Resources

Guide
Guide

Cosmic Lynx Threat Dossier: The Rise of Russian BEC

Cosmic Lynx is a Russia-based BEC cybercriminal organization that has significantly impacted the email threat landscape with sophisticated, high-dollar phishing attacks. In this threat dossier, you’ll discover key details about Cosmic Lynx, including: How Cosmic targets global corporations with incredibly sophisticated BEC attacks How Cosmic Lynx exploits DMARC controls to...
Advanced Persistent Threats (APT)
Business Email Compromise
Spear Phishing
Advanced Threat Protection
Anti-Phishing
Cloud Email Security
Geograph of BEC Guide
Guide
Guide

Threat Intelligence Brief: The Geography of BEC

Business Email Compromise (BEC) is a worldwide scourge affecting more than three-fourths of the world’s economies. Around the globe, BEC cybercriminals operate with impunity to steal $26 billion each year. The Agari Cyber Intelligence Division conducted nearly 10,000 active engagements with BEC threat actors and captured the scope of BEC’s global footprint and trends. In this...
Advanced Persistent Threats (APT)
Business Email Compromise
Datasheet
Datasheet

Fortra's Integration for Palo Alto Networks Cortex XSOAR

Why Integrated Email Threat Data Matters Email is a primary vector for attacks on your business today—and email threats are evolving faster than ever. But actionable data about email attacks is often inaccessible to time-strapped security operations and incident response teams. That disconnect leaves your business vulnerable and unable to mitigate hidden email threats. ...
Advanced Threat Protection
Anti-Phishing
Cloud Email Security
Email Security for G-Suite
Email Security for MS Exchange
Email Security for Office 365
Press Release
Press Release

Agari Identifies First-ever Reported Russian BEC Cybercriminal Ring Targeting Executives in 46 Countries Across Six Continents

FOSTER CITY, Calif. (July 7, 2020) -- Agari, the market share leader in phishing defense solutions for the enterprise, revealed today details of the threat actor group dubbed Cosmic Lynx, the first-ever reported Russian cybercriminal ring to conduct business email compromise (BEC) phishing scams. This is a historic shift to the global email threat landscape and portends new and...
Guide
Guide

Domains Associated with Exaggerated Lion BEC Campaigns

Below is the list of domains associated with Exaggerated Lion BEC Campaigns. You can access the PDF version of this list by clicking the "Download PDF Version" button at the top of this page. 1secure-portal-server.online admin-office-exec-ssl-secure-server-portal-exec.management admin-office-exec-ssl-secured-server-portal-exec.management admin-server-apps.management admin...
Advanced Persistent Threats (APT)
Business Email Compromise
Blog
Blog

Customer Phishing Protection Couldn’t Be Easier with PhishLabs' Digital Risk Protection

Fri, 07/01/2022
It’s not news that cybercrime is a constant battle—large enterprises and small businesses everywhere are susceptible to a myriad of advanced email threats and socially engineered attacks, such as executive or brand impersonation. According to IC3’s Internet Crime Report, over $44 million in losses in 2021 were a direct result of malicious phishing and advanced email scams....
Advanced Persistent Threats (APT)
Business Email Compromise
Press Release
Press Release

Blunting BEC Capers that Continue to Target and Devastate SMBs and Enterprises

In his guest blog on The Last Watchdog, John Wilson looks at why Business Email Compromise (BEC) attacks are on the rise, how they are orchestrated, and what organizations can do to stop this all-too-common attack vector. Excerpt: "BEC is a growing concern, and attackers have taken full advantage of the upheaval the COVID-19 pandemic has caused to ramp up their efforts. These...
Blog
Blog

Top Social Media Threats Targeting the Retail Industry

Fri, 03/04/2022
Social media threats targeting enterprises more than doubled last year. Attacks on the retail industry specifically have grown, as threat actors are targeting victims with impersonation and counterfeit ad campaigns. Purchasing behavior is increasingly influenced by social media, making it an attractive vector for these kinds of campaigns. The tendency of social media users to...
Advanced Persistent Threats (APT)
Social Engineering
Blog
Blog

