Email Security Blog

Agari Summer ’20 Release: CISOs Gain Unique Threat Intel to Their Organizations

Michael Paiko June 30, 2020 BEC, Business Email Compromise

With business email compromise (BEC) scams up sharply amid the coronavirus pandemic, CISOs have been forced to scour an expanding but largely inscrutable email threat landscape in hopes of fending off costly attacks—until now, that is.

In an industry first, the new Agari Summer ’20 Release offers CISOs access to real-world intelligence on specific phishing threats unique to their organizations. Instead of fighting an amorphous enemy, CISOs will know with remarkable granularity which specific employees are being targeted regularly, the exact types of phishing schemes their employees fall for most often, where the attackers are located, and more.

It’s exactly the kind of intel that can be used to help block phishing attacks and domain spoofing more effectively than ever before, while forging new phishing response efficiencies. And it couldn’t come at a better time.

The COVID-19 BEC Outbreak

In a recent survey from JPMorgan, 75% of US companies reported suffering direct financial damage from email schemes in 2019. And according to the FBI, that translated into more than $8.6 billion in business losses last year.

But with the emergence of the SARS-COV-2 outbreak and subsequent work-from-home mandates, BEC actors began ramping up their attacks using sophisticated new techniques.

The team in our Agari Cyber Intelligence Division (ACID), for instance, was the first to identify the use of COVID-19 as a pretext in BEC scams. In that case, a crime group our researchers have dubbed Ancient Tortoise posed as a supplier to target companies with requests for a change in payment details on outstanding invoices due to the outbreak.

Scams that involve hacking one company to target its own employees or those of its customers and supply chain partners in BEC heists have only proliferated since. And it’s no wonder: While a traditional BEC scam may net cybercriminals an average of $60,000, those that involve supply chain imposters average $125,000.

With this latest release, Agari builds further on our industry-leading success in stopping such attacks from ever even reaching their intended targets.

Organization-Specific Intel Means Better Block-and-Tackle

As part of Agari Active Defense™, the new BEC threat intelligence service included in our Summer ’20 Release delivers real-world cyber intelligence data harvested by the ACID team from direct, active engagements with email fraudsters attacking and scamming an organization.

It’s an industry first, from the world’s only counterintelligence research team dedicated to BEC scams and spear-phishing investigations. And if that weren’t enough, the Summer ’20 release also comes with other powerful new features.

Agari Phishing Response™, for example, now comes with a Reply-to-Reporter feature that provides a 360-degree feedback loop on malicious emails reported by employees. Now, employees receive confirmation after spotting and submitting a suspected phishing attack to the Security Operations Center (SOC). Once the threat is analyzed, employees are notified of the result—positive or otherwise.

This helps enhance phishing simulation training by further refining employees’ ability to identify true attacks, while lowering false positive rates that can overwhelm SOC analysts.

Plus, we’ve added an additional layer of URL scanning to more quickly and accurately identify high-risk URLs in employee-reported phish emails—reducing the time needed to investigate and eradicate malicious emails from employee inboxes.

Protecting the Brand and Building Community

As part of our Summer ’20 release, Agari Brand Protection™ gets a Domain API that allows SIEM and SOAR applications to import domain and DMARC data, as well as automate monitoring and alerting on anomalies in sending behavior from an organization’s email domains.

And the new Agari Community Forum offers customers a single location to check Agari system status, get answers to product questions, share ideas, and collaborate with peers. Customers get full access, and the chance to hear from different voices that face similar email security challenges, communicate with Agari subject matter experts, and participate in active conversations about keeping the enterprise safe from advanced email threats of every kind.

Avoiding Email’s Summer of Discontent

For all of these valuable new features, it’s probably the BEC intelligence service that has me most excited—especially as reports of brazen BEC scams keep coming.

Last month, the Norwegian Wealth Fund announced it lost $10 million to BEC actors after they infiltrated the organization’s networks and stole information that enabled them to impersonate a credible borrowing organization and divert funds to their own accounts.

And just the last few weeks, news hit that the North Korean state-sponsored hackers known as Lazarus Group have started pilfering data from one company in order to launch BEC scams targeting others within the same supply chain.

Forgive me for the expression, but if that’s a sign of how the BEC contagion is metastasizing, Agari and our Summer ’20 release are here with one very powerful cure.

To learn more about the Summer ’20 Release:

Agari customers are also invited to:

Leave a Reply

Your email will not be published. All fields are required.

woman looking at computer screen

November 10, 2020 Armen Najarian

BEC Attacks: What They Are, How to Spot Them, and What to Do

Here we’ll cover what BEC attacks are, how they work, what they usually look like,…

Agari Blog Image

October 30, 2020 Armen Najarian

BEC Scams: What to Look For, What to Do

We'll cover what BEC scams (Business Email Compromise scams) are, how they work, what you…

Night time satellite image of south eastern usa

October 13, 2020 Crane Hassold

The Global Reach of Business Email Compromise (BEC)

Over the last five years, Business Email Compromise (BEC) has evolved into the predominant cyber…

Agari Blog Image

August 5, 2020 Michael Paiko

Phishing & BEC Scams Soar 3000%: Agari H2 2020 Email Fraud and Identity Deception Trends Report

Coronavirus-related phishing attacks and business email compromise (BEC) scams skyrocketed 3,000% from mid-March through early…

Agari Blog Image

July 17, 2020 Patrick Peterson

Business Email Compromise: New Shift in BEC Threat Landscape Puts CISOs on Notice

A seismic shift in the email threat landscape has CISOs bracing for sophisticated new forms…

mobile image