Resources

email security
Article
Article

BEC: Why This Basic Threat Is Difficult to Detect

Fri, 12/01/2023
Revenue lost to payment fraud saw an increase in every major global region from 2021 to 2022, and odds are your organization is still seeing email impersonation threats in inboxes. But why? This article provides insights on Business Email Compromise to help you understand just why these threats are so effective for cybercriminals.
Advanced Persistent Threats (APT)
Business Email Compromise
Cloud Email Security
AI-Email-Solutions
Blog
Blog

The Science Behind the Scenes: How Machine Learning Combats Phishing Attacks and BEC

Thu, 07/20/2023
Because email remains the most ubiquitous form of business communication, it continues to be a favorite attack vector for cybercriminals. Email has always been vulnerable because it was not originally designed with security or privacy in mind. As a result, email security vendors emerged to protect this critical communication channel. In the early days, many vendors used signature or reputation...
Advanced Persistent Threats (APT)
Business Email Compromise
Cloud Email Security
Agari Machine learning
Guide
Guide

Machine Learning Models in Cloud Email Protection

Traditional email security products struggle to detect email impersonation threats such as Business Email Compromise (BEC) and spear phishing campaigns. These threats consistently bypass defenses that rely on signatures and policies like Secure Email Gateways and native-cloud email filters. This guide breaks down how Fortra uses advanced data science, including machine learning models, to find and mitigate attacks that slip past traditional email defenses.
Advanced Persistent Threats (APT)
Business Email Compromise
Social Engineering
Advanced Threat Protection
Anti-Phishing
Cloud Email Security
On-Demand Webinar
On-Demand Webinar

QR Codes That Aren't Cool Webinar

Threat adversaries have pivoted their credential phishing and BEC tactics in order to bypass security stacks. In this video, Fortra’s Advanced Email Security expert, Dr. Steve Jeffery, discusses how the QR code has become the carrier of choice for delivering payloads via email and what your organization needs to put in place to stop them. You’ll learn: How human and machine mitigations help ward...
Advanced Persistent Threats (APT)
Business Email Compromise
Spear Phishing
Advanced Threat Protection
Anti-Phishing
Cloud Email Security
On-Demand Webinar
On-Demand Webinar

DMARC Revisited: Email Authentication in 2024

Implementing DMARC is one of the simplest ways to prevent email spoofing and ensure consistent email deliverability. Agari DMARC Protection will lead you through a safe and efficient DMARC implementation with features that allow you to: Catalogue and authenticate all legitimate senders–both 3rd-party and internal Navigate past common authentication pitfalls Comply with today’s major email provider...
Advanced Persistent Threats (APT)
Business Email Compromise
Spear Phishing
Advanced Threat Protection
Anti-Phishing
Cloud Email Security
Blog
Blog

Financials & Card Data Top Q3 Targets on the Dark Web

Mon, 12/05/2022
In Q3, credit unions nearly overtook national banks as the top targeted industry on the Dark Web, according to recent data from Fortra’s PhishLabs.
Advanced Persistent Threats (APT)
Business Email Compromise
Consumer Phishing
Blog
Blog

Emails Reported as Malicious Reach Four-Quarter High in Q3

Wed, 11/23/2022
The volume of malicious emails reported in corporate inboxes has reached a four-quarter high, according to the latest data from Fortra's PhishLabs.
Advanced Persistent Threats (APT)
Business Email Compromise
Data Breach
Ransomware
Social Engineering
Cloud Email Security
Blog
Blog

What Is Whaling Phishing & How Does It Work?

Mon, 10/03/2022
“Whaling” phishing fraud attacks target the C-suite of a company which creates high risk of extremely sensitive, mission-critical data being stolen and exposed. Fortunately, protecting the organization from these attacks is possible. Whaling phishing is a type of phishing attack targeting larger, high-value targets, which is why it's called "Whaling." Attackers themselves often pretend to be C...
Advanced Persistent Threats (APT)
Business Email Compromise
Spear Phishing
Cloud Email Security
Video
Video

Protecting Remote Employees from Phishing and BEC Attacks

Thu, 07/28/2022
Email is even more crucial as a collaboration tool while we are all working from home and taking other precautions to stay safe and healthy. Hackers, cybercriminals, and other bad actors are exploiting the COVID-19 pandemic for their own personal gain, and it’s your job to ensure your workforce is protected from harm. How do you enable the productivity of your now remote workforce, while...
Advanced Persistent Threats (APT)
Business Email Compromise
Advanced Threat Protection
Anti-Phishing
Video
Video

Forrester Webinar: Risk of Third-Party Impersonation & BEC Scams

Thu, 07/28/2022
Ever since the first spam email message, we have been at war with cyber criminals, who seek to subvert our email communications. We are experiencing an online arms race: As anti-spam solutions improve, criminals find ways around these defenses. Business Email Compromise (BEC) is an area where the criminals have the upper hand against traditional Secure Email Gateways (SEGs). According to Agari’s...
Advanced Persistent Threats (APT)
Business Email Compromise
Cloud Email Security
DMARC Email Authentication
Video
Video

What is Business Email Compromise?

