Resources

Blog
Blog

BEC Cash-out Methods: Email Fraudsters Experimenting With Alternative Approaches

Tue, 12/01/2020
Business email compromise ( BEC ) actors are exploring alternative cash-out methods for spiriting away the profits from their crimes. Traditional bank accounts have long been the go-to choice for email scammers seeking to cash out the funds they've pilfered from organizations they victimize. Just since 2016, BEC groups have defrauded businesses out of more than $26 billion worldwide. But over the...
Advanced Persistent Threats (APT)
Business Email Compromise
Cloud Email Security
Blog
Blog

Office 365 Phishing Emails: Prevention, Detection, Response

Tue, 11/24/2020
Office 365 phishing emails come in common patterns. I'll list them here and also cover Office 365 anti-phishing features for prevention, detection, and response. Today, the typical Office 365 phishing emails direct users to fake Office 365 Sign-in pages. The victim submits their credentials, effectively handing over their password. Fraudsters use that login to access the victim’s address book...
Cloud Email Security
Email Security for Office 365
Press Release
Press Release

Agari honored with Best Overall Enterprise Email Security Solution of the Year Award

FOSTER CITY, CA (Nov. 18, 2020) -- Agari, the market share leader in phishing defense solutions for the enterprise, announced today that its email authentication product, Agari Brand Protection™, won Overall Enterprise Email Security Solution of the Year at the 2020 Cybersecurity Breakthrough Awards . Now in its fourth year the Cybersecurity Breakthrough Awards are considered one of industry’s...
Blog
Blog

DKIM for Email: What It Is, How It Works, and How to Add It

Thu, 11/19/2020
We'll cover what DKIM for email is, why your company needs it, how it works, how to set DKIM up, and additional ways to prevent email spoofing attacks. What is DKIM? First, let’s clarify what DKIM is in email. DomainKeys Identified Mail is a technique that uses your domain name to sign your emails with a digital “signature” so your customers know it’s really you sending those emails and that they...
Cloud Email Security
DMARC Email Authentication
DKIM
Blog
Blog

DMARC: 5 Keys to Success

Wed, 11/18/2020
In this post, we will look at 5 keys to DMARC success both organizationally and in enterprise-wide implementation. Domain-based Message Authentication, Reporting, and Conformance (DMARC) is a standard email authentication protocol that plays an essential role in any organization’s cyber security arsenal. That’s because DMARC is key to protecting your business, customers, and partners from email...
Cloud Email Security
DMARC Email Authentication
Video
Video

5 Keys to DMARC Success

By Brent Sleeper
DMARC email authentication is essential to protecting your business, customers, and partners from email attacks that spoof your domain and hijack your brand. But for large enterprises, effective DMARC deployment is a complex, high-stakes effort. Let Agari show you the way to full DMARC protection quickly and safely. In this webinar, you’ll discover 5 best practices from the pros: Key program...
Cloud Email Security
DMARC Email Authentication
Blog
Blog

BEC Attacks: What They Are, How to Spot Them, and What to Do

Tue, 11/10/2020
Here we’ll cover what BEC attacks are, how they work, what they usually look like, and how to handle them. What is a BEC Attack? 7 Common BEC Attack Patterns Top Identity Deception Techniques How Can BEC Attacks be Stopped? What's the Best Way to Recover From a BEC Attack? What is a BEC Attack? First, let me explain what a BEC attack is. In short, Business Email Compromise phishing occurs when...
Advanced Persistent Threats (APT)
Business Email Compromise
Blog
Blog

The Global Reach of Business Email Compromise (BEC)

Mon, 10/12/2020
Over the last five years, Business Email Compromise (BEC) has evolved into the predominant cyber threat businesses face today. Since 2016, businesses have lost at least $26 billion as a result of BEC scams and, based on the most recent FBI IC3 report , losses from BEC attacks grew another 37 percent in 2019—accounting for 40 percent of all cybercrime losses over the course of the year. The...
ACID Research
Advanced Persistent Threats (APT)
Business Email Compromise
Cloud Email Security
man-coding
Blog
Blog

DMARC Setup Guide: How to Add DMARC Step by Step

Fri, 10/09/2020
We'll explain how to configure DMARC for your company's email, including what you'll need and how to add DMARC to your DNS. Just follow these DMARC setup steps! Before we begin, here’s a high-level overview of how to add DMARC to your DNS. Add your DMARC record into your DNS Select the TXT record type Add the host value (see details below) Add the value information (see details below) Save the...
Cloud Email Security
DMARC Email Authentication
Blog
Blog

Agari Fall ' 20 Release Boosts CISO Confidence in Enterprise DMARC Deployment

Tue, 09/29/2020
With cyber gangs leveraging business email compromise (BEC) attacks that actively exploit their targets' level of DMARC adoption, CISOs have been ratcheting up email security. Until now, the need to dial up defenses against imposters posing as senior executives in email attacks has been increasingly forcing legitimate business correspondence into quarantine. The chain reaction kneecaps commerce...
ACID Research
Advanced Persistent Threats (APT)
Business Email Compromise
Cloud Email Security
DMARC Email Authentication
Blog
Blog

Phishing: How to Protect Against Email Attacks Sent from Compromised SendGrid Accounts

