Content, Breach, Channel partners, Security Program Controls/Technologies, MSSP, Phishing, SOC, Threat Intelligence

MSSP PhishLabs Unveils Phishing Threat Monitoring, Forensics Service

PhishLabs, a South Carolina-based MSSP that offers phishing protection services and security awareness training, has launched a managed security service to help organizations stop phishing attacks that evade email security technologies.

The Phishing Threat Monitoring & Forensics service provides organizations with access to a dedicated security operations center (SOC) that identifies and addresses phishing attacks that go undetected by email security technologies, PhishLabs said. All threats identified by the PhishLabs SOC can be escalated to the company's Research, Analysis and Intelligence Division (R.A.I.D.) for forensic analysis.

In addition, the service monitors suspicious emails in real-time and provides visibility into threats that enter employee inboxes, according to a prepared statement. It also extracts threat indicators, PhishLabs stated, and adds them to a machine-readable STIX/TAXII feed any time a phishing attack is detected.

With the service, organizations can take immediate action against phishing attacks, PhishLabs founder John LaCour said. The service eliminates gaps between users, security tools and operations, LaCour noted, and helps organizations prevent phishing attacks from escalating.

Is the Volume of Phishing Attacks Increasing?

Phishing attacks are growing in volume, which is reflected in PhishLabs's "Q2 2017 Phishing Trends & Intelligence Report" of 210,100 confirmed malicious phishing sites hosted on more than 61,000 unique domains.

Key findings from the PhishLabs report included:

  • The volume of phishing attacks rose 41 percent in the second quarter of 2017 on a quarterly basis.
  • The volume of attacks targeting software-as-a-service (SaaS) platforms increased 104 percent quarter over quarter, doubling the total volume of SaaS platform attacks observed in all of 2016.
  • Approximately 88 percent of phishing attacks in 2Q17 targeted five industries: financial institutions, webmail/online services, payment services, cloud storage/file hosting services and e-commerce companies.

The phishing threat landscape was "thriving and volatile" in 2Q17, PhishLabs Vice President of Threat Research Joseph Opacki said in a prepared statement. As such, organizations must monitor phishing threats closely and be prepared to act quickly to limit their damage, Opacki stated.

PhishLabs: Here's What You Need to Know

Founded in 2008, PhishLabs offers managed security services designed to protect organizations against phishing attacks that target their customers and employees. PhishLabs analyzes millions of potential phishing attacks every day, the company said, and continues to explore ways to bolster its operations.

PhishLabs in May appointed Tony Prince as its CEO, according to a prepared statement. Prince has more than two decades of managed security services industry experience and founded LURHQ, one of the first MSSPs, in 1996.

Furthermore, PhishLabs in April announced plans to expand its operations into a 25,000-square-foot headquarters in Charleston County. PhishLabs also plans to create 45 new corporate jobs over the next three years, the company said in a prepared statement.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.