Tue, 07/26/2022
Transcript I recently read a press release from the Federal Bureau of Investigation that reported more than $12 billion in financial fraud losses from a vector they call business email compromise. Here at Agari, we think of business email compromise as any attack which claims to be someone you know and trust, and is attempting some kind of theft. The most classic example is a criminal figures out...
Advanced Persistent Threats (APT)
Business Email Compromise
On-Demand Webinar
On-Demand Webinar

Cosmic Lynx Threat Disorder: The Rise of Russian BEC

By Crane Hassold
In this webinar, Agari Sr. Director of Threat Research, Crane Hassold discusses Cosmic Lynx, the first-ever reported Russian BEC criminal organization, and how the group has significantly impacted the email threat landscape with sophisticated, high-dollar phishing attacks.
Advanced Persistent Threats (APT)
Business Email Compromise
Cloud Email Security
DMARC Email Authentication
Video
Video

How and Why COVID-19 is Being Used for BEC and Phishing Attacks

Mon, 07/25/2022
Phishing and Business Email Compromise (BEC) attacks always take advantage of natural disasters and personal misfortune to target even the most vulnerable among us. This time is no different as we are all experiencing the COVID-19 outbreak, but the tactics can be spotted and defeated. In this webinar Crane Hassold, Agari's former Senior Director of Threat Research, provides an inside look into the...
Advanced Persistent Threats (APT)
Business Email Compromise
Advanced Threat Protection
Anti-Phishing
Video
Video

Informatica Gains Visibility into Threats by Using Fortra

Listen to Bill Burns, Chief Trust Officer and VP of Business Transformation for Informatica, speak about his experience working with Fortra's Agari. Transcript I'm Bill Burns, Chief Trust Officer and VP of Business Transformation for Informatica. I've been working with Fortra's Agari for about six years at previous companies, introducing them to solve specific problems and I'm bringing Fortra's...
Advanced Persistent Threats (APT)
Account Takeover
Business Email Compromise
Guide
Guide

Behind the 'From' Lines: Email Fraud on a Global Scale

Organized criminals are targeting businesses with identity deception attacks that cause financial losses and broken trust, but Agari is changing the game. Using responsible active defense techniques to analyze criminal email accounts, the Agari Cyber Intelligence Division (ACID) unmasked 10 cybercriminal groups during a 10-month period. ACID has used the results of its work to: Warn financial...
Advanced Persistent Threats (APT)
Account Takeover
Business Email Compromise
Spear Phishing
Guide
Guide

Scarlet Widow Part 2: BEC Bitcoin Laundry—Scam, Rinse, Repeat

While many cybercriminal gangs scam medium-sized and large corporations, Agari has now uncovered and documented the practices of a Nigeria-based scammer group, dubbed Scarlet Widow, that has evolved a different strategy focused on more vulnerable sectors such as school districts, universities, and nonprofits. In this report, we uncover: How Scarlet Widow transitioned from romance scams to tax...
Advanced Persistent Threats (APT)
Business Email Compromise
Social Engineering
Guide
Guide

Cosmic Lynx Threat Dossier: The Rise of Russian BEC

Cosmic Lynx is a Russia-based BEC cybercriminal organization that has significantly impacted the email threat landscape with sophisticated, high-dollar phishing attacks. In this threat dossier, you’ll discover key details about Cosmic Lynx, including: How Cosmic targets global corporations with incredibly sophisticated BEC attacks How Cosmic Lynx exploits DMARC controls to impersonate corporate...
Advanced Persistent Threats (APT)
Business Email Compromise
Spear Phishing
Advanced Threat Protection
Anti-Phishing
Cloud Email Security
Guide
Guide

Domains Associated with Exaggerated Lion BEC Campaigns

Below is the list of domains associated with Exaggerated Lion BEC Campaigns. You can access the PDF version of this list by clicking the "Download PDF Version" button at the top of this page. 1secure-portal-server.online admin-office-exec-ssl-secure-server-portal-exec.management admin-office-exec-ssl-secured-server-portal-exec.management admin-server-apps.management admin-servers-apps.management...
Advanced Persistent Threats (APT)
Business Email Compromise
Blog
Blog

What Is Email Phishing? Protect Your Enterprise

Wed, 12/08/2021
Phishing emails can steal sensitive data and cost companies' their reputation. However, protecting a company from these scammers doesn't need to be difficult. What Is Email Phishing? Phishing is when an attacker mimics a trusted person or brand in an attempt to steal sensitive information, or gain a foothold inside a company network. While phishing emails are by far the most popular, these attacks...
Advanced Persistent Threats (APT)
Business Email Compromise
Data Breach
Spear Phishing
Cloud Email Security