Resources

What is Business Email Compromise?

Tue, 07/26/2022

Transcript I recently read a press release from the Federal Bureau of Investigation that reported more than $12 billion in financial fraud losses from a vector they call business email compromise. Here at Agari, we think of business email compromise as any attack which claims to be someone you know and trust, and is attempting some kind of theft. The most classic example is a criminal figures out...

Video

What is Account Takeover?

Tue, 07/26/2022

Transcript Account takeover is a type of attack technique where a cybercriminal will initially compromise an email account, and then use that legitimate email account to launch subsequent attacks such as business email compromise, and spear phishing. Agari stops email account takeover by scrutinizing the sender of the email sent to the recipient. They'll leverage insights from over two trillion...

On-Demand Webinar

PANEL: It's the (Decision) Economy, Stupid: Big Data Science and Security

Tue, 07/26/2022

Hear panel participants discuss how leading organizations are using data science to stay one step ahead of the bad guys.

On-Demand Webinar

Key Insights from the Email Fraud and Identity Deception Trends Report

By Mike Paiko

Discover the latest data about Business Email Compromise (BEC) and email fraud revealed in the benchmark Email Fraud and Identity Trends Report.

On-Demand Webinar

Revealing the State of Customer Phishing and DMARC Enforcement

By John Wilson

In this presentation, we’ll reveal the latest from our 2022 Email Fraud and Identity Trends report, focusing on Customer Phishing and DMARC Enforcement.

On-Demand Webinar

Cosmic Lynx Threat Disorder: The Rise of Russian BEC

By Crane Hassold

In this webinar, Agari Sr. Director of Threat Research, Crane Hassold discusses Cosmic Lynx, the first-ever reported Russian BEC criminal organization, and how the group has significantly impacted the email threat landscape with sophisticated, high-dollar phishing attacks.

Video

Shining a Light on BEC Risk and Fraud: How Active Engagement Closes the BEC Intelligence Gap

By Crane Hassold

Business Email Compromise (BEC) costs organizations like yours $9 billion every year. These hard-to-detect phishing schemes drive more than 40% of all cybercrime losses. But threat intelligence and fraud prevention teams have had little visibility into the scope of their risk, the BEC attack cycle, or threat actors’ objectives and methods. That’s about to change. Agari Active Defense leverages an...

Video

How and Why COVID-19 is Being Used for BEC and Phishing Attacks

Mon, 07/25/2022

Phishing and Business Email Compromise (BEC) attacks always take advantage of natural disasters and personal misfortune to target even the most vulnerable among us. This time is no different as we are all experiencing the COVID-19 outbreak, but the tactics can be spotted and defeated. In this webinar Crane Hassold, Agari's former Senior Director of Threat Research, provides an inside look into the...

Video

Informatica Gains Visibility into Threats by Using Fortra

Listen to Bill Burns, Chief Trust Officer and VP of Business Transformation for Informatica, speak about his experience working with Fortra's Agari. Transcript I'm Bill Burns, Chief Trust Officer and VP of Business Transformation for Informatica. I've been working with Fortra's Agari for about six years at previous companies, introducing them to solve specific problems and I'm bringing Fortra's...

Guide

Anatomy of a Compromised Account

Credential phishing leads to compromised accounts, and compromised accounts lead to more credential phishing. In order to uncover the mechanics, the Agari Cyber Intelligence Division seeded more than 8,000 phishing sites with fake credentials and then monitored what happened next. In this report, you’ll discover more about how cybercriminals access and use compromised accounts, including How 50%...

Guide

Exaggerated Lion Threat Dossier: BEC Check Fraud Ring

Exaggerated Lion is a BEC cybercrime ring that operates out of Africa with members in Nigeria, Ghana, and Kenya. This is one of the most prolific BEC groups ever discovered, targeting more than 3,000 employees at nearly 2,100 companies throughout the United States. Download this report for details including: How they name, register and host domains disguised to mimic trusted infrastructure. Their...

Guide

Behind the 'From' Lines: Email Fraud on a Global Scale

Organized criminals are targeting businesses with identity deception attacks that cause financial losses and broken trust, but Agari is changing the game. Using responsible active defense techniques to analyze criminal email accounts, the Agari Cyber Intelligence Division (ACID) unmasked 10 cybercriminal groups during a 10-month period. ACID has used the results of its work to: Warn financial...

Guide

Silent Starling Threat Dossier: BEC to VEC

Vendor email compromise is a new form of advanced email attack that uses compromised email accounts to target the global supply chain. With the cybercriminal group we’ve named Silent Starling, we see how devastating these attacks can be. Download the threat actor dossier to: How Silent Starling uses phishing email lures to target their victims Why compromised email accounts make email attacks easy...

