It is interesting how paths sometimes overlap and/or converge.
In this instance, we ended up with a reported smish (an SMS-based phish). While SMS Phishing is something that is covered within Cofense’s Security Awareness training modules, it is not something that we see reported that often.
What makes this specific …
This recent Sextortion email shows a few ‘updates’ to the standard model that has been used. Better grammar, more details about what/how ‘they hacked you’, more helpful instructions and references on how to buy/send Bitcoin, and usage of a reference password (most likely an old password – see: https://cofense.com/sextortion/
Looks legitimate to me… wait a second is that just an IMAGE!
<html<head<title</title</head<body<h2<a href="https://rebrand.ly/41DE62"<img alt src="cid:3vfxjru.jpg" style="width: 706px; height: 637px;" /</a</h2</body</htmlLet’s follow this Phresh Catch and see where it takes us. We test the shortened link (the simplest of techniques to try and evade URL wrapping) and end up at a compromised GoDaddy hosted website – hxxp://teqzoft[.]com/websinfo/Confirm/websc_signin/.
Clean and basic, as long as you ignore the …
Hello everyone!
As you can imagine, we look at a lot of phishing emails on a daily basis. That also means that we look into and analyze a large number of malicious files every day as well.
We leverage the open source Cuckoo sandbox as one of our sources/methods of …
Hello Everyone!
Welcome to Cofense Labs! While our name may be new, our team definitely isn’t. Over the next few weeks we will be going through the piles of research and phishing emails we’ve accumulated, so that we can pull together some great insights, projects, and information and make it …
