Resources

Man with credit card looking at laptop
Blog

QBot Operations Peak Pre-Takedown, O365 Attacks Increase in Q2

Fri, 09/01/2023
Cybercriminals doubled down on popular threat types and preferred malicious software in Q2, with O365 phish and QBot malware dominating inboxes by significant margins. QBot operations eclipsed all other malware once again, reaching their highest volume of share just before a multinational takedown Tuesday removed malicious code from more than 700,000 computers. Similarly, but lacking in...
Blog

The Top Three Domain Protection Best Practices

Tue, 08/29/2023
Impersonating an organization’s domain can be a lucrative business for cybercriminals. Fortra’s 2023 Domain Impersonation Report found that the average brand is targeted by 40 look-alike domains per month. The two common types of domain impersonation are look-alike domains and email spoofing.
Blog

Original Research from Fortra Reveals Pervasiveness, Types of Look-Alike Domains Targeting Brands

Thu, 08/24/2023
In the ever-evolving landscape of cybercrime, look-alike domains remain a constant component in the vast majority of threats. Look-alike domains or, URLs that resemble those of a legitimate brand, can cause significant damage to brand reputation by way of fraudulent websites, phishing schemes, malware distribution, and more. Original research conducted by Fortra’s PhishLabs analyzes how look...
Advanced Persistent Threats (APT)
Anti-Phishing Offerings
Blog

The Use of Natural Language Processing for Identifying and Mitigating Threats

Thu, 08/17/2023
As technology advances, the battle between cyber criminals and organizations intensifies. Cyber threats have become more sophisticated, complex, and widespread, posing a significant risk to the security and integrity of sensitive data. In Q1 2023 alone, the number of global cyber attacks increased by 7%, with an average of 1,248 attacks reported per week. In a separate report by The Independent...
Blog

Phishing Sites Impersonating Social Media Jump in Q2

Fri, 08/11/2023
In Q2, phishing attacks targeting social media platforms increased more than 23%, according to Fortra’s PhishLabs. This is the greatest volume of attacks on social media in two years and puts the industry ahead of historically top targeted financial institutions.Every quarter, Fortra’s PhishLabs examines hundreds of thousands of phishing attacks targeting enterprises and their brands. In this post...
Anti-Phishing Offerings
Anti-Phishing
Blog

Q2 Payload Report

Thu, 07/27/2023
QBot dominated as the top payload in Q2 with more than 95% of reported volume, according to Fortra’s PhishLabs. This is the third consecutive quarter QBot has led all other malware varieties by a significant majority. QBot was also consistently reported as a top payload in 2022, falling second only to Emotet and Redline Stealer before its current streak.Email payloads remain the primary delivery...
Email Security
AI-Email-Solutions
Blog

The Science Behind the Scenes: How Machine Learning Combats Phishing Attacks and BEC

Thu, 07/20/2023
Because email remains the most ubiquitous form of business communication, it continues to be a favorite attack vector for cybercriminals. Email has always been vulnerable because it was not originally designed with security or privacy in mind. As a result, email security vendors emerged to protect this critical communication channel. In the early days, many vendors used signature or reputation...
Advanced Persistent Threats (APT)
Business Email Compromise
Agari Machine learning
Guide

Machine Learning Models in Cloud Email Protection

Traditional email security products struggle to detect email impersonation threats such as Business Email Compromise (BEC) and spear phishing campaigns. These threats consistently bypass defenses that rely on signatures and policies like Secure Email Gateways and native-cloud email filters. This guide breaks down how Fortra uses advanced data science, including machine learning models, to find and mitigate attacks that slip past traditional email defenses.
Advanced Persistent Threats (APT)
Business Email Compromise
Social Engineering
Anti-Phishing Offerings
Anti-Phishing
social media postit note and lock
Blog

Common Social Media Scams and How to Avoid Them

Thu, 07/13/2023
While there are an estimated 30,000 daily cyber attacks on business websites, there are roughly ten times as many attacks against social media accounts every single day, equating to roughly 1.4 billion accounts every month. Social media attacks and scams have become pervasive problems, with threat actors finding innovative new ways to deceive users and steal their information. While social media...
Cat with crown
Blog

