University W2 Phishing and CEO Impersonation

At PhishMe we talk frequently about a familiar concept that cyber attacks and phishing emails are very rarely sent to only one organization. While  security teams tend to focus on threats to your organization, PhishMe Intelligence is watching for email-based threats for EVERY organization. As we were gathering information about tax-related phishing scams this year, we noticed that institutes of higher learning were being hit quite broadly by this year’s W2 related scams.

RockLoader – New Upatre-like Downloader Pushed by Dridex, Downloads all the Malwares

On 4/6, the Phishing Intelligence team came across a wave of phishing emails that contained a .js file packaged inside of a zip file used to deliver malware. This is nothing new, and has been seen being pushed out by resources associated with the Dridex botnet and the Locky encryption ransomware. The interesting piece is that the attackers are using a new piece of malware called RockLoader to download and install the malware on remote systems. Downloaders are nothing new, as Upatre was used with Dyre and Gameover ZeuS in the past. RockLoader has several tricks up its sleeve.

PhishMe April Cybercrime Alert: Ransomware Attacks Expected to Increase

Cybersecurity Experts, Former Federal Law Enforcement Professionals Say Cryptocurrency, Digital Data and Vulnerable Employees May Fuel Largest Crimewave in Modern History

LEESBURG, Va. – March 31, 2016 – PhishMe Inc., the leading provider of human phishing defense solutions, today released its April Cybercrime Alert, warning all organizations that its threat researchers expect ransomware attacks to increase as cybercriminals become increasingly aware that:

  • Ransomware is readily-available and changes faster than detection technologies can respond
  • In most cases, paying the ransom is the only way to free hostage data and systems
  • Recent successful ransom situations will only encourage more attempts
  • Cryptocurrencies such as Bitcoin can be used to force untraceable ransom payments
  • Humans are widely susceptible to phishing, the most commonly used ransomware attack vector

Tax Time is Phishing Time: Here’s How to Help!

Important disclaimer: THE IRS DOES NOT INITIATE CONTACT WITH TAXPAYERS BY EMAIL, TEXT MESSAGE, OR SOCIAL MEDIA CHANNELS TO REQUEST PERSONAL OR FINANCIAL INFORMATION. (See: https://www.irs.gov/uac/Report-Phishing )

The IRS has a very active security team, currently part of the U.S. Treasury Inspector General for Tax Administration (TIGTA), that is responsible for fighting phishing and tracking down the criminals who prey on U.S. tax payers.  If you believe you have received a Phishing email, please help them by reporting the email you received to phishing@irs.gov.  Additionally, please also consider sending a copy to our team.  PhishMe Brand Intelligence automatically processes any URLs found in emails sent to Report@phishIQ.com (not just IRS phish – we love gathering global intelligence on all phish).

Reclaiming the Edge in the Battle Against Phishing Attackers

There is a reason that most data breach incidents involve phishing attacks: phishing works.  Attackers know that it is far easier to gain access to a protected network by tricking people into clicking on malicious links and attachments than it is to penetrate sophisticated firewalls and intrusion detection systems.  And they know that they have an edge over the defenders because they only have to win once to gain access. As defenders, we need to stop them every time.  We can’t prevent attackers from soliciting people with phishing emails.  But we can take away their edge.

PhishMe CTO Aaron Higbee Discusses Ransomware Dangers on CNBC SquawkBox

Aaron Higbee, PhishMe co-founder and CTO, was featured on a recent CNBC SquawkBox broadcast segment discussing recent ransomware trends plaguing the healthcare space. During the attack, a phishing email is sent to the user’s inbox prompting them to click a malicious link that begins encrypting files and storage drives on your computer. Once the files are encrypted, the only way to retrieve the data from the malicious actors is to pay a ransom in BitCoin. In the video (seen below), Higbee dives deeper into the various motivations for these types of attacks and how businesses can better prepare themselves to thwart ransomware before it strikes.

Ransomware Rising – Criakl, OSX, and others – PhishMe Tracks Down Hackers, Identifies Them and Provides Timeline of Internet Activities

Over the last few months, the Phishing Intelligence team has observed a huge increase of ransomware. Many attackers are starting to experiment with ransomware as an alternative to quickly monetize. Dridex has employed a new family of ransomware named Locky, which is a pretty drastic shift in what this group is known for doing. We’re even seeing attackers go after OSX with ransomware, something that was once thought to be immune from malware, however there were nearly 6,500 users who downloaded the compromised BitTorrent client.

Follow along with us as we deconstruct a recent ransomware attack and hack the hackers behind the attempt.

PhishMe’s Rohyt Belani Honored as a CEO of the Year in Info Security Products Guide’s 2016 Global Excellence Awards

Judges Recognize PhishMe CEO for Leadership Excellence and Significant Contributions to the Cybersecurity Community

LEESBURG, VA – March 10, 2016 – PhishMe® Inc., the leading provider of human phishing defense solutions, today announced that CEO and co-founder Rohyt Belani has been honored as a “CEO of the Year” category winner of the 2016 Info Security Products Guide Global Excellence Awards®. These prestigious global awards, put on by the industry’s leading information security research and advisory guide, recognize security and IT vendors with advanced, ground-breaking products and solutions that are helping set the bar higher for others in all areas of security and technologies.

PhishMe Takes Home 2016 SC Magazine Award for Best IT Security-Related Training Program

Judges Recognize Human Phishing Defense Solution Used by Fortune 500 Enterprises to Protect Data and Systems Against Multi-Billion Dollar Phishing Threat

LEESBURG, Va. & SAN FRANCISCO – March 3, 2016 – PhishMe® Inc., the leader in human phishing defense solutions, today announced that SC Magazine honored the company with a 2016 SC Award for Best IT and Security Training Program. Winners of this prestigious award were chosen after undergoing a rigorous judging process that included testimonials, industry assessments and additional research. PhishMe was hand-picked by a panel of judges for its outstanding service, qualifications and advancements to the cybersecurity industry.