Blog

Blog

Top Threats to Cloud Email Security and How to Mitigate Them

A summary of common threats faced by cloud email systems beyond malware and data breaches, this blog provides actionable tips and best practices for businesses to protect their email systems.
Blog

Harrowing Tales of Social Engineering Attacks from the Trenches

The social engineering attacks that businesses are seeing today – from hiding payloads in files to commit fraud, to quishing and smishing – and what can be done about them.
Blog

Active Phishing Campaign: Twilio SendGrid Abuse

Active Phishing Campaigns are coordinated attacks that Fortra has observed bypassing email security gateways and filtering tools. The following analysis includes examples, high-level details, and associated threat indicators. Sample Email Lure Sample 1: Vishing Example Sample 2: Office365 Phishing Example...
Blog

Active Phishing Campaign: QR Code Attachment O365 Attack

Active Phishing Campaigns are coordinated attacks that Fortra has observed bypassing email security gateways and filtering tools. The following analysis includes examples, high-level details, and associated threat indicators. Sample Email Lure Sender...
Blog

Active Phishing Campaign: Form Assembly Abuse

Active Phishing Campaigns are coordinated attacks that Fortra has observed bypassing email security gateways and filtering tools. The following analysis includes examples, high-level details, and associated threat indicators. To protect the privacy of Fortra’s clients, the brand targeted in this attack has been anonymized and is generically referred to as “Brand” whenever their name appears in the...
Blog

Harnessing Data Science and AI in Cybersecurity

In this Solutions Review article, Ravisha Chugh from Fortra explains how companies are harnessing data science and AI technologies in their cybersecurity initiatives.
Blog

Will 2024’s Presidential Election Day Be Groundhog Day When It Comes to Nation-State Email Attacks?

With 2024's presidential election around the corner, Fortra discusses the blunt-force impact of campaigns not hardening their cybersecurity, such as campaign impersonation, donation scams and fraud, and the possibility that it will be cybercriminals who decide the next President of the United States—not voters.
Blog

Understanding DMARC Reports

Why is it so important to analyze DMARC reports? Well, it makes it so organizations can detect malicious emails and prioritize source configuration, all of which is crucial for maintaining their email security.
Blog

How to Defend Against Stegomalware

Stegomalware is still a relatively unknown term but is becoming more widely leveraged in malware. So you need to know about this semi-low-tech, yet innovative tactic that is imperceptible to the human eye.
Blog

What You Need to Know About Stegomalware

It all sounds like the stuff of Sherlock Holmes or “Mission Impossible”, but steganographic malware, or stegomalware for short, is a real thing that broadly describes a host of tactics used to hide data in plain sight.
Blog

How to Set Up DMARC: Step-by-Step Guide

We'll explain how to configure DMARC for your company's email, including what you'll need and how to add DMARC to your DNS. Just follow these DMARC setup steps! But before we begin, here’s a high-level overview of how to add DMARC to your DNS.Add your DMARC record into your DNSSelect the TXT record typeAdd the host value (see details below)Add the value information (see details below)Save the...
Blog

Preventing Email Leaks in Business Environments

By understanding email data leaks, their value to attackers, and their root causes, organizations can stay savvy and set up the right tools to thwart many email-targeting attempts.
Blog

Frost Radar Names Fortra as Email Security Leader

We are thrilled to announce that Frost & Sullivan has ranked Fortra as a leader in our space. With the release of the Frost Radar for Email Security™, Frost & Sullivan has determined that Fortra Email Security is a leader in the industry, having increasing its revenue distribution in North America by 30%, as well as penetration in the cloud security market and in the banking and finance verticals...
Blog

Are You Ready for PCI DSS 4.0?

PCI DSS 4.0 is here. If your organization handles PII data, you will need to be compliant with the new updates. We take a look at the new version and what it takes to stay compliant.
Blog

Microsoft Office 365 + Cloud Email Gateway: All You Need in a Cloud-First World

According to a recent Cloud Security Alliance report, 98% of organizations worldwide use cloud services, including SaaS applications, complete cloud-native networks, and email services. It’s an overdue modernization that eliminates physical infrastructure to drive cost savings and integrate services for improved productivityChasing this move, cybercriminals intent on account takeover are evolving...
Blog

Active Phishing Campaign: Tax Extension Help Lure

Active Phishing Campaigns are coordinated attacks that Fortra has observed bypassing email security gateways and filtering tools. The following analysis includes examples, high-level details, and associated threat indicators. Sample Email Lure Sender VerificationSender’s Email: ogawa@kidscorp[.]jp Sender’s Name: Beth KolcunReply-To Address: beth...