The Royal & BlackCat Ransomware: What you Need to Know

Thu, 07/06/2023
The US healthcare sector continues to be aggressively targeted by ransomware operators. Royal and BlackCat are two of the more recent – and highly sophisticated – ransomware threats. These two new flavors of ransomware pose serious potential impacts on the healthcare sector, but there are appropriate mitigation and defense strategies that organizations can take to protect against them. What is...
Advanced Persistent Threats (APT)
Ransomware
Blog

Understanding How Polymorphic and Metamorphic Malware Evades Detection to Infect Systems

Thu, 06/29/2023
Polymorphic and metamorphic malware constantly changes itself in order to avoid detection and persistently remain on the system. This adaptive behavior is the main distinctive attribute of these types of malware, which is also why they are harder to detect; it is also why they pose a great threat to systems. On the surface, the functionality of this sort of changing and mutating malware appears...
Datasheet

Clearswift and Cryoserver: Secure Email Archive

With email still being the primary business collaboration tool, organizations need to ensure that the content and information they send and receive is kept secure. Together, Clearswift and Cryoserver help to safeguard your organization’s critical information found within email thereby protecting the intellectual property and brand reputation of your organization while ensuring compliance, legal...
Email Data Loss Prevention
Email Security
Blog

99% of User-Related Threats Are Email Impersonation Attempts

Thu, 06/22/2023
Threats in corporate inboxes hit new highs with a quarter of all reported emails classified as malicious or untrustworthy. 99% of these threats were email impersonation threats, such as BEC and credential theft lures, that lack attachments or URLs delivering malware payloads. Cybercriminals continue to bypass traditional email security tools and reach end users by impersonating individuals,...
Video

How to Adhere to Google & Yahoo's DMARC Requirements

By Mike Jones
Recently, Google and Yahoo rolled out changes that require your adherence to DMARC in order to continue to deliver bulk email to your users' mailboxes. Luckily, you still have until June 1st to fully adhere before your bulk emails come to a grinding halt. Watch our Senior Director of Product Management, Mike Jones, walk you through setting up your DMARC policy...
Advanced Persistent Threats (APT)
Anti-Phishing Offerings
Video

Introduction to Fortra's Cloud Email Protection Platform

Wed, 06/21/2023
Even with Secure Email Gateways in place, deceptive attacks like BEC, targeted social engineering ploys, and spear phishing attempts can still get into user inboxes. In this video, Fortra’s Advanced Email Security experts discuss how Fortra’s Cloud Email Protection, a new integrated cloud email security platform, delivers multi-faceted defense against advanced email threats, including::How AI...
Video

QR Codes That Aren’t Cool – How to Defend Your Inbox from Quishing Attacks

By Dr. Steve Jeffery
Most organizations have security controls in place to inspect URLs in emails to prevent the risk of credential phishing and business email compromise (BEC) attacks. However, threat adversaries have pivoted their tactics in order to bypass security stacks. The QR code is now the carrier of choice for delivering these types of payloads via email. Is your organization ready to tackle this new...
Advanced Persistent Threats (APT)
Anti-Phishing Offerings
Anti-Phishing
Video

QR Codes That Aren’t Cool – How to Defend Your Inbox from Quishing Attacks

By Dr. Steve Jeffery
Most organizations have security controls in place to inspect URLs in emails to prevent the risk of credential phishing and business email compromise (BEC) attacks. However, threat adversaries have pivoted their tactics in order to bypass security stacks. The QR code is now the carrier of choice for delivering these types of payloads via email. Is your organisation ready to tackle this new...
On-Demand Webinar

QR Codes That Aren't Cool Webinar

Threat adversaries have pivoted their credential phishing and BEC tactics in order to bypass security stacks. In this video, Fortra’s Advanced Email Security expert, Dr. Steve Jeffery, discusses how the QR code has become the carrier of choice for delivering payloads via email and what your organization needs to put in place to stop them. You’ll learn: How human and machine mitigations help...
Advanced Persistent Threats (APT)
Business Email Compromise
Spear Phishing
Anti-Phishing Offerings
Anti-Phishing
On-Demand Webinar

DMARC Revisited: Email Authentication in 2024

Implementing DMARC is one of the simplest ways to prevent email spoofing and ensure consistent email deliverability. Agari DMARC Protection will lead you through a safe and efficient DMARC implementation with features that allow you to: Catalogue and authenticate all legitimate senders–both 3rd-party and internal Navigate past common authentication pitfalls Comply with today’s major email...
Advanced Persistent Threats (APT)
Business Email Compromise
Spear Phishing
Anti-Phishing Offerings
Anti-Phishing