In early 2017, the Sage ransomware distinguished itself with a fresh take on the business model for criminal ransomware operations. Built with an engaging, intuitive user interface for requesting the ransom payment, it also reinforced the fact criminals are willing to invest in developing new versions of established ransomware tools. Sage has reasserted itself as a relevant player on the already-saturated ransomware threat landscape with version 2.2.
Fake Swiss Tax Administration Office Emails Deliver Retefe Banking Trojan
PhishMe®’s Phishing Defence Centre has observed multiple emails with a subject line that includes a reference to tax declarations in Switzerland (Original subject in German: “Fragen zu der Einkommensteuerklaerung”) as shown in Figure 1. The sender pretends to be a tax officer working for the tax administration (Eidgenoessische Steuerverwaltung ESTV) and is asking the victim to open the attached file to answer questions about the tax declaration.
Social Media: It’s Time to <3 Security Awareness
Part 4 in a weekly blog series, “How Attackers Target Trust,” running during October, National Cyber Security Awareness Month and European Cyber Security Month.
Over the past decade, mobile phones and social media have become essential to how we ingest news and communicate friends and families.
Beware: These Scams Turn Open Enrollment into Open Season for Phishing
Last fall, PhishMe® warned you about scams that use phishing to steal your health savings account (HSA) details during open enrollment periods. This year we are seeing a variety of phishing scams that can take advantage of your year-end diligence in managing personal and corporate assets.
Security Awareness: 4 tips on Trusting Technology
Part 3 in a weekly blog series, “How Attackers Target Trust,” running during October, National Cyber Security Awareness Month and European Cyber Security Month.
Malicious Chrome Extension Targets Users in Brazil
Our Phishing Defense Center recently detected a significant increase in the number of emails with malware designed exclusively to target users in Brazil.
Locky or TrickBot? Depends Where You Are. Malicious Payload Delivery Tailored by Geographic Location
BY NEERA DESAI AND VICTOR CORNELL
It is not uncommon for threat actors to deploy malicious payloads from multiple malware families during a single phishing campaign. These malware tools may include ransomware, a financial crimes trojan, or other botnet malware. However, it is not as common for those attackers to deploy different malware tools based upon the geographic location of their victim.
To Raise Security Awareness, Don’t Trust the Process.
Part 2 in a weekly blog series, “How Attackers Target Trust,” running during October, National Cyber Security Awareness Month and European Cyber Security Month.
Rock the 80’s and More at PhishMe Submerge 2017!
An 80’s party, PhishMe Simulator™ Certification and savings of $100. They’re three great reasons to attend PhishMe® Submerge 2017, our second annual User Conference and Phishing Defense Summit, Nov. 29 – Dec. 1, Gaylord Hotel, Washington National Harbor.
Heads Up: This Netflix Phish Targets Business Email, Not Just Home Accounts
PhishMe® analyzes phishing attacks intended for corporate email all the time—phishing for corporate email credentials, malware delivery, etc. However, we also analyze phishing for consumer service credentials—think online shopping or Netflix—since it is also a part of the threat landscape.