Blog | Agari

Blog

Blog

DMARC 101 (Part II) – DMARC Fills the Holes Left by SPF and DKIM

You can catch up on Part 1 here.As we discussed in part one of this series, SPF and DKIM are important foundational standards for email authentication. But, even after an email sender has fully deployed SPF and DKIM, there are still three key elements of email authentication equation missing—and that's what led to the development of DMARC.#1: Which Matters More: SPF or DKIM?First, there is no way...
Blog

DMARC 101 (Part I) – S/MIME, SPF, and DKIM

Why do you need DMARC to protect your email domains from being leveraged in phishing attacks? To get the full picture, let's look at the basics—and how DMARC came to be.What is DMARC?Domain-based Message Authentication, Reporting & Conformance, or DMARC, is an open email authentication protocol that helps senders protect their email domains from being spoofed by fraudsters in phishing attacks and...
Blog

BIMI: What It Is & Why It Matters to Email Security

Curious how BIMI can protect your email? I’ll explain what BIMI is, how it works, and how you can use it to protect your brand’s email communications.What is BIMI?Brand Indicators for Message Identification, or BIMI, provides a standardized method for businesses to showcase their brand logo next to the subject line of their authenticated emails so they stand out in crowded inboxes, with built-in...
Blog

Email Security: Agari Delivers a Whole New Level of Actionable Insight to Outpace Threat Actors

CISOs and their teams are about to get some serious performance enhancers in their high-stakes race against email security threats.According to the FBI, phishing campaigns, business email compromise (BEC) scams, and other advanced email attacks have resulted in $26 billion in business losses over the course of three years. Then 2020 happened.With 75 million corporate employees even now still...
Blog

How to Make Oauth2 Play Nice with EKS Ingress

Over the course of my technical career, I’ve always thought of Oauth2 to, frankly, be a bit of a pain. Oauth2 offers a mind boggling amount of possibilities and is the basis of many authorization workflows.However, I have found the documentation and supporting examples of how to integrate Oauth2 somewhat lacking. I hope that someone out in the ether will find this blog post and save a few days of...
Blog

DMARC: 3 Best Practices for Capturing Next-Level Business Value

Implementing DMARC at its highest enforcement level is critically important to security and messaging operations. But it's also just the first step to realizing the full value of your DMARC program.To understand why, let's start with the basics. DMARC, which stands for Domain-based Message Authentication, Reporting, and Conformance, can stop fraudsters from spoofing your domain and impersonating...
Blog

What is Email Spoofing & How to Stop Attackers From Posing as You

What is email spoofing, how does it work, and why is it so dangerous to your company? We’ll explain everything you need to defend your company and your customers. Email Spoofing: What Is It? Email spoofing is when a fraudster forges an email header’s ‘From’ address to make it appear as if it was sent by someone else, usually a known contact like a high-level executive or trusted outside vendor...
Blog

BEC Response Guide— Tips for Responding to Business Email Compromise Incidents

This post originally appeared on Medium and is published here courtesy of Ronnie Tokazowski. For more by Ronnie, follow him on Twitter @iHeartMalware.If you’re reading this and are in the middle of an incident, go to the first bullet now. The rest can wait.Malware incidents suck, but if you want to know what it’s like responding to a BEC incident, triple the carnage, shake the snow globe, set it...
Blog

DKIM Setup Guide: How to Configure DKIM Step by Step

In this DKIM setup guide, we’ll walk you through the steps to set up DKIM correctly, test it, avoid common pitfalls, and fix common mistakes. Here are the steps to a correct DKIM setup: List all your sending domains Install a DKIM package on your email server (see details below) Create the public and private DKIM key pair Publish the public DKIM key Hide the private DKIM key Configure your email...
Blog

BEC Cash-out Methods: Email Fraudsters Experimenting With Alternative Approaches

Business email compromise (BEC) actors are exploring alternative cash-out methods for spiriting away the profits from their crimes.Traditional bank accounts have long been the go-to choice for email scammers seeking to cash out the funds they've pilfered from organizations they victimize. Just since 2016, BEC groups have defrauded businesses out of more than $26 billion worldwide. But over the...
Blog

