What is Whaling Phishing & How Does it Work?What is Whaling Phishing & How Does it Work? jessica.ellis Thu, 02/02/2023 - 12:35
“Whaling” phishing fraud attacks target the C-suite of a company which creates high risk of extremely sensitive, mission-critical data being stolen and exposed. Fortunately, protecting the organization from these attacks is possible. Whaling phishing is a type of phishing attack targeting larger, high-value targets, which is why it's called "Whaling." Attackers themselves often pretend to be C...
Ransomware Attacks: Why Email Is Still THE Most Common Delivery Method
In this blog, we take a look at why phishing is the most successful delivery of ransomware and what your organization can do to defend your data and your brand.
How to Gain Stakeholder Support for Email Security Investment
Investing in email protection beyond basic anti-spam is vital to protecting an organization, but persuading leadership and stakeholders of the investment can be complicated. In this article, we take a look at the helpful approaches for comprehensive email security buy-in.
Cybersecurity Threats in Europe: What you need to know and what to do about them
In this webinar, Fortra experts Paolo Cappello, Managing Director International, and Steve Jeffery, Lead Solutions Engineer, are joined by Tope Olufon, Senior Analyst at Forrester, to review the findings of Forrester’s recent European Cybersecurity Threats Report. European cyber security professionals struggle with similar attack techniques as their global counterparts. This webinar will highlight...
DKIM vs. SPF Email Standards: Do I Need Them Both?
When it comes to email authentication standards, should you use DKIM, SPF, or both? We’re going to cover these terms, when you should use them, what they do—and how best to protect your email domains. Is it Either/Or—or Both? Should the battle really be SPF vs. DKIM? While not mandatory, it’s highly recommended to use both SPF and DKIM to protect your email domains from spoofing attacks and fraud...
QBot Campaigns Overwhelmingly Lead Reported Payloads in Q4
By Jessica Ryan
QBot was the most reported payload targeting employee inboxes in Q4, according to Fortra’s PhishLabs. This is the fourth consecutive month QBot has led malware activity as bad actors target organizations with a steady stream of high-volume attack campaigns. QBot previously represented the second most reported payload family, trailing behind RedLine Stealer in Q3. Email payloads remain the primary...
What Is an Enterprise’s Primary Line of Defense Against Phishing Emails?
Through a layered approach utilizing a comprehensive solution as the primary defense, Fortra fills major gaps in email platform security by protecting users from external threats and safeguarding your sensitive data from being leaked both inside and outside your organization.
What Is an Enterprise’s Secondary Line of Defense Against Phishing Emails?
Following a multi-layered approach to phishing defense is a good idea, but using what you have close to home is best when it comes to a sensible security posture. In practice, a robust security awareness training program is key to instruct employees on what to look for when trying to spot phishing emails that may have landed in their inboxes.
IT Security Wire: Cybersecurity in 2023: Top Three Predictions
In this IT Security Wire article, cybersecurity experts Eric George and Tom Gorup share their 2023 cybersecurity predictions.
DMARC Quarantine vs. DMARC Reject: Which Should You Implement?
You did it! You implemented DMARC and authenticated your email domains. This is no easy feat in itself and now, after DNS requests, third-party conference calls and writing internal policies, you are ready… It’s time for a stricter DMARC policy. If your DMARC policy has been set to p=none for months, you've likely had the chance to review who is sending email under your brand name and determine...
DKIM Guide: How to Set Up the Email Standard Step by Step
In this DKIM setup guide, we’ll walk you through the steps on how to set up DKIM correctly, test it, avoid common pitfalls, and fix common mistakes. In case you’re new to DKIM, or DomainKeys Identified Mail, we’ll start with a high-level overview before getting to the step-by-step instructions, but you can first look up your DKIM record here. What is DKIM? A Brief Introduction DKIM is a standard...
What is a DMARC Policy?: The 3 Types & Which to Use
In this post, we’ll briefly explain what a DMARC policy is, how to set up your DMARC email record, what the three types of DMARC policies are and when to implement each one, and how to diagnose and fix any issues associated with it. Basically, your DMARC policy tells email receivers what to do with illegitimate or possibly fraudulent emails—whether to reject, quarantine, or accept them. Overall...
How to Recognize and Respond to Emerging Social Media Cybersecurity Threats
Facebook. Twitter. Instagram. LinkedIn. YouTube. Pinterest. Mastodon. The list goes on. Whether you love or loathe social media, these platforms have become integral to how we communicate as individuals and businesses. Cybercriminals have also taken note, embracing these communication channels wholeheartedly to reach vast audiences quickly, anonymously, and cheaply, successfully defrauding targets...
A Spotlight on Cybersecurity: 2022 Trends & 2023 Predictions
By Jessica Ryan
In 2022, geopolitical unrest and an expanding online attacks dominated the cyber landscape and headlines. In 2023, Fortra’s security experts anticipate enterprise organizations and authorities working together to better strengthen their security posture and response to threats.
Holiday Season Triggers Rise in Counterfeit Activity
Counterfeit activity increases every year during the pre-holiday shopping blitz -- most notably Black Friday, Cyber Monday, Christmas and Hanukkah. Arm yourself with defenses now to combat ever-evolving counterfeiting methods during peak retail shopping season.
How to Protect Against Advanced Email Threats
Unfortunately, the bad news about data breaches, cybersecurity scams, and email attacks is constant and the numbers are more staggering with each year. Learn which steps to take now to protect your organization’s email ecosystem, such as collecting threat intelligence, mitigating against brand impersonation, and training your employees on security awareness, all while maintaining compliance.
Attacks Targeting Businesses on Social Media Jump 40% YoY
In this post, we discuss the industries most prone to attack on social media, and the top threat types found on those platforms.
Financials & Card Data Top Q3 Targets on the Dark Web
In Q3, credit unions nearly overtook national banks as the top targeted industry on the Dark Web, according to recent data from Fortra’s PhishLabs.