Email Security Blog

Agari Simplifies Microsoft 365 Integration & Delivers New Visibility into B2B Domain Abuse

Michael Paiko April 13, 2021 Agari Products

Protecting employees, customers, and partners against email security threats is about to become simpler and more effective, thanks to new features in our latest product release. It couldn’t happen at a more pivotal moment.

According to a new report from the FBI’s Internet Crime Complaint Center (IC3), 2020 was as bad as you thought it was. The number of reported email attacks against US companies topped 791,790—a 69% increase in just 12 months. Business email compromise (BEC) scams alone led to more than $1.8 billion in losses. Making matters worse, the number of phishing attacks doubled to over 240,000 .

While COVID-19 and the abrupt shift to remote working expanded the email attack surface into the homes of more than 50 million corporate employees, that doesn’t mean that 2021 won’t see the same issues. The move to hybrid work is about to make email security more complex, and actionable threat intelligence more essential.

Helping to solve challenges like these is why we’re excited to announce the Agari Spring ’21 Release. Sporting a number of new capabilities, our latest product release enhances our support for CISOs and security teams tasked with neutralizing email threats and protecting their corporate domains. Let’s take a look at some of the new features.

Microsoft Graph Enforcement: Best Practices Made Simpler & Easier

Rising numbers of phishing attacks and BEC scams coupled with privacy and security regulations like GDPR and CCPA, have exacerbated the challenges associated with email for businesses operating in MS environments.

Our Spring ’21 release utilizes the Microsoft Graph API to make it easier than ever to follow Microsoft best practices for integrating Agari Phishing Defense™ with Microsoft 365—and to quickly remediate malicious emails in full accordance with privacy and security requirements.

Our customers shouldn’t expect anything less from us, of course. In 2016, we pioneered the API architecture for email security using the Microsoft Outlook 2.0 API, and our integration with the Microsoft Graph API follows the recent launch of our new Azure Sentinel Data Connector. Thus, this release continues to deliver on our promise to help our customers meet their email security and policy needs in ways nobody else can.

Exclusive Visibility into B2B DMARC Email Authentication & Domain Data

In the US, as many as 3 million malicious emails spoof corporate domains every day—more than 11 billion per year. While many of these emails impersonate popular brands in attacks targeting consumers, a growing number set their sights on businesses in the form of vendor email compromise scams (VEC), aging financial report schemes, and other forms of fraud.

The recipients that fall prey to these B2B scam emails aren’t the only victims. Companies that get impersonated also face lost business, a tarnished brand reputation, lawsuits, and regulatory fines. Risks like these are primary drivers for companies that deploy DMARC, the email authentication protocol that gives enterprises and other senders control over which domains are allowed to send emails on their behalf—and see which domains are being abused.

DMARC also enables email receivers to recognize when an email isn’t coming from a brand’s approved domains, and gives the sending organization the ability to tell the email receiver systems what to do with those unauthenticated email messages. But while DMARC data reported by major ISPs provides a partial view of mailboxes relevant to B2B organizations, it can be incomplete—and offers no insight into attacks that impersonate brands using look-alike domains and similar techniques.

Here again, we’re here to provide a solution. With the latest enhancements to Agari Brand Protection™, our market-leading enterprise email data footprint now includes exclusive visibility into DMARC email authentication within enterprise supply chains and B2B market segments. It also provides actionable alerts about the impersonation or abuse of your brand in real-world phishing attacks—a feature that isn’t available with other DMARC solutions on the market.

Breaking Alerts With Analysis of Time-Sensitive BEC Fraud Intelligence

Building on the recent launch of the Agari Active Defense Threat Portal, we’re now bringing you breaking alerts and concise analysis of time-sensitive BEC fraud intelligence from the Agari Cyber Intelligence Division (ACID), prepared exclusively for Agari Active Defense™ subscribers.

In addition to access to real-time threat data and historical information on specific phishing and BEC attacks, you’ll now also receive the latest intel on global BEC and email fraud trends. By better understanding emerging threats, your team can anticipate, assess, and prevent specific risks to your company—and avoid getting blindsided by an unexpected attack.

Not Just Protection… Preemption

If there’s a theme in our latest enhancements, it’s about continuing to deliver on our promise to help our customers prevent malicious attacks, protect their brands and business ecosystems, and meet regulatory requirements, as easily as possible.

The next year will be pivotal on all of these fronts. But for me, regulatory changes may be the thing to monitor most. Maybe it’s fallout from SolarWinds. Perhaps it’s the nearly $30 billion in losses from BEC scams since 2016. Or maybe it’s the rising volume of phishing-related data breaches that now cost companies an average $8.6 million per incident. Whatever the cause, consumer and business sentiment is shifting on cybersecurity.

Recent polling from Veritas suggests that consumers would like fines and even jail time for the CEOs of businesses that don’t do everything they can to protect against cybercrime. Recent court cases suggest inaction could soon be costlier than the crimes themselves. If the business world isn’t careful, it may not be long before the CCPA, GDPR, and other existing regulatory mandates seem like child’s play compared to what’s to come.

If you ask me, that’s more than enough reason to do everything you can to ensure your company can navigate this year of transition as securely as possible.

For more information about the Spring ‘21 release, please reach out to your Customer Success Manager. Or, to learn more about our products, request a free demo with our team.

Agari Blog Image

April 20, 2021 Brent Sleeper

Newly-Enhanced Agari Splunk App Integrates Phishing Threat Data into Splunk SIEM Solutions

A newly-enhanced Agari App for Splunk integrates email threat data from both Agari Phishing Defense…

mobile image