Blog

Blog

Ticket to Fraud: Airline Industry Sees Increased Consumer Phishing Scams

For many, there are few things more satisfying than receiving an email confirmation for a flight just booked to a tropical location for a much-needed vacation. Most people love traveling, especially to favorite destinations or to explore new locales. The opposite of that feeling? The immediate pang of anxiety a consumer feels when getting a notification for a ticket that they in fact never...
Blog

Strategies for Testing Async Code in Python

Creating a future where all of our customers can trust their inbox can push Agari engineers to the limits of available technologies. In fact, handling the scaling requirements of Cloud Email Protection has led our Sensor team to test some of the most advanced features of the Python programming language. To maintain quality while using these features, our team created some of the first approaches...
Blog

Email Security: Using ML to Prevent Advanced Attacks

The statistics are astounding. Email remains the number one threat vector for data breaches, the point of entry for ninety-four percent of breaches. There is an attack every 39 seconds. Over 30% of phishing messages get opened, and 12% of users click on malicious links. As cybercrime becomes more advanced and bypasses the legacy controls put in place to defend against it, security must become more...
Blog

From Secure Email Gateway to Secure Email Cloud

The secure email gateway (SEG) worked for decades, no doubt. It was truly the first line of defense against email-based threats that took advantage of people and technology to enable fraud. Those of us who have dedicated our lives to improving this industry are grateful for the work of companies like Symantec and Proofpoint, which have spent years protecting people and organizations from viruses...
Blog

CISOs, Conversations, and Cabernet: A Look Back at Trust 2019

Six months ago, Agari rolled out a brand new vision—a vision focused on the idea of trusting your inbox with the Secure Email Cloud . Combined with announcements about our new Agari Phishing Response product and the newly formed Agari Cyber Intelligence Division, this vision provided an opportunity for us to reshape our thinking around email security. Every single day since we shared that vision...
Blog

DMARC Adoption Worldwide Slows with Australia's ASX 100 Remaining Most Vulnerable

DMARC adoption rose a tepid 1% in the first quarter of the year, with the rate of growth slowing compared to the last three months of 2018, according to our latest report on email security trends. That said, nearly 90% of Fortune 500 businesses remain unprotected against email-based impersonation attacks targeting their customers, partners, and other businesses. But Australian companies lead their...
Blog

Restoring Trust to Digital Communications: Working with Human Nature

Cybercriminals have used email to scam more than $13 billion out of organizations since 2013, according to the most recent Internet Crime Report . Phishing is rising by the day, and despite advancing threat-detection technology, the problem is getting worse. Why? Fraudsters are becoming more sophisticated at identifying targets and crafting messages that evade traditional secure email gateways...
Blog

Email Security: Using AI to Prevent Business Email Compromise

Business email compromise (BEC) , phishing, and ransomware are growing ever-more targeted and personalized, changing the face of email security from an event that happens at email delivery to a continuous process of detection and remediation. As enterprises move email to the cloud, more of these attacks are never-before-seen, zero-day events targeting unreported security gaps. Others arrive as...
Blog

From One to Many: Scattered Canary Evolves from One-Man Startup to BEC Enterprise

There is no denying that business email compromise (BEC) is big business, with losses exceeding a billion dollars in the United States in the last year alone. Globally, BEC attacks have cost more than $13 billion in the last five years. Chances are likely that you’ve probably been a recipient of one of these social-engineered emails yourself. But the question remains… who is behind these...
Blog

SOC Costs Double as Employee-Reported Phishing Surges 25%

A 25% spike in employee-reported phishing attacks during the first quarter of 2019 has increased the time required for security operations centers (SOCs) to respond to phishing incidents by as much as 32%—and the price tag is rising fast. According to the new Q2 2019 Email Fraud and Identity Deception Report from the Agari Cyber Intelligence Division (ACID), employees now report an average of 29...
Blog

