Results for email

Threat Research

Circle of the Fraud: New Waves Of Attacks

FortiGuard continues to investigate a series of attacks targeted at Bitcoin users. In our previous article, we discovered a numbers of fake websites registered by the perpetrators of these attacks in late 2017. We assumed at the time that these websites would soon be used for another series of attacks. And now, we have found proof of such attacks. During our new investigation we also discovered a number of tools used by the criminals for malicious documents crafting.

By Artem SemenchenkoFebruary 28, 2018

Threat Research

New jRAT/Adwind Variant Being Spread With Package Delivery Scam

At the beginning of February 2018, FortiGuard Labs collected a malicious email with the subject “UPS DELIVERY UPDATE”, as shown in Figure 1. Phishers and scammers traditionally misuse the names of well-known organizations and individuals in order to make their malicious messages seem legitimate, allowing them to more easily trick unsuspecting victims. This email message contains a fake order tracking number with a bogus hyperlink that, rather than connecting the user to a legitimate website, downloads a jar malware. After a quick analysis, I was able to determine that this malware is jRAT/Adwind.

By Xiaopeng ZhangFebruary 16, 2018

Industry Trends

Protecting Your Bottom Line from Cyber Risks

As global cyberattacks persist, cybersecurity is becoming a main focus in the C-suite. Gone are the days where it’s just a concern for IT teams. These rapid, sophisticated attacks across industries have demonstrated that cybersecurity is the responsibility of the entire organization as they seek to avoid the crippling effects associated with data breaches.

By Drew Del MattoDecember 26, 2017

Industry Trends

The Future of Cybersecurity Part II: The Need for Automation

The growing complexity of today’s networks and the growing sophistication of today’s threats has outpaced the ability of most traditional security devices to keep up. Until now, the approach of far too many IT teams has been to simply throw more money at the problem by adding yet another device into their security wiring closet. Billions have been spent on this approach every year for decades, and we really don’t have much to show for it. If cybersecurity is an arms race, the good guys aren’t winning. Instead, security...

By Aamir LakhaniNovember 06, 2017

Industry Trends

How Federal Agencies Can Use FortiMail to Comply with BOD-18-01

On October 16th, the U.S. Department of Homeland Security (DHS) announced its intention to have all federal agencies revamp their email security protocol. The Binding Operational Directive (BOD-18-01) will require all federal agencies to deploy STARTTLS, Secure Policy Framework (SPF), Domain Keys Identified Mail (DKIM), and Domain-based Message Authentication Reporting and Conformance (DMARC) within three months of the directive’s announcement. While having these email security features enabled is generally considered to be a cybersecurity...

By Felipe FernandezOctober 30, 2017

Business and Technology

FortiMail named IDC Email Security Leader

As a product manager, the start of the year is a time to take a few breaths and reflect on the successes or failures of the past year and plan for future projects.  When we have invested so much effort into our products, we know their strengths, but spending so much time in such close proximity to a solution can also make one a bit blinkered. Which is why it is always important to get outside opinions on your progress as a sanity check. Of course, customer feedback is essential, and always very welcome, but it was particularly satisfying to...

By Carl WindsorMarch 15, 2017

Industry Trends

On Email’s Birthday, Here’s a Look at How to Keep it Safe

On the anniversary of the first email transmission, we look at how email has evolved over the years, and how to keep it as an essential tool going forward, despite the growing and increasingly sophisticated dangers of e-mail-based malware and other email-borne threats. What some consider to be the first email – the first electronic message sent between two computers – was transmitted on this day exactly 47 years ago, on October 29, 1969. The exchange, from a computer at UCLA to one at Stanford Research Institute, took place over the...

By David FingerOctober 28, 2016

Threat Research

SPF, DKIM, and DMARC: Acronym Soup or Useful Email Security?

Spam has been an constant and chronic problem since the early days of the internet.  The first unsolicited mass e-mailing (later termed SPAM) was sent on May 1, 1978 by Gary Thuerk of Digital Equipment Corp (DEC) advertising the VAX T-series to 400 of the then 2600 ARPAnet users. The SMTP protocol we still use today for emailing, grew out of these early mail protocols used in ARPANET (Postel RFC788 and RFC821) in the early 1980's, and has changed relatively little since.  From its inception, the SMTP protocol had little (no)...

By Carl WindsorSeptember 09, 2016

Threat Research

Hide and Seek Game with Cyperine Author

  Cyperine is a VB .NET info stealing malware advertised in hacking forums to retrieve information from victims and sends it to whichever email is entered in the builder. Cyperine version 1.0 was first released in December 2014, and on June 14, 2016 version 2.0 was released. It steals SSFN steam’s authentication files, stored passwords from browsers, user logins, and software product keys installed in the victim’s computer.   Figure 01. Cyperine builder   The seller also provides a skype account for...

Industry Trends

Protecting Email is Essential to Your Security Strategy

FortiMail Awarded VBSpam+ Certification. Again. Email is still the primary form of critical, formal business communication. It also continues to be the primary conduit for malware, phishing attacks, and data loss. Here’s why: no matter how much they are trained, people make mistakes- especially when social engineering hits the mark. Any effective email security strategy has to assume that folks will open email attachments, click on infected website links and ultimately have their system compromised.  It takes just one person,...

By Bill McGeeMay 02, 2016