Agari Dispels Myth of Where Phishing Criminals are Located

New investigative report reveals email fraudsters operate out of 50 countries worldwide with 25% of scammers in the U.S.

Posted on October 13, 2020 | Advanced Persistent Threats (APT)

FOSTER CITY, Calif. and LONDON (Oct. 13, 2020) -- Agari, the market share leader in phishing defense for the enterprise, unveiled today the results of a year-long investigation into geographic locations of business email compromise (BEC) cybercriminals. Today’s announcement pinpoints for the first time where email scammers are located globally and maps their tangled web of money mules.

Agari Cyber Intelligence Division (ACID) has identified money mules in every state, including the District of Columbia. The money mule network is a critical link in fraudsters' ability to launder and move money offshore, quickly.

By the Numbers: stats CISO organizations and law enforcement need to be aware of now:

  • 2,900: Global money mule bank accounts uncovered, with more than 900 identified money mules located in the U.S.
  • US$64 million: Total illicit funds requested by BEC cybercriminals
    • US$247,000 average amount of payments requested to Hong Kong money mule accounts; 6x times higher than in the U.S.
  • 50: Countries where BEC cybercriminals are located
  • 50% of email fraudsters located in Nigeria; 25% located in U.S.
    • 48% of U.S.-based email scammers located in five states: California, Georgia, Florida, Texas, and New York.
  • 5 Cities with the biggest volume of clusters of email scammers include: Atlanta,GA, New York, NY, Los Angeles, CA, Houston, TX, and Miami, FL.

“A CISO I spoke to just last week explained her number-one goal is customer trust - to earn it, maintain it and respect it,” said Agari Chief Identity Officer Armen Najarian. “The information unveiled today as a result of our ACID team’s investigations enables CISOs to learn something new about the threat landscape they are working in and how to adapt their security controls to stay out ahead of fraudsters. And ultimately those actions taken by the CISO organization earn and sustain consumer trust.”

Get more details about The Geography of BEC in this blog. Register for the upcoming webinar.

October is National Cybersecurity Awareness Month. Agari is supporting this effort by making several new resources available, including the report released today. Access all resources here.

About Agari
Agari is the market share leader in phishing defense solutions for the enterprise. Through applied science, the Agari Identity Graph™ delivers valuable business context to every email risk decision. Agari ensures outbound email from the enterprise cannot be spoofed, increasing deliverability and preserving brand integrity. It also protects the workforce from devastating inbound BEC, VEC, spearphishing, and account takeover-based attacks, reducing business risk and restoring trust to the inbox. Learn more at

Media Contact
Jean Creech Avent
Sr. Director, Global Corporate Communications
+1 843-986-8229
[email protected]

Recent News
April 4, 2024

Fortra announced today their recognition as a “Top Player” in The Radicati Group’s Secure Email Market Quadrant, 2024. The Radicati Group’s analysis found that Fortra provides both breadth and depth of functionality while shaping the market with innovative technology and a compelling strategic vision.

January 12, 2023

In this IT Security Wire article, cybersecurity experts 

September 29, 2022

It’s difficult to control your Social Security number in the wild.

September 14, 2022

In Cyber Protection Magazine’s Crucial Tech podcast, John Wilson, Senior Fellow, Threat Research, delves into the latest research from Agari and PhishLabs by Fortra.

September 12, 2022

In his guest essay for The Last Watchdog, Eric George, Director of Solutions Engineering at PhishLabs by, expl