5 Reasons Why I Joined Agari as Chief Business Development and Strategy Officer

A 300% increase in phishing attacks in just twelve months, with more than 40% launched using cloud-based email, URLs, or both. As many as 1.5 million malicious emails sent from hijacked Office 365 accounts on a monthly basis. Average losses of $2 million for the businesses they victimize—and $7.9 million in additional average costs when they result in a data breach. Unfortunately, these numbers...
Blog

Why DMARC Could Make or Break Your B2B Email Marketing Programs

In B2B email marketing, nothing says amateur hour like a landing page with the words "Not Secure" in the URL. A missing SSL certificate is bad enough, but it's the lack of something called " Domain-based Message Authentication, Reporting & Conformance " (DMARC) that could obliterate your KPIs and cost your company millions in brand reputation and revenue. As the CMO of a fast-growth technology...
Blog

Can Remote Employees Solve Your Tech Hiring Crunch? Yes, If You Know What to Expect

Finding talent for a fast-growing tech startup is a challenge, especially in competitive markets like Silicon Valley. The solution to hiring the people you need without waiting forever, poaching from competitors, and breaking your salary budget? Look beyond your local market for new sources of talent. At Agari, we are always on the lookout for talent near our Bay Area headquarters. But we also...
Blog

Quick, Urgent, Request: Agari Research Reveals Top Ten Subject Lines Used for BEC

You likely have a fraudulent email from a business email compromise (BEC) scammer sitting in your inbox, and you may not realize it. However, recent research from the Agari Cyber Intelligence Division (ACID) has shown that these advanced phishing attacks increasingly possess a handful of commonalities, making them easier to spot—which is good news considering their popularity. There are more BEC...
Blog

Current Email Architecture Transformation Raises the Bar for Security

Enterprise email architecture is evolving, which is good news for cybercriminals. Legacy secure email gateways (SEGs) simply don't provide full protection from today’s evolving and costly attacks, and cloud-based email requires a new security approach. In contrast, the next generation of email security—the AI-powered Secure Email Cloud —gives organizations more comprehensive security and better...
Blog

2018 Internet Crime Report Shows Business Email Compromise (BEC) is Still Big Business

Every year, the Internet Crime Complaint Center , also known as IC3, publishes an annual report looking at the different types of internet-based crimes reported to the FBI. Over the last year, victims around the globe lost $2.71 billion to all types of cybercrime, which includes lottery scams, hacktivism, gambling fraud, malware, ransomware attacks, and tech support fraud, among others. While each...
Blog

Agari Research Finds 2020 Presidential Campaigns Vulnerable to Next-Gen Phishing Attacks

The type of email attacks that helped derail Hillary Clinton’s presidential bid during the 2016 presidential election cycle could be a prelude to the aggressive tactics we may see in 2020—and new data suggests early candidates and their campaigns aren’t ready to defend themselves. According to analysis captured in the Email Fraud and Identity Deception Report from the Agari Cyber Intelligence...
Blog

2020 Presidential Campaigns Susceptible to Nation-State Email Attacks—Agari Can Help

Three years ago, Russian operatives spear phished the email account of Hillary Clinton's campaign chairman during the 2016 US presidential election. Even though that memory looms over candidates and the country, Agari analysis finds that 83 percent of the top candidates still have vulnerable email accounts —and even fewer have implemented the authentication necessary to prevent email impersonation...
Blog

Bitcoin: The Next Evolution in BEC Cash Out Methods?

Historically, business email compromise (BEC) threat actors have used wire transfers as a means to steal money from businesses. Impersonating a trusted contact, usually a company executive, a scammer requests that a fictitious vendor get paid by sending money to a bank account controlled by the scammer or an associate. Today though, we've seen a new trend: cybercriminals outright asking for...
Blog

Brand Impersonation Attacks on Law Firms Harm Clients and Cost Millions

Imagine this scenario: you call your high-profile client on your way into the office to check in and see if they’re ready to make the multimillion-dollar down payment on a new property. They tell you they wired it yesterday, following your email instructions. But you never sent them an email. Now you have to tell your client that that email didn’t come from you. Except that it did—or at least from...