Office 365 Phishing Emails: Prevention, Detection, Response

Office 365 phishing emails come in common patterns. I'll list them here and also cover Office 365 anti-phishing features for prevention, detection, and response.Today, the typical Office 365 phishing emails direct users to fake Office 365 Sign-in pages. The victim submits their credentials, effectively handing over their password. Fraudsters use that login to access the victim’s address book, then...
Blog

DKIM for Email: What It Is, How It Works, and How to Add It

We'll cover what DKIM for email is, why your company needs it, how it works, how to set DKIM up, and additional ways to prevent email spoofing attacks.What is DKIM?First, let’s clarify what DKIM is in email. DomainKeys Identified Mail is a technique that uses your domain name to sign your emails with a digital “signature” so your customers know it’s really you sending those emails and that they...
Blog

DMARC: 5 Keys to Success

In this post, we will look at 5 keys to DMARC success both organizationally and in enterprise-wide implementation.Domain-based Message Authentication, Reporting, and Conformance (DMARC) is a standard email authentication protocol that plays an essential role in any organization’s cyber security arsenal. That’s because DMARC is key to protecting your business, customers, and partners from email...
Blog

BEC Attacks: What They Are, How to Spot Them, and What to Do

Here we’ll cover what BEC attacks are, how they work, what they usually look like, and how to handle them.What is a BEC Attack? 7 Common BEC Attack Patterns Top Identity Deception Techniques How Can BEC Attacks be Stopped? What's the Best Way to Recover From a BEC Attack?What is a BEC Attack?First, let me explain what a BEC attack is. In short, Business Email Compromise phishing occurs when...
Blog

BEC Scams: What to Look For, What to Do

We'll cover what BEC scams (Business Email Compromise scams) are, how they work, what you should look for, and what to do about them, including: What the Heck is BEC?3 Reasons BEC Attacks Are Getting WorseWhat Are The Top BEC Scams to Look Out For?Key Identity Deception Tactics You Need to KnowHow Can BEC Scams Be Blocked?What the Heck is BEC?Here’s how BEC scams work: Business Email Compromise...
Blog

What is DMARC Policy? 3 Policies & Which to Use

Your DMARC policy tells email receivers what to do with unapproved (possibly fraudulent) emails, like whether to reject, quarantine, or accept them.There are 3 DMARC policies:Monitor (p=none) allows unqualified emails to go to the recipient’s inbox or other folders. Quarantine (p=quarantine) directs unqualified emails to go to the recipient’s junk or spam folder. Reject (p=reject) blocks...
Blog

The Global Reach of Business Email Compromise (BEC)

Over the last five years, Business Email Compromise (BEC) has evolved into the predominant cyber threat businesses face today. Since 2016, businesses have lost at least $26 billion as a result of BEC scams and, based on the most recent FBI IC3 report, losses from BEC attacks grew another 37 percent in 2019—accounting for 40 percent of all cybercrime losses over the course of the year.The...
Blog

DMARC Setup Guide: How to Add DMARC Step by Step

We'll explain how to configure DMARC for your company's email, including what you'll need and how to add DMARC to your DNS. Just follow these DMARC setup steps!Before we begin, here’s a high-level overview of how to add DMARC to your DNS.Add your DMARC record into your DNS Select the TXT record type Add the host value (see details below) Add the value information (see details below) Save the DMARC...
Blog

Agari Fall ' 20 Release Boosts CISO Confidence in Enterprise DMARC Deployment

With cyber gangs leveraging business email compromise (BEC) attacks that actively exploit their targets' level of DMARC adoption, CISOs have been ratcheting up email security.Until now, the need to dial up defenses against imposters posing as senior executives in email attacks has been increasingly forcing legitimate business correspondence into quarantine. The chain reaction kneecaps commerce...
Blog

Phishing: How to Protect Against Email Attacks Sent from Compromised SendGrid Accounts

Blocking SendGrid email traffic isn't a realistic option for most businesses hit by a barrage of phishing attacks emanating from compromised accounts at the Twilio-owned email service provider in recent months.Instead, Agari leverages a strategic data modeling approach to neutralize the threat while enabling legitimate SendGrid-distributed emails to safely reach employee inboxes. More on that in a...