Guide
Fortra Named Top Player in 2024 Radicati Secure Email Market Quadrant Report
See why Fortra's Advanced Email Security was named a Top Player in Radicati's 2024 Market Quadrant for Secure Email.
Blog
The Science Behind the Scenes: How Machine Learning Combats Phishing Attacks and BEC
Thu, 07/20/2023
Because email remains the most ubiquitous form of business communication, it continues to be a favorite attack vector for cybercriminals. Email has always been vulnerable because it was not originally designed with security or privacy in mind. As a result, email security vendors emerged to protect this critical communication channel. In the early days, many vendors used signature or reputation...
Guide
Machine Learning Models in Cloud Email Protection
Traditional email security products struggle to detect email impersonation threats such as Business Email Compromise (BEC) and spear phishing campaigns. These threats consistently bypass defenses that rely on signatures and policies like Secure Email Gateways and native-cloud email filters. This guide breaks down how Fortra uses advanced data science, including machine learning models, to find and mitigate attacks that slip past traditional email defenses.
Blog
Financials & Card Data Top Q3 Targets on the Dark Web
Mon, 12/05/2022
In Q3, credit unions nearly overtook national banks as the top targeted industry on the Dark Web, according to recent data from Fortra’s PhishLabs.
Blog
Emails Reported as Malicious Reach Four-Quarter High in Q3
Wed, 11/23/2022
The volume of malicious emails reported in corporate inboxes has reached a four-quarter high, according to the latest data from Fortra's PhishLabs.
Blog
What Is Whaling Phishing & How Does It Work?
Mon, 10/03/2022
“Whaling” phishing fraud attacks target the C-suite of a company which creates high risk of extremely sensitive, mission-critical data being stolen and exposed. Fortunately, protecting the organization from these attacks is possible.
Whaling phishing is a type of phishing attack targeting larger, high-value targets, which is why it's called "Whaling." Attackers themselves often pretend to be C...
Blog
Office 365 + DMARC: Best Practices for Protecting Your Company & Customers From Phishing Attacks
By John Wilson on Mon, 08/15/2022
In 2021, Gartner includes DMARC, or known by its full name as Domain-based Message Authentication, Reporting & Conformance, in its list of top 10 security projects. With very few exceptions, the best way for organizations to prevent getting impersonated in email attacks is to integrate DMARC into their Office 365-based email ecosystems.
To understand why, let’s consider the benefits of deploying...
Guide
Behind the 'From' Lines: Email Fraud on a Global Scale
Organized criminals are targeting businesses with identity deception attacks that cause financial losses and broken trust, but Agari is changing the game. Using responsible active defense techniques to analyze criminal email accounts, the Agari Cyber Intelligence Division (ACID) unmasked 10 cybercriminal groups during a 10-month period. ACID has used the results of its work to:
Warn financial...
Guide
Scarlet Widow Part 2: BEC Bitcoin Laundry—Scam, Rinse, Repeat
While many cybercriminal gangs scam medium-sized and large corporations, Agari has now uncovered and documented the practices of a Nigeria-based scammer group, dubbed Scarlet Widow, that has evolved a different strategy focused on more vulnerable sectors such as school districts, universities, and nonprofits.
In this report, we uncover:
How Scarlet...
Guide
From SEG to SEC: The Rise of the Next-Generation Secure Email Cloud Architecture
The secure email gateway no longer works for business email compromise and advanced email threats. Discover why you need the Fortra Advanced Email Security.
Guide
Cosmic Lynx Threat Dossier: The Rise of Russian BEC
Cosmic Lynx is a Russia-based BEC cybercriminal organization that has significantly impacted the email threat landscape with sophisticated, high-dollar phishing attacks.
In this threat dossier, you’ll discover key details about Cosmic Lynx, including:
How Cosmic targets global corporations with incredibly sophisticated BEC attacks
How Cosmic Lynx exploits DMARC controls to impersonate...
Guide
Domains Associated with Exaggerated Lion BEC Campaigns
Below is the list of domains associated with Exaggerated Lion BEC Campaigns. You can access the PDF version of this list by clicking the "Download PDF Version" button at the top of this page.
1secure-portal-server.online
admin-office-exec-ssl-secure-server-portal-exec.management
admin-office-exec-ssl-secured-server-portal-exec.management
admin-server-apps.management
admin-servers-apps.management...
Guide
Fortra Advanced Email Security + Microsoft 365
A majority of companies are shifting to Microsoft 365. See why integrating Fortra Advanced Email Security is needed to protect your email environment.
Blog
What Is Email Phishing? Protect Your Enterprise
Wed, 12/08/2021
Phishing emails can steal sensitive data and cost companies' their reputation. However, protecting a company from these scammers doesn't need to be difficult.
What Is Email Phishing?
Phishing is when an attacker mimics a trusted person or brand in an attempt to steal sensitive information, or gain a foothold inside a company network. While phishing emails are by far the most popular, these...
Blog
TLS Email Encryption: What It Is & How to Check if Your Email Is Using It
Mon, 06/21/2021
What exactly is TLS when it comes to email encryption?
TLS, or cybersecurity protocol Transport Layer Security first developed by the Internet Engineering Task Force (IETF), was designed to establish secure communications that provide both privacy and data security. Originally created from another encryption protocol called Secure Sockets Layer, or SSL...
Blog
Email Security: Agari Delivers a Whole New Level of Actionable Insight to Outpace Threat Actors
Sun, 01/24/2021
CISOs and their teams are about to get some serious performance enhancers in their high-stakes race against email security threats.
According to the FBI, phishing campaigns, business email compromise (BEC) scams, and other advanced email attacks have resulted in $26 billion in business losses over the course of three years. Then 2020 happened.
With 75 million corporate employees even now still...
Blog
BEC Cash-out Methods: Email Fraudsters Experimenting With Alternative Approaches
Tue, 12/01/2020
Business email compromise (BEC) actors are exploring alternative cash-out methods for spiriting away the profits from their crimes.
Traditional bank accounts have long been the go-to choice for email scammers seeking to cash out the funds they've pilfered from organizations they victimize. Just since 2016, BEC groups have defrauded businesses out of more than $26 billion worldwide. But over the...
Blog
Office 365 Phishing Emails: Prevention, Detection, Response
Tue, 11/24/2020
Office 365 phishing emails come in common patterns. I'll list them here and also cover Office 365 anti-phishing features for prevention, detection, and response.
Today, the typical Office 365 phishing emails direct users to fake Office 365 Sign-in pages. The victim submits their credentials, effectively handing over their password. Fraudsters use that login to access the victim’s address book,...
Blog
BEC Attacks: What They Are, How to Spot Them, and What to Do
Tue, 11/10/2020
Here we’ll cover what BEC attacks are, how they work, what they usually look like, and how to handle them.
What is a BEC Attack?
7 Common BEC Attack Patterns
Top Identity Deception Techniques
How Can BEC Attacks be Stopped?
What's the Best Way to Recover From a BEC Attack?
What is a BEC Attack?
First, let me explain what a BEC attack is. In short, Business Email Compromise phishing occurs...
Blog
Agari Fall ' 20 Release Boosts CISO Confidence in Enterprise DMARC Deployment
Tue, 09/29/2020
With cyber gangs leveraging business email compromise (BEC) attacks that actively exploit their targets' level of DMARC adoption, CISOs have been ratcheting up email security.
Until now, the need to dial up defenses against imposters posing as senior executives in email attacks has been increasingly forcing legitimate business correspondence into quarantine. The chain reaction kneecaps commerce,...