Blog | Agari

Blog

Blog

Catching Lookalike Domains with Image-Based Analysis

Reading is like riding a bicycle: once you master it, it feels easy and automatic, and you quickly forget how much effort it took to learn. For example, we are normally not aware that we move our eyes 3 or 4 times per second as we read, glancing at each word on a screen or page for a few hundred milliseconds. Nor do we realize that only a portion of a word is visible and in focus at any given...
Blog

TLS for Email: What Is It & How to Check if an Email Uses It

What exactly is TLS?TLS is a popular Internet security protocol designed to establish secure communications that provides both privacy and data security. TLS was first developed by the Internet Engineering Task Force (IETF) with the first version being published in 1999.TLS was created from another encryption protocol called Secure Sockets Layer, or SSL. Since both protocols are so closely related...
Blog

Inside a Compromised Account: How Cybercriminals Use Credential Phishing to Further BEC Scams

Why would a cybercriminal spend time developing malware when he can simply trick unsuspecting users into handing over their passwords? Why would a threat actor spend her money and resources on ransomware, when she can get that same information through a compromised account? It’s a good question, and exactly what the Agari Cyber Intelligence Division wanted to discover. In a growing trend known as...
Blog

BIMI is Officially Trending as Adoption Jumps 72% in Just 6 Months

After a dramatic surge in adoption during the second half of 2020, BIMI may soon become an email marketing must-have.As of December 31, 2020, nearly 9,100 companies have adopted Brand Indicators for Message Identification (BIMI), an email standard for showcasing a brand's logo next to its email messages in recipient inboxes, with built-in protections against phishing-based brand spoofing.That's a...
Blog

How to Implement the BIMI-Selector Header for Multiple Brands

Wondering what Brand Indicators for Message Identification actually means? Here, we’ll cover the basics of BIMI, what the BIMI-selector header is, what it does, whether you need it, and how to implement it. But first, do you really need the BIMI-selector header? In most cases, you only need the BIMI-selector header if you want to support multiple logos for multiple brands or subdomains. Otherwise...
Blog

Cyber Threat Intelligence: How to Stay Ahead of Threats

Generally defined, cyber threat intelligence is information used to better understand possible digital threats that might target your organization. This data will help identify threats in order to prevent security breaches in the future.Why Cyber Threat Intelligence is ImportantHaving a system in place that can produce threat intelligence is critical to staying ahead of digital threats, as well as...
Blog

5.8B Malicious Emails Spoofed Domains; 76% of Fortune 500 Still at Risk: DMARC Results from Agari

Global adoption of Domain-based Messaging, Reporting & Conformance (DMARC) topped 10.7 million email domains worldwide in 2020—reflecting a 32% increase in just six months, according to our H1 2021 Email Fraud & Identity Trends Report.The total number of domains with DMARC set to its highest level of protection against email spoofing climbed to 3.8 million during the same period. That's up a...
Blog

Powerful New Agari Phishing Defense Integration Comes to Cortex XSOAR

As we expand our integrations with industry leaders, we’re very excited to highlight a new Agari integration with Palo Alto Networks Cortex XSOAR that helps security teams improve email threat visibility and accelerate their ability to respond to phishing attacks.This new integration is welcome news for security teams who are feeling pummeled by a never-ending onslaught of phishing attacks...
Blog

Frost Radar Names Agari as a Leader in Email Security

Three months ago, when I joined Agari as the Chief Marketing Officer, I knew that I was joining a leader in email security. I knew this partially because I worked for Agari from 2016-2019 during an exciting time of change for the company. But my time away from Agari made me realize how much it has to offer its customers and partners, which is ultimately why I decided to return. And I’m thrilled to...
Blog

What Is SPF and How Does It Work?

