Resources
Blog

Fortra Named Top Player in Radicati's 2024 Secure Email Market Quadrant Report

By Monica Delyani on Wed, 04/03/2024
Fortra has been recognized as a “Top Player” in The Radicati Group’s Secure Email Market Quadrant, 2024. The Radicati Group’s analysis found that Fortra provides both breadth and depth of functionality, while shaping the market with innovative technology and a compelling strategic vision. As the report illustrated: "Fortra’s Cloud Email Protection brings together an impressive set of solutions...
Blog

O365 Active Phishing Campaign with Verizon Invoice Lure

By Monica Delyani on Mon, 04/01/2024
Recent O365 Active Phishing Campaign Active Phishing Campaigns are concerted, coordinated attacks that Fortra has observed bypassing email security gateways, like SEGs, and default filtering tools. The following analysis includes examples, high-level details, and associated threat indicators. As of this posting, Fortra has automatically detected and removed 46 instances of this threat across...
Active Phishing Campaign
Cloud Email Protection
Blog

The Email Security Gaps in Your Cloud

By Ravisha Chugh on Thu, 03/28/2024
According to Gartner, Microsoft lacks the ability to detect and eradicate 20% of the advanced email threats. Email security expert, Ravisha Chugh, shares why current cloud email security solutions are insufficient against advanced email threats, and why she's excited to be a part of Fortra's Cloud Email Protection.
Cybersecurity
Blog

How Banks are Adapting to Digital Disruption and Data Privacy Regulations

By Monica Delyani on Mon, 03/25/2024
Digital disruption, changing consumer demographics and preferences on how they engage with their banks, along with burgeoning regulatory requirements are having far-reaching repercussions on banking. And banking executives are feeling the pressure!Digital DisruptionBanks that resist digital transformation will be punished by their customers, experiencing a marked erosion in profit margins. In...
Data Compliance
Blog

How Fortra's Clearswift Secure Email Gateway Aligns to NCSC's Email Security Guidelines

Tue, 03/12/2024
Working in cybersecurity is one of the most challenging roles in the organisation. Not only are you tasked with keeping the business and its data safe and secure, but you must do so in the face of ever-increasing professionalism and sophistication on the part of cybercriminals.There are more threats than ever before, and the consequences of a data breach are more significant too. In recent Fortra...
Data Compliance
Email Security
Encryption
March Madness
Blog

March Madness Challenge for Cybersecurity Professionals

Mon, 03/11/2024
Let the "madness" begin! The NCAA Basketball tournament is different for everyone. Some experience madness after a gut-wrenching triple overtime victory by their alma mater, while others after a buzzer-beater shot from half-court by a 16th-ranked Cinderella underdog that instantly knocks out one of your final four selections. However, to me there is nothing more maddening, in the delightful sense...
Email Data Loss Prevention
Email Security
Web Security
Blog

Social Media Attacks Focus on Financials, Executives in Q4

By Jessica Ryan on Thu, 03/07/2024
In Q4, impersonation threats made up more than 45% of total attacks on social media, with the vast majority targeting banking and financial services. Impersonation on social media continues to grow, with threats specifically targeting corporate executives responsible for driving the majority of volume for three consecutive quarters.The average number of social media attacks per business has...
Datasheet

Clearswift Anti-Spam

Inside the Clearswift Secure Email Gateway appliance, there is a multi-layer Anti-Spam solution designed to deliver 99% detection with minimal false positives. The anti-spam feature detects messages as being spam, phishing attempts, or newsletters, and allows system administrators to configure policies to either block, sanitize, hold, tag, or...
Advanced Persistent Threats (APT)
Anti-Phishing Offerings
Anti-Phishing
set-up-dmarc-policy
Blog

What is a DMARC Policy?: The 3 Types, Which to Implement & Other Requirements

Wed, 02/28/2024
What is DMARC Policy?In this post, we’ll briefly explain what a DMARC policy is, how to set up your DMARC email record, what the three types of DMARC policies are and when to implement each one, and how to diagnose and fix any issues associated with it. Basically, your DMARC policy tells email receivers what to do with illegitimate or possibly fraudulent emails—whether to reject, quarantine, or...
DMARC Email Authentication
Blog

O365 Volume Up in Q4 as Cybercriminals Target Brands in Credential Theft Attacks

Tue, 02/27/2024
The majority of malicious emails reported in user inboxes contained a link to a phishing site, making credential theft emails the attack method of choice for cybercriminals in Q4. Credential theft made up nearly 60% of all reported incidents, with more than half of the volume attributed to O365 attacks. Despite the threat actor preference toward this threat type, credential theft attacks declined...
Blog

Phishing-as-a-Service Profile: LabHost Threat Actor Group

Thu, 02/15/2024
Fortra is monitoring malicious activity targeting Canadian banks conducted by Phishing-as-a-Service group LabHost. Throughout 2022 and 2023, Fortra has observed phishing attacks connected with Phishing-as-a-Service (PhaaS) groups grow as threat actors use the tools provided through membership services to launch a variety of campaigns. The providers of these platforms boast features such as access...
On-Demand Webinar

QR Codes That Aren’t Cool – How to Defend Your Inbox from Quishing Attacks

Mon, 02/12/2024
Most organizations have security controls in place to inspect URLs in emails to prevent the risk of credential phishing and business email compromise (BEC) attacks. However, threat adversaries have pivoted their tactics in order to bypass security stacks. The QR code is now the carrier of choice for delivering these types of payloads via email. Is your organization...
Email Security
laptop with social media symbols
Blog

Record Number of Phishing Sites Impersonate Social Media to Target Victims in Q4

Thu, 02/08/2024
Phishing sites impersonated the social media industry more than any other in Q2, Q3, and Q4 of 2023. In Q4 alone, social media phish leapt nearly 20%, reaching the highest volume of abuse (over 67%) since Fortra has reported on this data point.Every quarter, Fortra’s PhishLabs examines hundreds of thousands of phishing attacks targeting enterprises and their brands. In this post, we break down the...
TLDs in honeycomb pattern
Blog

How Threat Actors will Leverage Domain Impersonation in 2024

By Jessica Ryan on Thu, 02/01/2024
Historically, the average brand is targeted by 40 look-alike domains per month. Look-alikes are a strategic component of malicious lures and websites and used in a variety of spaces including social platforms, text messages, the open web, and email. An attack that incorporates a look-alike domain can mean the difference between a convincing campaign and a suspicious one, with a versatility that...
fingers typing on keyboard
Guide

Protecting Your Organization From Advanced Threats

Today’s cyber attacks appear relentless, growing in frequency and intensity, and proliferating throughout all industries. There is no ‘normal’ and the impact of each attack is felt throughout organizations--from supply chain to customers, partners, and beyond. ...
Data Security
Email Security
Encryption
qr-code-mobile
Blog

QR Codes That Don't Bode Well - The Harm That Quishing Attacks Can Do

By Monica Delyani on Thu, 01/18/2024
Most organisations have security controls in place to inspect URLs in emails to prevent the risk of credential phishing and business email compromise (BEC) attacks. However, threat adversaries have pivoted their tactics to bypass security stacks. And clicking these types of attacks often leads to account takeover. In fact, data from Fortra’s PhishLabs in Q2 2023 reported more than three-quarters...
Anti-Phishing Offerings
Anti-Phishing