Phishers Continue to Spoof WebEx
May 7, 2020 by Cofense in SEG MissesCisco IronPortMicrosoft 365 EOPPhishingPhishing Defense CenterAvailable Today: The Cofense Intelligence Q1 2020 Phishing Review
April 21, 2020 by Cofense in PhishingThreat IntelligenceCoronavirus-Themed Phish Continue to Surge
April 8, 2020 by Cofense in PhishingThreat IntelligenceCoronavirus Redefines the Phishing Threat Landscape
April 6, 2020 by Cofense in PhishingCOVID-19Threat IntelligenceEmail Quarantine Stops Microsoft Phish after bypassing SEGs
July 12, 2022 by Cofense in Internet Security AwarenessPhishingPhishing The Phishers: This is How the Number One Cybercrime Works
July 7, 2022 by Cofense in BECInternet Security AwarenessPhishingRansomware: Proactive Phishing Detection to Mitigate Risk
June 28, 2022 by Cofense in Internet Security AwarenessPhishingHuman, Artificial, and Email Attack Intelligence: Why You Need All Three
June 22, 2022 by Cofense in Internet Security AwarenessPhishingHow Aligning Security Awareness and Security Operations can Reduce Dwell Time
June 22, 2022 by Cofense in Internet Security AwarenessPhishingMonkeypox Phishing: Outbreak Becomes Latest Lure
June 14, 2022 by Cofense in Internet Security AwarenessPhishingBEC Insights: The Need for Better Business Controls
June 7, 2022 by Cofense in BECInternet Security AwarenessPhishingRemote Access Trojan Uses Sendgrid to Slip through Proofpoint
August 14, 2019 by Cofense in Phishing Defense CenterProofpointSEG MissesThe CofenseTM Phishing Defense CenterTM observed a malware campaign masquerading as an email complaint from the Better Business Bureau to deliver the notorious Orcus RAT, part of the free DNS domain ChickenKiller which we blogged about in 2015. Here’s how it works:
This Phishing Attacker Takes American Express—and Victims’ Credentials
July 16, 2019 by Cofense in Phishing Defense CenterInternet Security AwarenessMicrosoft 365 ATPRecently, the CofenseTM Phishing Defense CenterTM observed a phishing attack against American Express customers, both merchant and corporate card holders. Seeking to harvest account credentials, the phishing emails use a relatively new exploit to bypass conventional email gateway URL filtering services.
UK Banking Phish Targets 2-Factor Information
July 10, 2019 by Cofense in Phishing Defense CenterMicrosoft 365 EOPSEG MissesUnder the Radar – Phishing Using QR Codes to Evade URL Analysis
June 28, 2019 by Cofense in PhishingPhishing Defense CenterSEG MissesSymantecPhishing Attacks on High Street Target Major Retailer
June 21, 2019 by Cofense in PhishingPhishing Defense CenterSEG MissesSymantecHoudini Worm Transformed in New Phishing Attack
June 14, 2019 by Cofense in Threat IntelligencePhishing Defense CenterSEG MissesSymantecBy Nick Guarino and Aaron Riley The Cofense Phishing Defense Center™ (PDC) and Cofense Intelligence™ have identified a new variant of Houdini Worm targeting commercial banking customers with campaigns containing either URLs, .zip, or .mht files. This new variant is named WSH Remote Access Tool (RAT) by the malware’s author and was released on June 2, 2019. Within five days, WSH RAT was observed being actively distributed via phishing. Figure 1 shows an example message from this campaign.
This ‘Voice Mail’ Is a Phish—and an Email Gateway Fail
June 11, 2019 by Cofense in Phishing Defense CenterProofpointSEG MissesThe Zombie Phish Is Back with a Vengeance
June 4, 2019 by Cofense in Phishing Defense CenterSEG MissesSymantecKeep a close on your inboxes—the Zombie Phish is back and it’s hitting hard. Last October, on the eve of Halloween, the CofenseTM Phishing Defense CenterTM reported on a new phishing threat dubbed the Zombie Phish. This phish spreads much like a traditional worm. Once a mailbox’s credentials have been compromised, the bot will reply to long-dead emails (hence, Zombie) in the inbox of the infected account, sending a generic phishing email intended to harvest more victims for the Zombie hoard.