AppRiver Blog

BEC Attacks Evolving - Phishing via XPS Files

We've seen it time after time, malicious actors routinely attempt to confuse recipients of messages with obscure or lesser-utilized file extensions.

Over the past month, some phishing attempts using xps files instead of the typical pdf or doc/docx formats have been captured by our filters.  The xps file format is...

Read More

Harvey Scam email appears, more on the way

Harvey Scam Example

After every large news event or natural disaster we see the associated scam emails.  The first Harvey scam email we've seen showed up the afternoon of Aug. 30.  It is a bit surprising it took that long for it to appear, we've been watching closely.  Unfortunately many more scam emails and registered...

Read More

Social Engineering Attack Escalation

Attack Overview and Statistics

SANS Institute conducted a survey on how attackers were able to compromise user devices.  They found 74 percent entered via an email attachment or email links, 48 percent from web based drive-by or download, and 30 percent through application vulnerabilities.  Phishing (72 percent), spyware...

Read More

Phishing attempts riding WanaCry coattails

After every large news-making event, we see malicious campaigns pop up quickly to ride the coattails.  It is very easy for the scammers to modify their malevolent templates to match the latest headlines. They do this to prey on users emotions.  The scams range from simple social engineering to malicious programs that...

Read More