Blog

Blog

Do You Know Where Your W-2 Is? Probably Where You Left It

It’s like clockwork. Every year around tax time security vendors ( even us! ) push out warnings about W-2 forms being stolen at tax time, and every year dozens of organizations disclose that someone inside of their organization fell victim to a BEC scam where actors were asking for W-2 information. Historically, actors switch to W-2 phishing campaigns starting at the end of January, and typically...
Blog

The Time is Now: Underscoring the Importance of DMARC for State and Local Governments

Scammers know that impersonating a trusted government agency is an extremely effective way to trick or scare victims into handing over money, personal data, or sensitive information. In many cases, it’s all too easy for cybercriminals to use the agency’s own domains to send authentic-looking phishing emails to constituents and contractors. That’s why the Department of Homeland Security announced...
Blog

Beware of Phishing Attacks as Tax Day Looms Closer

The April 15th deadline to file taxes in the United States is almost here, which means Tax Day phishing operations are in high gear. Impersonating the IRS is a year-round favorite tactic for cybercriminals. In fact, the IRS was the third most-impersonated brand in Q4 2018. But with the April 15th deadline on the horizon, criminals know that now is the perfect time to exploit anxiety, distraction...
Blog

Thinking Differently About BEC: Sharing Intel for the Greater Good

When it comes to sharing threat intelligence with one another, organizations tend to play the game differently. Some prefer to play the “secret squirrel game,” where attribution is something so sacred that names of actors can only be whispered behind closed doors. In other cases, data is bought on the dark underbellies of the Internet and then sold back to organizations as threat intelligence. For...
Blog

BIMI Adoption Grows as Marketers Realize Its Value

With competition soaring and email-based brand impersonation scams skyrocketing 11x since 2014, your most important digital marketing channel could be in serious danger—along with the revenue it generates. But an email standard called Brand Indicators for Message Identification (BIMI) offers a way to fight back. BIMI is an emerging standard that enables brands to display their logos in email...
Blog

Evolving Tactics: London Blue Starts Spoofing Target Domains

In December, the Agari Cyber Intelligence Division (ACID) published a report on a business email compromise group of cybercriminals we call London Blue. In this report , we documented how this group, which has roots in the United Kingdom, evolved its tactics over time, from Craigslist scams to enterprise credential phishing to business email compromise as they matured into a criminal enterprise...
Blog

Forging the Future of Agari Product Development

As someone who joined Agari nearly five years ago as part of the core team building our breakthrough email security solutions, I am extremely proud of what we built, and I can't wait for you to see what's next. This is—after all—a race against time. In the battle against costly spear phishing attacks, business email compromise (BEC) scams, and other advanced email threats, serious solutions can...
Blog

Why iTunes? A Look into Gift Cards as an Emerging BEC Cash Out Method

One of the trends that has been slowly creeping up across the BEC threat landscape is that actors are using other techniques in order to get money outside of an organization. While a traditional BEC attack includes instructions for wiring money outside of the organization, more and more actors are asking for a large number of gift cards instead of the classical request of “Please wire $30,000 to...
Blog

Protecting our Clients from Email Spoofing: Our DMARC Journey

This post originally appeared on the Armadillo Blog and has been lightly edited for clarity. Most organisations have been successful in blocking malicious emails targeted at their employees, at least to some extent. Various on-premise and cloud providers exist to take care of anti-spam, anti-virus, reputation scores, and advanced features such as sandboxing of executables. As a service provider...
Blog

Email-Based Bank Impersonation Scams Hit Where It Hurts Most

We all know that phishing attacks came fast and furious. Timed and tailored for maximum effect, these malicious email messages exploit the cruelest of social engineering tactics , preying on customer anxieties, especially in the aftermath of major crises. This past May, UK banking giant TSB experienced one of these phishing-related emergencies. First came breaking news of a massive system meltdown...
Blog

