Traditional email security products struggle to detect email impersonation threats such as Business Email Compromise (BEC) and spear phishing campaigns. These threats consistently bypass defenses that rely on signatures and policies like Secure Email Gateways and native-cloud email filters. This guide breaks down how Fortra uses advanced data science, including machine learning models, to find and mitigate attacks that slip past traditional email defenses.
In his guest essay for The Last Watchdog, Eric George, Director of Solutions Engineering at PhishLabs by, explains what ransomware is, who the high-stake threat actors are, and how organizations can defend themselves against ransomware attacks.
Originally published in The Last Watchdog
“Ransomware usually starts with a phishing email. An unsuspecting employee will open a legitimate-looking...
Transcript
Social engineering is the use of idiosyncrasies of the way our brains work to trick us into doing something we would otherwise not do.
Let me give you an example. Suppose that you live in an apartment complex that has a secure gate and everyone at that complex has been told, "Don't let strangers in. Don't hold the door for anyone." I could use a...
Transcript
Ransomware really is continuing to be that go-to attack for attackers, and it's really one of the most effective ways that they have to extort businesses and compromise user data. How does ransomware work? Well, typically, it's delivered via infected email attachments or via compromised websites or contact management systems.
Here at Agari, we...
Ransomware threats can change daily, making consumers and businesses more vulnerable than ever. Names like Angler malvertising, Locky ransomware and Angler Exploit Kit frequently crop up in the news, despite law enforcement’s best efforts to contain them.
Simply put, malware is popular because it’s successful. Cyber criminals make an estimated 1,425% ROI for exploit kit and ransomware schemes,...
Table of Contents
Who is Scarlet Widow?
Femmes Fictionale and Counterfeit Romeos
The Long Con: Making Moves for Money
Starry Eyes for Starling Michael
Up Close and Personal: The Case of "Robert Blackwell"
...
While many cybercriminal gangs scam medium-sized and large corporations, Agari has now uncovered and documented the practices of a Nigeria-based scammer group, dubbed Scarlet Widow, that has evolved a different strategy focused on more vulnerable sectors such as school districts, universities, and nonprofits.
In this report, we uncover:
How Scarlet...
Ransomware has evolved from targeting individuals to extorting large sums of money from businesses with the threat of releasing or destroying their private company data. This type of email-based attack can cause tremendous financial losses as well as reputation damage that’s difficult and expensive to repair.
Read our ransomware white paper now for insights from Agari Chief Scientist Markus...
Strengthen Your Security Posture
With a continually evolving threat landscape, organizations are under increased pressure to manage security vulnerabilities. They often need to deploy multiple threat intelligence feeds to assist in this process by identifying common indicators of compromise (IOC) and indicators of attack (IOA) and then recommending the necessary steps to prevent attack or...
Why Integrated Email Threat Data Matters
Email is a primary vector for attacks on your business today—and email threats are evolving faster than ever. But actionable data about email attacks is often inaccessible to time-strapped security operations and incident response teams. That disconnect leaves your business vulnerable and unable to mitigate hidden email threats.
Improve Visibility with...
Social media threats targeting enterprises more than doubled last year. Attacks on the retail industry specifically have grown, as threat actors are targeting victims with impersonation and counterfeit ad campaigns.
Purchasing behavior is increasingly influenced by social media, making it an attractive vector for these kinds of campaigns. The tendency of social media users to consume information...
As the world becomes more and more dependent on online resources to complete daily tasks, such as work meetings, grocery shopping, and even exercising, the risk of cyber attacks, data breaches, and information stealing increases. If you’re not already protecting your personal information online, now is the perfect time to start, as Data Privacy Weeks kicks off today.Led by the National Cyber...
Over the course of my technical career, I’ve always thought of Oauth2 to, frankly, be a bit of a pain. Oauth2 offers a mind boggling amount of possibilities and is the basis of many authorization workflows.However, I have found the documentation and supporting examples of how to integrate Oauth2 somewhat lacking. I hope that someone out in the ether will find this blog post and save a few days of...
Amid a troubling rise in zero-day phishing attacks, recent research suggests that some companies may be making an ill-advised shift away from blocking advanced email threats to responding to them post-delivery. If true, the capitulation couldn't come at a worse time. Since January, cybercriminals taking advantage of the COVID-19 outbreak have been targeting businesses and individuals with an...
A growing body of evidence suggests employees throughout the healthcare sector may be uniquely vulnerable to phishing attacks. If finding itself a growing target for cybercriminals weren’t bad enough, the industry is also seeing associated lawsuits piling up.
Montana-based Kalispell Regional Healthcare was recently hit with a suit after it disclosed that multiple employees had fallen victim to...
Transcript
The Agari Identity Graph is the AI-powering Agari Suite of advanced email security solutions, protecting your inbox from costly and damaging phishing schemes, account takeovers, and business email compromise attacks. The Graph leverages machine learning and makes over 300 million model updates each day, analyzing tens of billions of emails flowing...
Targeted email attacks continue to escalate as organizations deal with increasing numbers of phishing, spear phishing and ransomware attempts. But another attack vector—account takeovers—is affecting 44% of organizations and is posing a significant risk.
Watch this webinar to learn how:
These attacks lead to large-scale data breaches and financial losses;
How organizations can identify account...