A Warning on Christmas Delivery Scams
November 23, 2016 by Cofense in Internet Security AwarenessThreat IntelligenceThe time of year has once again arrived when post offices are busier than the freeway on a Friday evening. We buy gifts, online and in stores, and we send and expect packages to and from the far corners of the country, continent, and even the world. Yet behind this frenzy of merriment skulk a series of dangers. Although Christmas is still more than a month away, scammers of this kind have already been active in various areas across the US. For a number of years, security experts have grown to expect a hike in the number of internet scams being...
Beware: Encryption Ransomware Varieties Pack an Extra Malware Punch
November 11, 2016 by Cofense in Threat IntelligenceAs the public becomes more and more aware of ransomware threats through journalistic outlets and the advice of security professionals, threat actors face more challenges in successfully monetizing the deployment of their tools. The longevity of ransomware as a viable criminal enterprise relies upon the continued innovation that ensures threat actors can deliver and monetize infected machines. Much of the innovation seen in 2016 was focused on defying the expectations for how ransomware is delivered such as steganographic embedding of ransomware binaries, other forms of file obfuscation, and requirements for command line argumentation. These were all put forward as ways...
Unscrupulous Locky Threat Actors Impersonate US Office of Personnel Management to Deliver Ransomware
November 8, 2016 by Cofense in Threat IntelligenceUpdate 2016-11-11: It is important to PhishMe to avoid hyperbolic conclusions whenever possible. In the interest of clarifying some conclusions that have been drawn from this blog post, it is important to keep in mind the nature of Locky distribution and how this malware is delivered to victims. We consider it a serious responsibility to report on very real threats in a way that lends itself to our credibility as well that the credibility of all information security professionals. PhishMe has no reason to believe that this set of emails was delivered only to victims of the OPM incident nor...
Viotto Keylogger: Freemium Keylogger for the Skids
October 20, 2016 by Cofense in PhishingThe PhishMe Advantage – ROI
October 17, 2016 by Cofense in PhishingReturn on Investment Measuring the return on investment (ROI) from your PhishMe solution is simple and easy. The most obvious and significant impact is the dramatic reduction you will see in the overall risk of a phishing attack both getting past your perimeter protection and your skilled users but there are other ways to measure your investment: Monetary ROI Customers can realize monetary ROI from PhishMe by reducing their overall risk to phishing and other security threats. Adversaries have successfully employed phishing tactics to steal intellectual property, personally identifiable information, and other sensitive information that can harm an organization’s competitive advantage...
The (BEC) Song Remains the Same
October 4, 2016 by Cofense in PhishingI had a dream, a crazy dream, that we stopped responding to ridiculous email messages demanding that a wire be sent immediately. Also in that dream, all the bad guys were caught and had to pay restitution and go to jail. While that second part may never happen, there has been definite progress toward the dream goal and there are definite steps to take to ensure that you – and others in your company – do not fall victim to a BEC email. Coordinated by the National Cyber-Forensics & Training Alliance (NCFTA), contact information and incident details are being swapped quickly...
Behavioral Conditioning, Not Awareness, Is the Answer to Phishing
September 20, 2016 by Cofense in Internet Security AwarenessPhishingBY AARON HIGBEE AND SCOTT GREAUX You don’t stop phishing attacks by raising user awareness. A recent study conducted by a German university confirms what we at PhishMe have known all along: Focusing on awareness isn’t the point. The real solution is behavioral conditioning. The study, conducted by Friedrich-Alexander University (FAU) of Erlangen-Nuremberg, Germany, used 1,700 students to simulate spear phishing attacks. An August 31 Ars Technica article published preliminary results of the study showing at least 50% of students clicked simulated phishes, even though they understood the risks. With its headline, “So Much for Counter-phishing Training: Half of People...
Macro Based Anti-Analysis
August 19, 2016 by Cofense in Malware AnalysisThreat IntelligenceOver the past several months PhishMe research has noticed an increase with Anti-Analysis techniques being included within Office macro and script files. This is the first post in a series where we look at the inclusion and effectiveness of these methods. Although the use of Anti-Analysis techniques is not new, they are generally observed within the packed payload in an effort to avoid detection by endpoint security solutions. Most recently we came across a campaign of emails which included a malicious Microsoft Word document. The document contains a standard lure using an image instructing the user to enable active content...
Cyber Crime: The Unreported Offense
July 28, 2016 by Cofense in Internet Security AwarenessPhishingOn July 22, 2016 the UK’s Office for National Statistics released crime details for the year ending March 2016. For the first time, this data included information about fraud and computer misuse offenses, which was compiled in the National Crime Survey for the first time in October 2015. While the police recorded 4.5 million offenses from March 2015 to March 2016, the survey indicates there were likely 3.8 million fraud instances and 2 million computer misuse instances during that same year, with the vast majority of these crimes being unreported to law enforcement. The report has caused for a new call for additional...