BEC Goes Mobile as Cybercriminals Turn to SMS

Business email compromise (BEC) is a term that encompasses a variety of techniques and tactics that cybercriminals leverage to obtain money or data via identity deception. Despite the evolution and repurposing of this suite of associated tactics, one constant has remained throughout—the correspondence between scammer and victim is done, almost without exception, over email. This foundational...
Blog

W-2 Scams Likely to Continue as Driver for Phishing Attacks in 2019

With the 2019 tax season reaching full throttle, a volatile mix of conditions could fuel an unprecedented barrage of W-2 phishing scams through mid-April this year. For the businesses and employees who fall victim, the results can be disastrous. W-2s, of course, are the IRS documents that United States businesses provide employees after the end of each year, documenting the employee's earnings...
Blog

Building a Community of SOCs and Threat Intelligence To Stop Data Breaches

In the Q1 2019 Email Fraud & Identity Deception Trends report, we reported that the average security operations center (SOC) is getting more than 23,000 employee-reported phishing incidents per year. Those incidents would require 54 SOC analysts to handle them in a timely matter. Yet, the average SOC only has 12 security analysts. With that kind of a gap in resources, we have two ways to address...
Blog

Winning with Channel Partners: How Agari Continues to See Success

Channel partners have become a strategic extension for technology businesses all over the world. Within the cybersecurity sector, channel partners have proven to be the backbone for many companies leading them to huge success. Agari is a channel-first company with a vision of being the most channel-friendly company in the cybersecurity industry. Here at Agari, channel partners can fall in various...
Blog

Great Scott! Agari Introduces Time Travel to Stop Data Breaches

Today, we’re excited to announce a new technology called Agari Continuous Detection and Response (CDR) that will allow customers to go back in time and find latent threats that are sitting in employee inboxes that could lead to data breaches. As Marty McFly would say, ‘“What do you mean go back in time?” Let me explain. Today, Secure Email Gateways (SEGs) and advanced threat protection security...
Blog

Scarlet Widow Bombs Nonprofit Directories to Run BEC Scams

When the Agari Cyber Intelligence Division released our report on London Blue in December, much of the focus was on how cybercriminals use legitimate lead generation services to identify their targets. Research we released today into a different cybergang—one we’ve named Scarlet Widow—shows how Nigerian criminals take a different tactic against more vulnerable institutions. Rather than focusing on...
Blog

Retail Trails Other Sectors in Adopting DMARC for Phishing Prevention

Recent research by the Agari Cyber Intelligence Division finds that the retail industry is dead last among major sectors in adopting and enforcing DMARC email authentication . This leaves their email channel vulnerable to brand impersonation attacks. While the United States government leads in full DMARC enforcement policy, with 81% of its domains meeting the strictest DMARC standard, over 60% of...
Blog

DMARC Adoption Up, But 85% of Fortune 500 Remains Vulnerable to Brand Hijacking

Adoption of Domain-based Message Authentication, Reporting, and Conformance (DMARC) has seen modest growth in recent months, with 6.1 million domains now possessing valid DMARC records, according to our new Q1 2019 Email Fraud & Identity Deception Trends Report . That's up from 5.3 million in October—a 15% increase in the number of domains protected against email-based "brandjacking" scams that...
Blog

Scarlet Widow Breaks Hearts and Empties Wallets via Romance Scam Operations

With Valentine’s Day celebrated around the world, today is a day full of love and joy—especially for those in committed relationships. People around the globe are celebrating their relationships by sending flowers and chocolates, enjoying fancy dinners, and writing love notes in greeting cards. Unfortunately, not all relationships are legitimate, and not everyone sees today as a celebration of...
Blog

Phishing Survey Finds Businesses Waste $2 Million a Year Chasing False Positives

If US-based companies don't start automating phishing incident response processes within their SOCs, they could be SOL, according to new data captured in our Q1 2019 Email Fraud & Identity Deception Trends Report . That's because while businesses strive to implement security controls to prevent phishing attacks and any subsequent data breaches, the Security Operations Centers they rely on to...