Resources

Going Phishing Isn't Seasonal–Get the Latest Results from 2023's Tournament

By Monica Delyani on Thu, 02/22/2024

Preview the latest global phishing benchmarking results and expert security awareness recommendations from Fortra's Terranova Security 2023 Gone Phishing Tournament.

Blog

Financials & Card Data Top Q3 Targets on the Dark Web

Mon, 12/05/2022

In Q3, credit unions nearly overtook national banks as the top targeted industry on the Dark Web, according to recent data from Fortra’s PhishLabs.

Blog

Attacks Targeting Businesses on Social Media Jump 40% YoY

Wed, 11/23/2022

In this post, we discuss the industries most prone to attack on social media, and the top threat types found on those platforms.

Article

How to Mitigate Online Counterfeit Threats

Tue, 09/27/2022

The broad scope of counterfeit campaigns and unclear boundaries of abuse make it challenging to successfully mitigate online threats targeting retail brands. There is a fine line between infringement and fair use of publicly made materials, as well as immeasurable online environments where counterfeit campaigns may live and grow.

Blog

The “i'’s” Have It: How BEC Scammers Validate New Targets with Blank Emails

Fri, 07/29/2022

Have you ever received a blank email from someone you don’t know? If you have, it may have been from a cybercriminal making sure your email account is legitimate prior to a Business Email Compromise (BEC) attack. Agari and PhishLabs define BEC as any response-based spear phishing attack involving the impersonation of a trusted party to trick victims into making an unauthorized financial...

On-Demand Webinar

Revealing the State of Customer Phishing and DMARC Enforcement

By John Wilson

In this presentation, we’ll reveal the latest from our 2022 Email Fraud and Identity Trends report, focusing on Customer Phishing and DMARC Enforcement.

Datasheet

Stop Identity-Based Email Attacks

Understanding The Threats Today’s modern identity-based email attacks exploit the identity of trusted colleagues and brands. However, each varies in the tactics and techniques used. Understanding the differences will be critical in being able to effectively and accurately stop these attacks. Customer Phishing : Cybercriminals use brand impersonation techniques such as domain spoofing and malicious...

Video

Informatica Gains Visibility into Threats by Using Fortra

Listen to Bill Burns, Chief Trust Officer and VP of Business Transformation for Informatica, speak about his experience working with Fortra's Agari. Transcript I'm Bill Burns, Chief Trust Officer and VP of Business Transformation for Informatica. I've been working with Fortra's Agari for about six years at previous companies, introducing them to solve specific problems and I'm bringing Fortra's...

Case Study

Los Angeles-Based Large Credit Union Eradicates Phishing Attacks

Executive Summary Los Angeles Federal Credit Union (LAFCU) was in the crosshairs of email scammers. Its brand was constantly being spoofed, putting its members at risk of being defrauded. The CTO prioritized email security as part of his broader risk management strategy, and selected Agari as his partner. That was more than a decade ago. Today, domain spoofing is at near-zero. "Our initial goal...

Guide

Behind the 'From' Lines: Email Fraud on a Global Scale

Organized criminals are targeting businesses with identity deception attacks that cause financial losses and broken trust, but Agari is changing the game. Using responsible active defense techniques to analyze criminal email accounts, the Agari Cyber Intelligence Division (ACID) unmasked 10 cybercriminal groups during a 10-month period. ACID has used the results of its work to: Warn financial...

Guide

Silent Starling Threat Dossier: BEC to VEC

Vendor email compromise is a new form of advanced email attack that uses compromised email accounts to target the global supply chain. With the cybercriminal group we’ve named Silent Starling, we see how devastating these attacks can be. Download the threat actor dossier to: How Silent Starling uses phishing email lures to target their victims Why compromised email accounts make email attacks easy...

Datasheet

Account Takeover Attack Prevention

Organizations are more likely to be breached today than ever before, as cybercriminals shift tactics once again, using account takeovers (ATOs) to launch targeted email attacks. In fact, a recent Osterman Research survey reported that one in five organizations fell victim to an ATO-based email attack within the past 12 months. Attackers know that trusted email is the most effective way of...

Blog

Inside a Compromised Account: How Cybercriminals Use Credential Phishing to Further BEC Scams

Mon, 06/07/2021

Why would a cybercriminal spend time developing malware when he can simply trick unsuspecting users into handing over their passwords? Why would a threat actor spend her money and resources on ransomware, when she can get that same information through a compromised account? It’s a good question, and exactly what the Agari Cyber Intelligence Division wanted to discover. In a growing trend known as...