2022 Data Privacy Week – Education and Inspiration

Mon, 01/24/2022
As the world becomes more and more dependent on online resources to complete daily tasks, such as work meetings, grocery shopping, and even exercising, the risk of cyber attacks, data breaches, and information stealing increases. If you’re not already protecting your personal information online, now is the perfect time to start, as Data Privacy Weeks kicks off today.Led by the...
Advanced Persistent Threats (APT)
Data Breach
Social Engineering
Advanced Threat Protection
Anti-Phishing
Blog
Blog

Common Phishing Email Attacks | Examples & Descriptions

Thu, 12/16/2021
What does a phishing email look like? We've compiled phishing email examples to help show what a spoofed email looks like to prevent against phishing attacks. Brand deception phishing is the most common example of phishing people will come across. Brand deception phishing occurs when an attacker mimics a trusted company in an email and asks someone for their personal...
Advanced Persistent Threats (APT)
Business Email Compromise
Advanced Threat Protection
Anti-Phishing
Cloud Email Security
Blog
Blog

What Is Email Phishing? Protect Your Enterprise

Wed, 12/08/2021
Phishing emails can steal sensitive data and cost companies' their reputation. However, protecting a company from these scammers doesn't need to be difficult.  What Is Email Phishing?  Phishing is when an attacker mimics a trusted person or brand in an attempt to steal sensitive information, or gain a foothold inside a company network. While phishing emails are by far the...
Advanced Persistent Threats (APT)
Business Email Compromise
Data Breach
Spear Phishing
Cloud Email Security
Press Release
Press Release

Phishing Sustain Near- Record Levels Through the First Half of 2021

Agari by Fortra features in APWG's Q2 Phishing Activity Trends Report. Here are some highlights: APWG saw 222,127 attacks in June 2021, the third worst month in APWG’s reporting history. Financial institutions and social media sectors were the most frequently victimized. Increases in vishing and smishing continue to be observed. Vishing is phishing advertised via voice...
Press Release
Press Release

How International Scam Artists Pulled Off an Epic Theft of Covid Benefits

Covid-19 provided ample opportunities for threat actors to exploit weaknesses in online systems. In this article by NBC News, spokespeople from Agari explain how one threat actor group, Scattered Canary, used email to fraudulently claim Covid relief unemployment benefits potentially worth millions of US dollars. Read the full article here. Agari’s Cyber Intelligence Division...
Blog
Blog

TLS Email Encryption: What It Is & How to Check if Your Email Is Using It

Mon, 06/21/2021
What exactly is TLS when it comes to email encryption? Image TLS, or cybersecurity protocol Transport Layer Security first developed by the Internet Engineering Task Force (IETF), was designed to establish secure communications that provide both privacy and data security. Originally created from another encryption protocol called...
Advanced Persistent Threats (APT)
Business Email Compromise
Advanced Threat Protection
Anti-Phishing
Cloud Email Security
DMARC Email Authentication
Blog
Blog

Inside a Compromised Account: How Cybercriminals Use Credential Phishing to Further BEC Scams

Mon, 06/07/2021
Why would a cybercriminal spend time developing malware when he can simply trick unsuspecting users into handing over their passwords? Why would a threat actor spend her money and resources on ransomware, when she can get that same information through a compromised account? It’s a good question, and exactly what the Agari Cyber Intelligence Division wanted to discover. In a...
ACID Research
Advanced Persistent Threats (APT)
Business Email Compromise
Blog
Blog

Cyber Threat Intelligence: How to Stay Ahead of Threats

Tue, 05/18/2021
Generally defined, cyber threat intelligence is information used to better understand possible digital threats that might target your organization. This data will help identify threats in order to prevent security breaches in the future.Why Cyber Threat Intelligence is ImportantHaving a system in place that can produce threat intelligence is critical to staying ahead of digital...
ACID Research
Advanced Threat Protection
Anti-Phishing
Blog
Blog

Frost Radar Names Agari as a Leader in Email Security

Wed, 04/28/2021
Three months ago, when I joined Agari as the Chief Marketing Officer, I knew that I was joining a leader in email security. I knew this partially because I worked for Agari from 2016-2019 during an exciting time of change for the company. But my time away from Agari made me realize how much it has to offer its customers and partners, which is ultimately why I decided to return....
ACID Research