Last week, the FBI announced it had busted a business email compromise (BEC) racket that raked in millions of dollars in fraudulent wire transfers secured through email-based cyberattacks. The Bureau, along with federal and overseas partners, arrested 74 people, seized over $2M, and disrupted and recovered another $14M in phony wire payments.
Calling it “one of the most advanced defenses against phishing,” CSO has included Cofense TriageTM in its Best Security Software for 2018. Our incident response and phishing defense platform helps to stop attacks in progress and minimize the risk of breach—in minutes, compared to the average detection time of 100+ days.
Posted by: Dilen Thakuri, Cofense Phishing Defense Center
On the 19th of April, the Cofense Phishing Defense Center received an email crafted to appear to be from “Sberbank Russia.” In fact, it was a phishing email containing the Troldesh malware, a variant of Russian Ransomware first seen in mid-2015. The PDC hadn’t seen this variant for quite some time.
As we have continued to improve anti-phishing capabilities for clients over the past few years, we have seen a myriad of changes in phishing email composition, style, and approach. Throughout all those changes however, one thing has remained the same.
By Jerome Doaty, Zakari Grater, and Brenda Gooshaw Samson
Technology is an important part of any phishing defense, especially perimeter tech designed to filter emails. But these systems, even those billed as “next-gen email security platforms,” don’t catch everything. Some phishes always get through.
Most security teams today are pretty much in the same boat: limited budget, limited man power, and limited time to defend their network against escalating threats and attacks. Perhaps that’s why so many information security vendors claim to have the “silver bullet” to protect the customer’s environment and solve their problems.
Imagine a cunning phisher: he knows his craft and sends your users an email appearing to come from your CEO that bypasses all your other technology. What would you do?
One of our customers faced that very scenario and relied on Cofense TriageTM and the Cofense Phishing Defense Center (PDC) to analyze and respond to the attack in less than 20 minutes after it launched.
On March 22nd, Cofense came across a rather unique malware sample that had a very low detection rate. At the time of analysis, the file was only detected by 5/61 AV engines. The detection rate did not reach 30% until at least a week later, as per VirusTotal: 38015eb1699b7596e8c95fed7f0bc32d1492b371bd4d7953019f69dcf40ff1fd.