part 1
April 25, 2022 by Cofense in Internet Security AwarenessPhishingCofense Named to JMP Securities Elite 80 List of Hottest Cybersecurity Companies
April 19, 2022 by Cofense in Internet Security AwarenessPhishingThree Highlights from the Cofense 2022 Annual State of Phishing Report
April 12, 2022 by Cofense in Internet Security AwarenessPhishingCOVID-19 Phish Targeting Companies
April 12, 2022 by Cofense in Internet Security AwarenessPhishingRAT Campaign Looks to take Advantage of the Tax Season
April 1, 2022 by Cofense in Internet Security AwarenessPhishingThe Importance of Intelligence in Stopping Phishing Attacks
March 23, 2022 by Cofense in Internet Security AwarenessPhishingEmotet Spoofs IRS in Tax Season-Themed Phishing Email Campaign
March 16, 2022 by Cofense in Internet Security AwarenessPhishingRemote Access Trojan Uses Sendgrid to Slip through Proofpoint
August 14, 2019 by Cofense in Phishing Defense CenterProofpointSEG MissesThe CofenseTM Phishing Defense CenterTM observed a malware campaign masquerading as an email complaint from the Better Business Bureau to deliver the notorious Orcus RAT, part of the free DNS domain ChickenKiller which we blogged about in 2015. Here’s how it works:
This Phishing Attacker Takes American Express—and Victims’ Credentials
July 16, 2019 by Cofense in Phishing Defense CenterInternet Security AwarenessMicrosoft 365 ATPRecently, the CofenseTM Phishing Defense CenterTM observed a phishing attack against American Express customers, both merchant and corporate card holders. Seeking to harvest account credentials, the phishing emails use a relatively new exploit to bypass conventional email gateway URL filtering services.
UK Banking Phish Targets 2-Factor Information
July 10, 2019 by Cofense in Phishing Defense CenterMicrosoft 365 EOPSEG MissesUnder the Radar – Phishing Using QR Codes to Evade URL Analysis
June 28, 2019 by Cofense in PhishingPhishing Defense CenterSEG MissesSymantecPhishing Attacks on High Street Target Major Retailer
June 21, 2019 by Cofense in PhishingPhishing Defense CenterSEG MissesSymantecHoudini Worm Transformed in New Phishing Attack
June 14, 2019 by Cofense in Threat IntelligencePhishing Defense CenterSEG MissesSymantecBy Nick Guarino and Aaron Riley The Cofense Phishing Defense Center™ (PDC) and Cofense Intelligence™ have identified a new variant of Houdini Worm targeting commercial banking customers with campaigns containing either URLs, .zip, or .mht files. This new variant is named WSH Remote Access Tool (RAT) by the malware’s author and was released on June 2, 2019. Within five days, WSH RAT was observed being actively distributed via phishing. Figure 1 shows an example message from this campaign.
This ‘Voice Mail’ Is a Phish—and an Email Gateway Fail
June 11, 2019 by Cofense in Phishing Defense CenterProofpointSEG MissesThe Zombie Phish Is Back with a Vengeance
June 4, 2019 by Cofense in Phishing Defense CenterSEG MissesSymantecKeep a close on your inboxes—the Zombie Phish is back and it’s hitting hard. Last October, on the eve of Halloween, the CofenseTM Phishing Defense CenterTM reported on a new phishing threat dubbed the Zombie Phish. This phish spreads much like a traditional worm. Once a mailbox’s credentials have been compromised, the bot will reply to long-dead emails (hence, Zombie) in the inbox of the infected account, sending a generic phishing email intended to harvest more victims for the Zombie hoard.