THREAT ALERT: Cybercrooks Abusing Azure Custom Domain Name FeatureRead More
Trickbot Spoofs Dun & Bradstreet
On Wednesday, Sept. 4, in just under an hour's time AppRiver's SecureTide malware engine stopped 103,791 malicious Word documents destined to clients. The campaign was designed to drop the Trickbot Trojan onto an unsuspecting users system. This particular attack spoofed the data and...Read More
We've seen it time after time, malicious actors routinely attempt to confuse recipients of messages with obscure or lesser-utilized file extensions.
Over the past month, some phishing attempts using xps files instead of the typical pdf or doc/docx formats have been captured by our filters. The xps file format is...Read More
Office 365 Business Email Compromise Attacks
The Office 365 (O365) platform has experienced tremendous growth and there is no sign of that trend slowing. More businesses than ever reside with - or plan to migrate accounts to - the expanding Microsoft Business or Enterprise services. Scammers have taken notice and have...Read More
Trojan Droppers Exploiting Symbolic Link Files
Malicious actors routinely attempt to confuse recipients of messages with obscure file extensions to load malicious files on the victims machine.
For most users the .slk file is recognized in Microsoft Office software as an Excel file. However, as detailed here, it also is...Read More
****Update: 12/29/2017 9 A.M.****
Necurs botnet operators continue to show unpredictability. Following the afternoon blog update yesterday they turned up the volume. It ended up being our highest volume day of the year originating from the massive botnet. We blocked 49,784,485 million ransomware messages destined to...Read More
Assassination Threats Demand Bitcoin Ransom
Processing more than a billion messages a month we tend to see the good, bad, and ugly emails of the internet. It's pretty rare a message will raise our eyebrows or fall into a "disturbing" category, especially for our team that sees the whole range of the underworld daily.Read More
Move over macros, Office DDE exploits arrive!
Office macros have been the primary choice of attacks by malicious actors for years. IT administrators and users have learned to be cautious before running macros. The Dynamic Data Exchange (DDE) protocol has been around much longer but hadn't been used for attacks. It's a...Read More
A little over two weeks ago we posted about the first Hurricane Harvey scam emails that appeared in our spam traps. The hurricane scams continue to persist without showing any signs of slowing down soon.
Scammers are now using Harvey and Irma references or just a generic email to encompass any hurricane assistance efforts.Read More
Equifax Breach Overview
While not the largest breach, it's one of the most severe because of the data compromised. Equifax, Experian, and TransUnion compiles the most sensitive financial information and safeguards it. No company is immune to an attack, however, this garnered 143 million...Read More