The Compelling Event
Back in 2018, an organized cybercriminal group orchestrated a clever credential-phishing attack on a manufacturing company, which is known as an industry-leading safety equipment manufacturer in the industrial absorbents sector.
The emails were so well written that the attack sparked a series of events. “It wreaked havoc throughout the business,” explained the Head of Email Security at the company. “The good news was we stopped the attack before any money was transferred or lost.” That attack was a wake-up call, and prompted further action to secure the company's email environment.
Scammers are Industry-Agnostic
The manufacturing company specializes in the eradication and clean-up of spills and big messes worldwide. It has spent more than 35 years building a brand that facilities managers around the world trust. Ensuring its employees, customers, and vendors can trust the ebb and flow of emails is critical to its success because orders are placed and work gets done through email.
It has a complex email infrastructure, and like most companies today, it migrated its email to the cloud with Microsoft 365. According to the Head of Email Security, M365 does an outstanding job of filtering junk email.
However, the original attack bypassed the legacy risk management controls built into M365 and landed in employees’ inboxes, prompting the search for an additional solution. After stopping the threat mid-attack, the InfoSec team looked for additional controls to ensure impersonation and credential phishing couldn’t happen again.
"Agari filters more than 3,000 email messages a month for us, which dropped credential stealing and impersonation attacks to near-zero. These were the two areas we were getting hit hardest in before Agari."
A Swiss-Army-Knife Type of Approach
As they were searching, the manufacturing company prioritized a multi-layered email security strategy.
“We wanted more control over how emails were being filtered—what was being allowed into our internal email infrastructure and what we weren’t allowing in,” the Head of Email Security said. “After the successful credential phishing attack and the uptick we were experiencing with CEO impersonation attacks, we actively began looking for a solution that would sit atop M365 and stop socially engineered threats—those threats that don’t necessarily have payloads, like URL attachments and links, but that do have hidden agendas.”
The search for the right solution led the manufacturing company to Agari. Because this company focuses on helping its customers keep their locations safe from physical mishaps that can be caused by industrial spills and other types of messes, the team knew that they needed an email security partner that was just as passionate about safety—digital safety.
“Our experience with Agari has been great,” the Head of Email Security said. “The people are responsive, Agari Phishing Defense is easy to learn, and working within the solution is fairly simple. The interface is fantastic, which makes it easy to work with. Agari Phishing Defense has helped make my job tremendously easier. We’ve noticed a dramatic drop in phishing attacks, since implementing Agari Phishing Defense.”
When asked to share her number one email security tip, she issued a caveat about Microsoft 365:
“Don’t rely on M365 alone. Explore building a multi-layered approach to strengthen your security posture and reduce the volume of phishing attacks. Most attacks start with an employee, and then a chain reaction occurs. If a malicious email never gets delivered, there is little threat to the business. Agari stops threats before they can ever get to our employees.”