Mon, 09/28/2020
Blocking SendGrid email traffic isn't a realistic option for most businesses hit by a barrage of phishing attacks emanating from compromised accounts at the Twilio-owned email service provider in recent months. Instead, Agari leverages a strategic data modeling approach to neutralize the threat while enabling legitimate SendGrid-distributed emails to safely reach employee inboxes. More on that in...
Advanced Threat Protection
Anti-Phishing
Cloud Email Security
Blog
Blog

Brand Indicators for Message Identification (BIMI) Adoption Soaring to New Heights

Wed, 09/23/2020
For a growing number of email marketers, it may be "BIMI or bust." As of June 30, nearly 5,300 companies have adopted Brand Indicators for Message Identification ( BIMI ), a new email standard for showcasing a brand's logo next to its email messages in recipient inboxes, with built-in protections against phishing-based brand spoofing. The tally reflects a 3.8X increase in the number of brands...
ACID Research
Cloud Email Security
DMARC Email Authentication
BIMI Brand Impressions
Blog
Blog

Why Full DMARC Protection is a Pressing Business Imperative in 2020 and Beyond

Tue, 09/15/2020
If you haven't deployed Domain-based Messaging Authentication, Reporting, and Conformance (DMARC) to protect your brand from being impersonated in phishing scams, there are pressing reasons to jump on it now. Without a doubt, these are extraordinary times for individuals and organizations alike as we've been forced to change the way we work, shop, play, and live seemingly overnight, and for far...
ACID Research
Advanced Persistent Threats (APT)
Business Email Compromise
Cloud Email Security
DMARC Email Authentication
Press Release
Press Release

Agari has been honored as the winner of the Best Security Company of the Year at the Annual Cyber Security Awards 2020

LONDON (Sept. 14, 2020) - Agari, the market share leader in phishing defense solutions for the enterprise, have earned the Best Security Company of the Year – over 150 staff award at the Cyber Security Awards for their pioneering contributions to and continued trailblazing within the email security sector. The Cyber Security Awards were established in 2014 to reward the best individuals, teams and...
Blog
Blog

Implement DMARC for Trust Before Google AMP for Email

Thu, 09/03/2020
With marketers more dependent on digital channels, many may accelerate their tests of Google's AMP for Email technology in search of an edge. But without an email protocol called Domain-based Messaging Authentication, Reporting and Conformance ( DMARC ), fraudsters could weaponize the trust customers expect from your brand for their own evil intentions and put consumers and businesses at risk. The...
Cloud Email Security
DMARC Email Authentication
Blog
Blog

DMARC: How Phishing Rings Can Use Your Email Authentication Controls Against You

Thu, 07/23/2020
In the first reported case of its kind, a phishing ring in Eastern Europe is exploiting companies' own Domain-based Message Authentication, Reporting and Conformance ( DMARC ) controls to impersonate CEOs in business email compromise (BEC) scams worth millions. As detailed in our new threat actor dossier on a group we call Cosmic Lynx , the Agari Cyber Intelligence Division (ACID) has identified...
ACID Research
Advanced Persistent Threats (APT)
Business Email Compromise
Cloud Email Security
DMARC Email Authentication
Blog
Blog

Business Email Compromise: New Shift in BEC Threat Landscape Puts CISOs on Notice

Fri, 07/17/2020
A seismic shift in the email threat landscape has CISOs bracing for sophisticated new forms of business email compromise (BEC) scams, as phishing's center of gravity begins to tilt from West African email scammers toward Russian and Eastern European cybercrime lords. As detailed in our new threat actor dossier on a threat group we call Cosmic Lynx , the Agari Cyber Intelligence Division (ACID) has...
Advanced Persistent Threats (APT)
Business Email Compromise
Cloud Email Security
DMARC Email Authentication
Blog
Blog

Cosmic Lynx: A Russian Threat Hits the BEC Scene

Mon, 07/06/2020
“At some point, Russian and Eastern European cybercriminals are going to start thinking to themselves, ‘Why am I spending all of this time and money setting up infrastructure and hiring malware developers when I can just send someone an email, ask them to send me money, and they’ll do it.’” For more than a year, this is a line we have used over and over again, expecting that some of the world’s...
Advanced Persistent Threats (APT)
Business Email Compromise
Cloud Email Security
Blog
Blog

Agari Summer '20 Release: CISOs Gain Unique Threat Intel to Their Organizations

Tue, 06/30/2020
With business email compromise (BEC) scams up sharply amid the coronavirus pandemic, CISOs have been forced to scour an expanding but largely inscrutable email threat landscape in hopes of fending off costly attacks—until now, that is. In an industry first, the new Agari Summer '20 Release offers CISOs access to real-world intelligence on specific phishing threats unique to their organizations...
Advanced Persistent Threats (APT)
Business Email Compromise
Blog
Blog

Phishing: With Zero-Day Email Attacks Rising, Are Some Companies Giving Up the Fight?

Mon, 06/15/2020
Amid a troubling rise in zero-day phishing attacks, recent research suggests that some companies may be making an ill-advised shift away from blocking advanced email threats to responding to them post-delivery. If true, the capitulation couldn't come at a worse time. Since January, cybercriminals taking advantage of the COVID-19 outbreak have been targeting businesses and individuals with an...
Advanced Threat Protection
Anti-Phishing
Phishing Simulation & Training
Remote Workforce Protection
Cloud Email Security
Email Security for G-Suite
Email Security for Office 365