Resources

Article

BEC: Why This Basic Threat Is Difficult to Detect

Fri, 12/01/2023

Revenue lost to payment fraud saw an increase in every major global region from 2021 to 2022, and odds are your organization is still seeing email impersonation threats in inboxes. But why? This article provides insights on Business Email Compromise to help you understand just why these threats are so effective for cybercriminals.

Blog

The Science Behind the Scenes: How Machine Learning Combats Phishing Attacks and BEC

Thu, 07/20/2023

Because email remains the most ubiquitous form of business communication, it continues to be a favorite attack vector for cybercriminals. Email has always been vulnerable because it was not originally designed with security or privacy in mind. As a result, email security vendors emerged to protect this critical communication channel. In the early days, many vendors used...

Guide

Machine Learning Models in Cloud Email Protection

Traditional email security products struggle to detect email impersonation threats such as Business Email Compromise (BEC) and spear phishing campaigns. These threats consistently bypass defenses that rely on signatures and policies like Secure Email Gateways and native-cloud email filters. This guide breaks down how Fortra uses advanced data science, including machine learning models, to find and mitigate attacks that slip past traditional email defenses.

Advanced Persistent Threats (APT)

Business Email Compromise

Social Engineering

Advanced Threat Protection

Anti-Phishing

Cloud Email Security

Blog

What Is an Enterprise’s Secondary Line of Defense Against Phishing Emails?

Tue, 01/17/2023

Following a multi-layered approach to phishing defense is a good idea, but using what you have close to home is best when it comes to a sensible security posture. In practice, a robust security awareness training program is key to instruct employees on what to look for when trying to spot phishing emails that may have landed in their inboxes.

Blog

What Is an Enterprise’s Primary Line of Defense Against Phishing Emails?

By Monica Delyani on Tue, 01/17/2023

Through a layered approach utilizing a comprehensive solution as the primary defense, Fortra fills major gaps in email platform security by protecting users from external threats and safeguarding your sensitive data from being leaked both inside and outside your organization.

Blog

Financials & Card Data Top Q3 Targets on the Dark Web

Mon, 12/05/2022

In Q3, credit unions nearly overtook national banks as the top targeted industry on the Dark Web, according to recent data from Fortra’s PhishLabs.

Blog

Attacks Targeting Businesses on Social Media Jump 40% YoY

Wed, 11/23/2022

In this post, we discuss the industries most prone to attack on social media, and the top threat types found on those platforms.

Blog

Emails Reported as Malicious Reach Four-Quarter High in Q3

Wed, 11/23/2022

The volume of malicious emails reported in corporate inboxes has reached a four-quarter high, according to the latest data from Fortra's PhishLabs.

Blog

What Is Whaling Phishing & How Does It Work?

Mon, 10/03/2022

“Whaling” phishing fraud attacks target the C-suite of a company which creates high risk of extremely sensitive, mission-critical data being stolen and exposed. Fortunately, protecting the organization from these attacks is possible. Whaling phishing is a type of phishing attack targeting larger, high-value targets, which is why it's called "Whaling." Attackers themselves...

Press Release

Forbes: 8 Ways To Keep Your Social Security Number Safe From Identity Theft

It’s difficult to control your Social Security number in the wild. In his September contribution to Forbes Advisor, John Wilson discusses the most common scams involving Social Security numbers and provides 8 steps individuals can take to prevent identity fraud. Originally published in Forbes Advisor: “For too many of us, our SSNs are already in the hands of miscreants,...

Press Release

Crucial Tech Podcast with John Wilson: Hybridized Vishing Attacks

In Cyber Protection Magazine’s Crucial Tech podcast, John Wilson, Senior Fellow, Threat Research, delves into the latest research from Agari and PhishLabs by Fortra.

Press Release

The Last Watchdog: The Drivers Behind Persistent Ransomware and Defensive Tactics to Deploy

In his guest essay for The Last Watchdog, Eric George, Director of Solutions Engineering at PhishLabs by, explains what ransomware is, who the high-stake threat actors are, and how organizations can defend themselves against ransomware attacks. Originally published in The Last Watchdog “Ransomware usually starts with a phishing email. An unsuspecting employee will open a...

Article

Hybrid Vishing. It's Such A Thing.