Blog

How to Implement the BIMI-Selector Header for Multiple Brands

Thu, 05/20/2021

Wondering what Brand Indicators for Message Identification actually means? Here, we’ll cover the basics of BIMI, what the BIMI-selector header is, what it does, whether you need it, and how to implement it. But first, do you really need the BIMI-selector header? In most cases, you only need the BIMI-selector header if you want to support multiple logos for multiple brands or subdomains. Otherwise...

Blog

Cyber Threat Intelligence: How to Stay Ahead of Threats

Tue, 05/18/2021

Generally defined, cyber threat intelligence is information used to better understand possible digital threats that might target your organization. This data will help identify threats in order to prevent security breaches in the future. Why Cyber Threat Intelligence is Important Having a system in place that can produce threat intelligence is critical to staying ahead of digital threats, as well...

Blog

Frost Radar Names Agari as a Leader in Email Security

Wed, 04/28/2021

Three months ago, when I joined Agari as the Chief Marketing Officer, I knew that I was joining a leader in email security. I knew this partially because I worked for Agari from 2016-2019 during an exciting time of change for the company. But my time away from Agari made me realize how much it has to offer its customers and partners, which is ultimately why I decided to return. And I’m thrilled to...

Blog

Cosmic Lynx Returns in 2021 with Updated Tricks

Thu, 02/11/2021

In July 2020, we published a report on a Russian-based BEC group we called Cosmic Lynx . In that report , we described the tactics used by the group, which included its targeting of senior executives at large companies with a global footprint and how it uses mergers and acquisitions (M&A) themes in its BEC email lures. Shortly after we published the report, we saw a significant decrease in Cosmic...

Blog

What is Email Spoofing & How to Stop Attackers from Spoofing Your Email Address

Tue, 12/15/2020

What is email spoofing, how does it work, and why is it so dangerous to your company? We’ll explain everything you need to proactively stop attackers from spoofing your email address. Email Spoofing: What Is It? Email spoofing is when a fraudster forges an email header’s ‘From’ address to make it appear as if it was sent by someone else, usually a known contact like a high-level executive or...

Blog

The Global Reach of Business Email Compromise (BEC)

Mon, 10/12/2020

Over the last five years, Business Email Compromise (BEC) has evolved into the predominant cyber threat businesses face today. Since 2016, businesses have lost at least $26 billion as a result of BEC scams and, based on the most recent FBI IC3 report , losses from BEC attacks grew another 37 percent in 2019—accounting for 40 percent of all cybercrime losses over the course of the year. The...

Blog

Agari Fall ' 20 Release Boosts CISO Confidence in Enterprise DMARC Deployment

Tue, 09/29/2020

With cyber gangs leveraging business email compromise (BEC) attacks that actively exploit their targets' level of DMARC adoption, CISOs have been ratcheting up email security. Until now, the need to dial up defenses against imposters posing as senior executives in email attacks has been increasingly forcing legitimate business correspondence into quarantine. The chain reaction kneecaps commerce...

Going Phishing Isn't Seasonal–Get the Latest Results from 2023's Tournament

Financials & Card Data Top Q3 Targets on the Dark Web

Attacks Targeting Businesses on Social Media Jump 40% YoY

How to Mitigate Online Counterfeit Threats

The “i'’s” Have It: How BEC Scammers Validate New Targets with Blank Emails

Revealing the State of Customer Phishing and DMARC Enforcement

Stop Identity-Based Email Attacks

Informatica Gains Visibility into Threats by Using Fortra

Los Angeles-Based Large Credit Union Eradicates Phishing Attacks

Behind the 'From' Lines: Email Fraud on a Global Scale

Silent Starling Threat Dossier: BEC to VEC

Account Takeover Attack Prevention

Inside a Compromised Account: How Cybercriminals Use Credential Phishing to Further BEC Scams

How to Implement the BIMI-Selector Header for Multiple Brands

Cyber Threat Intelligence: How to Stay Ahead of Threats

Frost Radar Names Agari as a Leader in Email Security

Cosmic Lynx Returns in 2021 with Updated Tricks

What is Email Spoofing & How to Stop Attackers from Spoofing Your Email Address

The Global Reach of Business Email Compromise (BEC)

Agari Fall ' 20 Release Boosts CISO Confidence in Enterprise DMARC Deployment

Contact Information

Privacy Policy

Cookie Policy

Impressum