Resources

Blog
Blog

Office 365 + DMARC: Best Practices for Protecting Your Company & Customers From Phishing Attacks

By John Wilson on Mon, 08/15/2022
In 2021, Gartner includes DMARC, or known by its full name as Domain-based Message Authentication, Reporting & Conformance, in its list of top 10 security projects. With very few exceptions, the best way for organizations to prevent getting impersonated in email attacks is to integrate DMARC into their Office 365-based email ecosystems. To understand why, let’s consider the...
Cloud Email Security
DMARC Email Authentication
Email Security for Office 365
Blog
Blog

The “i'’s” Have It: How BEC Scammers Validate New Targets with Blank Emails

Fri, 07/29/2022
Have you ever received a blank email from someone you don’t know? If you have, it may have been from a cybercriminal making sure your email account is legitimate prior to a Business Email Compromise (BEC) attack. Agari and PhishLabs define BEC as any response-based spear phishing attack involving the impersonation of a trusted party to trick victims into making an unauthorized...
ACID Research
Advanced Persistent Threats (APT)
Consumer Phishing
Spear Phishing
Video
Video

Protecting Remote Employees from Phishing and BEC Attacks

Thu, 07/28/2022
Email is even more crucial as a collaboration tool while we are all working from home and taking other precautions to stay safe and healthy.  Hackers, cybercriminals, and other bad actors are exploiting the COVID-19 pandemic for their own personal gain, and it’s your job to ensure your workforce is protected from harm. How do you enable the productivity of your now remote...
Advanced Persistent Threats (APT)
Business Email Compromise
Advanced Threat Protection
Anti-Phishing
Video
Video

Forrester Webinar: Risk of Third-Party Impersonation & BEC Scams

Thu, 07/28/2022
Ever since the first spam email message, we have been at war with cyber criminals, who seek to subvert our email communications. We are experiencing an online arms race: As anti-spam solutions improve, criminals find ways around these defenses. Business Email Compromise (BEC) is an area where the criminals have the upper hand against traditional Secure Email Gateways (SEGs). ...
Advanced Persistent Threats (APT)
Business Email Compromise
Cloud Email Security
DMARC Email Authentication
Video
Video

What is a Data Breach?

Tue, 07/26/2022
    Transcript    A data breach occurs anytime somebody has unauthorized access to data. In a corporate sense, this can be anytime that an employee internally is able to access data that they do not have permission for, or more specifically, when somebody outside of the organization is able to gain access inside the organization by using...
Advanced Persistent Threats (APT)
Data Breach
Video
Video

What is Business Email Compromise?

Tue, 07/26/2022
    Transcript    I recently read a press release from the Federal Bureau of Investigation that reported more than $12 billion in financial fraud losses from a vector they call business email compromise. Here at Agari, we think of business email compromise as any attack which claims to be someone you know and trust, and is attempting some kind of...
Advanced Persistent Threats (APT)
Business Email Compromise
Video
Video

What is Account Takeover?

Tue, 07/26/2022
  Transcript   Account takeover is a type of attack technique where a cybercriminal will initially compromise an email account, and then use that legitimate email account to launch subsequent attacks such as business email compromise, and spear phishing. Agari stops email account takeover by scrutinizing the sender of the email sent to the...
Advanced Persistent Threats (APT)
Business Email Compromise
Spear Phishing
On-Demand Webinar
On-Demand Webinar

Cosmic Lynx Threat Disorder: The Rise of Russian BEC

By Crane Hassold
In this webinar, Agari Sr. Director of Threat Research, Crane Hassold discusses Cosmic Lynx, the first-ever reported Russian BEC criminal organization, and how the group has significantly impacted the email threat landscape with sophisticated, high-dollar phishing attacks.
Advanced Persistent Threats (APT)
Business Email Compromise
Cloud Email Security
DMARC Email Authentication
Video
Video

Shining a Light on BEC Risk and Fraud: How Active Engagement Closes the BEC Intelligence Gap

By Crane Hassold
Business Email Compromise (BEC) costs organizations like yours $9 billion every year. These hard-to-detect phishing schemes drive more than 40% of all cybercrime losses. But threat intelligence and fraud prevention teams have had little visibility into the scope of their risk, the BEC attack cycle, or threat actors’ objectives and methods. That’s about to change. Agari Active...
Advanced Persistent Threats (APT)
Business Email Compromise
Video
Video

How and Why COVID-19 is Being Used for BEC and Phishing Attacks

Mon, 07/25/2022
Phishing and Business Email Compromise (BEC) attacks always take advantage of natural disasters and personal misfortune to target even the most vulnerable among us. This time is no different as we are all experiencing the COVID-19 outbreak, but the tactics can be spotted and defeated. In this webinar Crane Hassold, Agari's former Senior Director of Threat Research, provides...
Advanced Persistent Threats (APT)
Business Email Compromise
Advanced Threat Protection
Anti-Phishing
Datasheet
Datasheet

Stop Identity-Based Email Attacks

Understanding The Threats Today’s modern identity-based email attacks exploit the identity of trusted colleagues and brands. However, each varies in the tactics and techniques used. Understanding the differences will be critical in being able to effectively and accurately stop these attacks. Customer Phishing: Cybercriminals use brand impersonation techniques such as domain...
Advanced Persistent Threats (APT)
Consumer Phishing
Cloud Email Security
Video
Video

Informatica Gains Visibility into Threats by Using Fortra

Listen to Bill Burns, Chief Trust Officer and VP of Business Transformation for Informatica, speak about his experience working with Fortra's Agari.       Transcript  I'm Bill Burns, Chief Trust Officer and VP of Business Transformation for Informatica. I've been working with Fortra's Agari for about six years at previous companies, introducing...
Advanced Persistent Threats (APT)
Account Takeover
Business Email Compromise
Case Study
Case Study

Los Angeles-Based Large Credit Union Eradicates Phishing Attacks

Executive Summary Los Angeles Federal Credit Union (LAFCU) was in the crosshairs of email scammers. Its brand was constantly being spoofed, putting its members at risk of being defrauded. The CTO prioritized email security as part of his broader risk management strategy, and selected Agari as his partner. That was more than a decade ago. Today, domain spoofing is at near-zero....
Advanced Persistent Threats (APT)
Consumer Phishing
Advanced Threat Protection
Anti-Phishing
Guide
Guide

Anatomy of a Compromised Account

Credential phishing leads to compromised accounts, and compromised accounts lead to more credential phishing. In order to uncover the mechanics, the Agari Cyber Intelligence Division seeded more than 8,000 phishing sites with fake credentials and then monitored what happened next. In this report, you’ll discover more about how cybercriminals access and use compromised accounts...
Advanced Persistent Threats (APT)
Business Email Compromise
Spear Phishing
Vendor Email Compromise
Guide
Guide

Exaggerated Lion Threat Dossier: BEC Check Fraud Ring

Exaggerated Lion is a BEC cybercrime ring that operates out of Africa with members in Nigeria, Ghana, and Kenya. This is one of the most prolific BEC groups ever discovered, targeting more than 3,000 employees at nearly 2,100 companies throughout the United States. Download this report for details including: How they name, register and host domains disguised to mimic...
Advanced Persistent Threats (APT)
Business Email Compromise