AppRiver Blog

Spy MAX Android RAT Targets Luxury Business Sector

On June 4, 2019, AppRiver's Advanced Email Security filter began to quarantine low volume waves of highly targeted attacks directed toward businesses who operate in the luxury services sector.

Examples of these businesses include yacht brokers, executive housekeeping and staffing providers, and some that offer various...

Read More

THREAT ALERT - Malware Being Hosted On Azure

    

THREAT ALERT - AZURE CURRENTLY HOSTING MALWARE

On Sept. 7, 2018, we first detailed how malicious attackers abused Azure's Custom Domain Name registrations to host credential phishing sites. On April 29, 2019, we released information on how compromised user data was exposed from attacks originating from phishing...

Read More

Business Email Compromise Attacks via Name Impersonation

   

Name impersonation attacks have exploded in popularity over the past few years. They cost malicious actors little time, infrastructure, or sophistication. The FBI's Internet Crime Complaint Center recently reported over 900 complaints a day in 2018 and $2.7 billion in American losses alone.

It's extremely simple...

Read More

Microsoft Azure Customized Domain Name Phishing Attacks - Compromised Users and Geolocation Data Exposed

THREAT ALERT UPDATE: Cybercrooks Abusing Azure Custom Domain Name Feature

On Sept. 7, 2018, we detailed how malicious attackers abuse Microsoft Azure's Custom Domain Name registrations to host credential phishing sites.

This type of "living-off-the-land" attack utilizes phishing sites which reside on Microsoft's web...

Read More

5 Tax Scams That Are Threatening Your Identity This Tax Season

Every year, the U.S. Internal Revenue Service (IRS) releases its “Dirty Dozen” list. This compilation covers some of the most common types of scams that target taxpayers each tax season. It also includes tips by which taxpayers may protect themselves and their identities.

Read More

Phorphiex/Trik Botnet Campaign Leads to Multiple Infections - Ransomware, Banking Trojan, & CryptoJacking

Malware Campaign Packs a Strong Payload Punch

There are few botnets with the capability to send tremendous volumes and pack an infection chain as malicious as what our filters have caught from the Phorphiex Worm/Trik botnet this year.

For 2019, the Mealybug threat group has garnered the most media attention with Emotet...

Read More

Dream Market - Top Dark Web Marketplace Shutting Down

Dream Market Shutting Down

Come April 30, 2019, one of the Dark Web's top marketplaces will go dark according to a message on the site. But reasons behind the site's shuttering are the subject of speculation.

The Dark Web marketplace, which opened in 2013, has grown into one of the largest and most popular Dark Web...

Read More

GandCrab Ransomware Takes Aim At Your Inbox

Over the past several days AppRiver security specialists have been seeing early morning Ransomware campaigns targeting users.

The ransomware itself belongs to the GandCrab family and has been the most frequently distributed of its kind over the past year. And like most ransomware, it has the power to significantly...

Read More

Bank of America Themed Emails Attempting to Spread Trickbot

On Jan 31, we noticed a large malware push posing as Bank of America that attempted to dupe users into opening an attachment. Opening the attachment would launch an infection chain that ultimately would lead to malware infection.

Read More

Nonsensical Google Drive Campaign

Last week, spammers were busy sending thousands of emails that were somewhat nonsensical and containing a Google Drive URL. The body of the email also contained several random words and a time stamp.

Read More