Mon, 09/12/2022

In this podcast, John Wilson, senior fellow for threat research at, discusses how vishing, a tactic used to gain PII information from people through phone messages is - like its success - on the rise. Gain insight into this devious scam and the best defense against it. ...

Blog

Six Steps to Email Security Best Practice

Thu, 01/13/2022

To help IT teams define a robust email security policy and determine what’s required from an email security solution, we’ve put together a new six-step guide.

Blog

What Is Email Phishing? Protect Your Enterprise

Wed, 12/08/2021

Phishing emails can steal sensitive data and cost companies' their reputation. However, protecting a company from these scammers doesn't need to be difficult. What Is Email Phishing? Phishing is when an attacker mimics a trusted person or brand in an attempt to steal sensitive information, or gain a foothold inside a company network. While phishing emails are by far the...

Blog

TLS Email Encryption: What It Is & How to Check if Your Email Is Using It

Mon, 06/21/2021

What exactly is TLS when it comes to email encryption? Image TLS, or cybersecurity protocol Transport Layer Security first developed by the Internet Engineering Task Force (IETF), was designed to establish secure communications that provide both privacy and data security. Originally created from another encryption protocol called...

Blog

Email Security: Agari Delivers a Whole New Level of Actionable Insight to Outpace Threat Actors

Sun, 01/24/2021

CISOs and their teams are about to get some serious performance enhancers in their high-stakes race against email security threats. According to the FBI, phishing campaigns, business email compromise (BEC) scams, and other advanced email attacks have resulted in $26 billion in business losses over the course of three years. Then 2020 happened. With 75 million corporate...

Blog

What is Email Spoofing & How to Stop Attackers from Spoofing Your Email Address

Tue, 12/15/2020

What is email spoofing, how does it work, and why is it so dangerous to your company? We’ll explain everything you need to proactively stop attackers from spoofing your email address. Email Spoofing: What Is It? Email spoofing is when a fraudster forges an email header’s ‘From’ address to make it appear as if it was sent by someone else, usually a known contact like a high...

Blog

BEC Cash-out Methods: Email Fraudsters Experimenting With Alternative Approaches

Tue, 12/01/2020

Business email compromise (BEC) actors are exploring alternative cash-out methods for spiriting away the profits from their crimes. Traditional bank accounts have long been the go-to choice for email scammers seeking to cash out the funds they've pilfered from organizations they victimize. Just since 2016, BEC groups have defrauded businesses out of more than $26 billion...

Blog

BEC Attacks: What They Are, How to Spot Them, and What to Do

Tue, 11/10/2020

Here we’ll cover what BEC attacks are, how they work, what they usually look like, and how to handle them. What is a BEC Attack? 7 Common BEC Attack Patterns Top Identity Deception Techniques How Can BEC Attacks be Stopped? What's the Best Way to Recover From a BEC Attack? What is a BEC Attack? First, let me explain what a BEC attack is. In short, Business Email...

BEC: Why This Basic Threat Is Difficult to Detect

The Science Behind the Scenes: How Machine Learning Combats Phishing Attacks and BEC

Machine Learning Models in Cloud Email Protection

What Is an Enterprise’s Secondary Line of Defense Against Phishing Emails?

What Is an Enterprise’s Primary Line of Defense Against Phishing Emails?

Financials & Card Data Top Q3 Targets on the Dark Web

Attacks Targeting Businesses on Social Media Jump 40% YoY

Emails Reported as Malicious Reach Four-Quarter High in Q3

What Is Whaling Phishing & How Does It Work?

Forbes: 8 Ways To Keep Your Social Security Number Safe From Identity Theft

Crucial Tech Podcast with John Wilson: Hybridized Vishing Attacks

The Last Watchdog: The Drivers Behind Persistent Ransomware and Defensive Tactics to Deploy

Hybrid Vishing. It's Such A Thing.

Six Steps to Email Security Best Practice

What Is Email Phishing? Protect Your Enterprise

TLS Email Encryption: What It Is & How to Check if Your Email Is Using It

Email Security: Agari Delivers a Whole New Level of Actionable Insight to Outpace Threat Actors

What is Email Spoofing & How to Stop Attackers from Spoofing Your Email Address

BEC Cash-out Methods: Email Fraudsters Experimenting With Alternative Approaches

BEC Attacks: What They Are, How to Spot Them, and What to Do

Contact Information

Privacy Policy

Cookie Policy

Impressum