AppRiver Blog

Recent Posts by David Pickett

Phorphiex/Trik Botnet Campaign Leads to Multiple Infections - Ransomware, Banking Trojan, & CryptoJacking

Malware Campaign Packs a Strong Payload Punch

There are few botnets with the capability to send tremendous volumes and pack an infection chain as malicious as what our filters have caught from the Phorphiex Worm/Trik botnet this year.

For 2019, the Mealybug threat group has garnered the most media attention with Emotet...

Read More

Dream Market - Top Dark Web Marketplace Shutting Down

Dream Market Shutting Down

Come April 30, 2019, one of the Dark Web's top marketplaces will go dark according to a message on the site. But reasons behind the site's shuttering are the subject of speculation.

The Dark Web marketplace, which opened in 2013, has grown into one of the largest and most popular Dark Web...

Read More

Phishing Threatens Deadly Viruses

A new phishing campaign caught our attention recently due to the unique wording and varying tactics it uses in this "Security Alert." It threatens that the recipient's mailbox is infected with 3 deadly viruses and will shutdown if the warning is ignored.

Let's take a quick look at this credential-harvesting attack.

Read More

Email Bombs Disguise Fraud - Distributed Spam Distraction

Email Bombs Continue to Disguise Fraud

Email bombs are a type of Denial of Service (DoS) attack. Victims face an uncontrollable deluge of messages quickly filling up their inbox when the attack begins. With enough volume, the attack renders the victims mailbox useless. Victims struggle to make sense why a sudden...

Read More

Sextortion vs Bombtortion Hoaxes

Sextortion vs Bombtortion

On Dec. 13, bomb-threat hoaxes via email sparked law enforcement agencies around the world to chase down nonexistent devices. Many researchers and media outlets were quick in observing the similarity the bomb threats shared with sextortion campaignsWhile the sextortion threats have been going...

Read More

New Sextortion Campaign - Caught you cheating!

Today's Sextortion Message - Caught Cheating

Read More

SPISHING Attacks: Phishing Emails That Talk

A New Twist

As a company who protects 60,000+ businesses worldwide, AppRiver's Security Team has no shortage of phishing emails to continuously defend against. While analyzing samples for new techniques and tactics we ran across one that was a familiar phishing scam with a surprising, but amusing twist.

Read More

THREAT ALERT: Cybercrooks Abusing Microsoft Azure Storage Custom Domain Name Feature

THREAT ALERT: Cybercrooks Abusing Azure Custom Domain Name Feature

Read More

TrickBot Campaign Spoofs Dun & Bradstreet

Trickbot Spoofs Dun & Bradstreet

On Wednesday, Sept. 4, in just under an hour's time AppRiver's SecureTide malware engine stopped 103,791 malicious Word documents destined to clients. The campaign was designed to drop the Trickbot Trojan onto an unsuspecting users system. This particular attack spoofed the data and...

Read More

BEC Attacks Evolving - Phishing via XPS Files

We've seen it time after time, malicious actors routinely attempt to confuse recipients of messages with obscure or lesser-utilized file extensions.

Over the past month, some phishing attempts using xps files instead of the typical pdf or doc/docx formats have been captured by our filters.  The xps file format is...

Read More