Guide

Scattered Canary Threat Dossier

Business email compromise (BEC) has continued to grow into a billion-dollar industry as cybercriminals turn to it as their preferred scam. But with the West African gang we’ve named Scattered Canary, we have deeper insight into how BEC is connected to the rest of cybercrime, and why it has grown in recent years. Download the threat dossier to learn: How Scattered Canary grew from a one-man startup...

Guide

Scarlet Widow Part 2: BEC Bitcoin Laundry—Scam, Rinse, Repeat

While many cybercriminal gangs scam medium-sized and large corporations, Agari has now uncovered and documented the practices of a Nigeria-based scammer group, dubbed Scarlet Widow, that has evolved a different strategy focused on more vulnerable sectors such as school districts, universities, and nonprofits. In this report, we uncover: How Scarlet Widow transitioned from romance scams to tax...

Guide

Cosmic Lynx Threat Dossier: The Rise of Russian BEC

Cosmic Lynx is a Russia-based BEC cybercriminal organization that has significantly impacted the email threat landscape with sophisticated, high-dollar phishing attacks. In this threat dossier, you’ll discover key details about Cosmic Lynx, including: How Cosmic targets global corporations with incredibly sophisticated BEC attacks How Cosmic Lynx exploits DMARC controls to impersonate corporate...

Advanced Persistent Threats (APT)

Business Email Compromise

Spear Phishing

Advanced Threat Protection

Anti-Phishing

Cloud Email Security

Guide

Threat Intelligence Brief: The Geography of BEC

Business Email Compromise (BEC) is a worldwide scourge affecting more than three-fourths of the world’s economies. Around the globe, BEC cybercriminals operate with impunity to steal $26 billion each year. The Agari Cyber Intelligence Division conducted nearly 10,000 active engagements with BEC threat actors and captured the scope of BEC’s global footprint and trends. In this report, you’ll...

Press Release

Agari Identifies First-ever Reported Russian BEC Cybercriminal Ring Targeting Executives in 46 Countries Across Six Continents

FOSTER CITY, Calif. (July 7, 2020) -- Agari , the market share leader in phishing defense solutions for the enterprise, revealed today details of the threat actor group dubbed Cosmic Lynx, the first-ever reported Russian cybercriminal ring to conduct business email compromise (BEC) phishing scams. This is a historic shift to the global email threat landscape and portends new and sophisticated...

Guide

Domains Associated with Exaggerated Lion BEC Campaigns

Below is the list of domains associated with Exaggerated Lion BEC Campaigns. You can access the PDF version of this list by clicking the "Download PDF Version" button at the top of this page. 1secure-portal-server.online admin-office-exec-ssl-secure-server-portal-exec.management admin-office-exec-ssl-secured-server-portal-exec.management admin-server-apps.management admin-servers-apps.management...

Blog

Customer Phishing Protection Couldn’t Be Easier with PhishLabs' Digital Risk Protection

Fri, 07/01/2022

It’s not news that cybercrime is a constant battle—large enterprises and small businesses everywhere are susceptible to a myriad of advanced email threats and socially engineered attacks , such as executive or brand impersonation. According to IC3’s Internet Crime Report, over $44 million in losses in 2021 were a direct result of malicious phishing and advanced email scams. Despite billions having...

What is Business Email Compromise?

What is Account Takeover?

PANEL: It's the (Decision) Economy, Stupid: Big Data Science and Security

Key Insights from the Email Fraud and Identity Deception Trends Report

Revealing the State of Customer Phishing and DMARC Enforcement

Cosmic Lynx Threat Disorder: The Rise of Russian BEC

Shining a Light on BEC Risk and Fraud: How Active Engagement Closes the BEC Intelligence Gap

How and Why COVID-19 is Being Used for BEC and Phishing Attacks

Informatica Gains Visibility into Threats by Using Fortra

Anatomy of a Compromised Account

Exaggerated Lion Threat Dossier: BEC Check Fraud Ring

Behind the 'From' Lines: Email Fraud on a Global Scale

Silent Starling Threat Dossier: BEC to VEC

Scattered Canary Threat Dossier

Scarlet Widow Part 2: BEC Bitcoin Laundry—Scam, Rinse, Repeat

Cosmic Lynx Threat Dossier: The Rise of Russian BEC

Threat Intelligence Brief: The Geography of BEC

Agari Identifies First-ever Reported Russian BEC Cybercriminal Ring Targeting Executives in 46 Countries Across Six Continents

Domains Associated with Exaggerated Lion BEC Campaigns

Customer Phishing Protection Couldn’t Be Easier with PhishLabs' Digital Risk Protection

Contact Information

Privacy Policy

Cookie Policy

Impressum