We're going to delve into what SPF for email is, how to implement it, the benefits of using SPF and how to further protect your email-sending domains.What is SPF?Sender Policy Framework (SPF) is an email authentication protocol that domain owners use to specify the email servers they send email from, making it harder for fraudsters to spoof sender information.SPF email policies are widely used...
Blog

New Research Shows 61% of Employee-Reported Phishing Emails are False Positives

A year into the pandemic, Security Operations Centers (SOCs) are getting bombarded by employee-reported phishing attacks both real and imagined—as legitimate threats slip by unnoticed, according to analysis from our latest cross-industry phishing response survey.Long before any of us had ever heard the term "COVID-19," phishing was implicated in nearly 7 in 10 corporate data breaches, prompting...
Blog

What is DMARC? Effects on Email Spoofing & Deliverability

Wondering how DMARC affects email? Here’s a comprehensive guide explaining what DMARC is, how it affects email, and why your company needs it for security.What is DMARC?What does DMARC mean? DMARC, short for Domain-based Message Authentication, Reporting and Conformance, is an email authentication protocol to help email administrators prevent fraudsters from spoofing email domains by specifying...
Blog

Newly-Enhanced Agari Splunk App Integrates Phishing Threat Data into Splunk SIEM Solutions

A newly-enhanced Agari App for Splunk integrates email threat data from both Agari Phishing Defense and Agari Brand Protection directly into Splunk SIEM, with support for Splunk Enterprise and Splunk Cloud. This comes at a pivotal time.We’re over a year into the pandemic, with an estimated 57% of corporate employees still working remotely and the prospect of transitioning to new, hybrid office...
Blog

Protecting Digital Communications During the Digital Transformation: A Look Back at Trust 2021

While we’re all Zoomed, Webexed and Teamed out after thirteen months of the pandemic, cybercriminals are taking advantage of the situation. They know we’re heavily relying on digital communications and they’re sending fake emails, pretending to be your boss. They’re sending fake invoices, pretending to be your vendor. They’re even sending fake requests for gift cards, on the off-chance that...
Blog

Agari Simplifies Microsoft 365 Integration & Delivers New Visibility into B2B Domain Abuse

Protecting employees, customers, and partners against email security threats is about to become simpler and more effective, thanks to new features in our latest product release. It couldn't happen at a more pivotal moment.According to a new report from the FBI's Internet Crime Complaint Center (IC3), 2020 was as bad as you thought it was. The number of reported email attacks against US companies...
Blog

Big Email Concern: IC3 Report Confirms that BEC (Unsurprisingly) Remains a Problem

When it comes to reports from the security industry, one of our yearly favorites is the IC3 Internet Crime Report, which covers all cybercrime reported to the FBI. Each year, the report provides breakdowns on the confirmed losses victims face across the globe. While the crimes are heavily focused in the United States, the FBI receives victim reports across the globe, giving a non-biased, non...
Blog

Agari Azure Sentinel Data Connector Automates Triage for Phishing Attacks Targeting Office 365 Email

Building on a long partnership and tradition of innovation with Microsoft, Agari is excited to announce the launch of an Azure Sentinel Data Connector that supports triage of suspected phishing attacks within Office 365 email environments. This comes at an important time.Email threat actors typically follow the biggest and potentially most lucrative targets. So it’s no surprise that large scale...
Blog

Agari Report: New BEC Scam 7X More Costly Than Average, Bigger Phish Start Angling In

Sophisticated new threat actors, evolving phishing tactics, and a $800,000 business email compromise (BEC) scam in the second half of 2020 all signal big trouble ahead, according to new analysis from the Agari Cyber Intelligence Division (ACID).As captured in our H1 2021 Email Fraud & Identity Deception Trends Report, successful attacks on Magellan Health, GoDaddy, and the SolarWinds "hack of the...
Blog

DKIM vs. SPF: Do I Need Them Both?

Which should you use: DKIM, SPF, or both? We’re going to cover these terms, when you should use them, what they do—and how best to protect your email domains. Is it Either/Or—or Both?Is it necessary to use both SPF and DKIM? While not mandatory, it’s highly recommended to use both SPF and DKIM to protect your email domains from spoofing attacks and fraud while also increasing your email...
Blog

Cosmic Lynx Returns in 2021 with Updated Tricks

In July 2020, we published a report on a Russian-based BEC group we called Cosmic Lynx. In that report, we described the tactics used by the group, which included its targeting of senior executives at large companies with a global footprint and how it uses mergers and acquisitions (M&A) themes in its BEC email lures.Shortly after we published the report, we saw a significant decrease in Cosmic...