Resources

Press Release
Press Release

Fortra Acquires Agari to Grow Data Security Portfolio

MINNEAPOLIS (May 13, 2021)—Fortra announced today the acquisition of Agari, a recognized leader in enterprise solutions protecting against advanced email threats. Agari has seen notable growth with its Software as a Service (SaaS) offering, which sets the standard for protecting organizations against phishing, business email compromise, and email threats. In light of today’s...
Blog
Blog

5.8B Malicious Emails Spoofed Domains; 76% of Fortune 500 Still at Risk: DMARC Results from Agari

Wed, 05/05/2021
Global adoption of Domain-based Messaging, Reporting & Conformance (DMARC) topped 10.7 million email domains worldwide in 2020—reflecting a 32% increase in just six months, according to our H1 2021 Email Fraud & Identity Trends Report. The total number of domains with DMARC set to its highest level of protection against email spoofing climbed to 3.8 million during the same...
Cloud Email Security
DMARC Email Authentication
Blog
Blog

What is DMARC? Effects on Email Spoofing & Deliverability

Tue, 04/20/2021
Wondering how DMARC affects email? Here’s a comprehensive guide explaining what DMARC is, how it affects email, and why your company needs it for security. What is DMARC? What does DMARC mean? DMARC, short for Domain-based Message Authentication, Reporting and Conformance, is an email authentication protocol to help email administrators prevent fraudsters from spoofing email...
Cloud Email Security
DMARC Email Authentication
Press Release
Press Release

Trust 2021 Empowers Cybersecurity Organizations with New Insights and Actions to Stop Phishing

FOSTER CITY, Calif. and LONDON (April 15, 2021) – Interest in the Trust 2021 conference soared in the wake of the newly released FBI IC3 fraud report that stated business email compromise (BEC) and other email-based threats accelerated. An analysis of the reports showed that financially motivated fraud added up to $3.5 billion in losses, equaling 70% of all cybercrime losses in...
Blog
Blog

Protecting Digital Communications During the Digital Transformation: A Look Back at Trust 2021

Wed, 04/14/2021
While we’re all Zoomed, Webexed and Teamed out after thirteen months of the pandemic, cybercriminals are taking advantage of the situation. They know we’re heavily relying on digital communications and they’re sending fake emails, pretending to be your boss. They’re sending fake invoices, pretending to be your vendor. They’re even sending fake requests for gift cards, on the...
Advanced Persistent Threats (APT)
Business Email Compromise
Cloud Email Security
Blog
Blog

Agari Report: New BEC Scam 7X More Costly Than Average, Bigger Phish Start Angling In

Tue, 03/02/2021
Sophisticated new threat actors, evolving phishing tactics, and a $800,000 business email compromise (BEC) scam in the second half of 2020 all signal big trouble ahead, according to new analysis from the Agari Cyber Intelligence Division (ACID). As captured in our H1 2021 Email Fraud & Identity Deception Trends Report, successful attacks on Magellan Health, GoDaddy, and the...
Advanced Persistent Threats (APT)
Business Email Compromise
Advanced Threat Protection
Anti-Phishing
Cloud Email Security
Blog
Blog

Cosmic Lynx Returns in 2021 with Updated Tricks

Thu, 02/11/2021
In July 2020, we published a report on a Russian-based BEC group we called Cosmic Lynx. In that report, we described the tactics used by the group, which included its targeting of senior executives at large companies with a global footprint and how it uses mergers and acquisitions (M&A) themes in its BEC email lures.Shortly after we published the report, we saw a significant...
ACID Research
Advanced Persistent Threats (APT)
Business Email Compromise
Cloud Email Security
Blog
Blog

DMARC 101 (Part I) – S/MIME, SPF, and DKIM

Wed, 02/03/2021
Why do you need DMARC to protect your email domains from being leveraged in phishing attacks? To get the full picture, let's look at the basics—and how DMARC came to be.What is DMARC?Domain-based Message Authentication, Reporting & Conformance, or DMARC, is an open email authentication protocol that helps senders protect their email domains from being spoofed by fraudsters in...
Cloud Email Security
DMARC Email Authentication
Press Release
Press Release

Are Organizations Neglecting Business Email Compromise?

While ransomware is rightly positioned as the most immediate cybersecurity threat, businesses shouldn't underestimate the threat business email compromise (BEC) attacks present to organizations. In this article, Ciaran Rafferty, Managing Director,, discusses the release of the NCSC’s annual review for 2021 and looks at the implications for email security. Originally published...
Press Release
Press Release

It's the Most Wonderful Time of the Year for Cybercriminals

‘Tis the season to be extra vigilant for email scams. In this article, Mike Jones from Agari by Fortra looks at ways businesses can protect their employees' inboxes. Originally published in Financial IT.net Excerpt: "In email spoofing attacks, the sender display and domain names can look like they come from legitimate brands. To prevent this, businesses can implement DMARC...
Blog
Blog

BIMI: What It Is & Why It Matters to Email Security

Fri, 01/29/2021
Curious how BIMI can protect your email? I’ll explain what BIMI is, how it works, and how you can use it to protect your brand’s email communications. What is BIMI? Brand Indicators for Message Identification, or BIMI, provides a standardized method for businesses to showcase their brand logo next to the subject line of their authenticated emails so they stand out in crowded...
Cloud Email Security
DMARC Email Authentication
BIMI Brand Impressions
Blog
Blog

Email Security: Agari Delivers a Whole New Level of Actionable Insight to Outpace Threat Actors

Sun, 01/24/2021
CISOs and their teams are about to get some serious performance enhancers in their high-stakes race against email security threats. According to the FBI, phishing campaigns, business email compromise (BEC) scams, and other advanced email attacks have resulted in $26 billion in business losses over the course of three years. Then 2020 happened. With 75 million corporate...
Advanced Persistent Threats (APT)
Business Email Compromise
Advanced Threat Protection
Cloud Email Security
DMARC Email Authentication
Press Release
Press Release

Agari Outperforms Fourth Quarter and Full Year 2020 Expectations; Uncovers Cybercriminals Behind COVID-19 Unemployment Fraud; Earns Industry Recognitions for Innovation

FOSTER CITY, CA and LONDON (Jan. 6, 2021) -- Agari, the market share leader in phishing defense solutions for the enterprise, today announced performance results for its fiscal fourth quarter and full year ended December 31, 2020. Highlights include: 33% global customer growth First to identify one of the cybercriminal rings behind U.S. CARES Act Fraud First to uncover...
Blog
Blog

DMARC: 3 Best Practices for Capturing Next-Level Business Value

Fri, 12/18/2020
Implementing DMARC at its highest enforcement level is critically important to security and messaging operations. But it's also just the first step to realizing the full value of your DMARC program. To understand why, let's start with the basics. DMARC, which stands for Domain-based Message Authentication, Reporting, and Conformance, can stop fraudsters from spoofing your...
Cloud Email Security
DMARC Email Authentication
Blog
Blog

BEC Response Guide— Tips for Responding to Business Email Compromise Incidents

Mon, 12/14/2020
This post originally appeared on Medium and is published here courtesy of Ronnie Tokazowski. For more by Ronnie, follow him on Twitter @iHeartMalware.If you’re reading this and are in the middle of an incident, go to the first bullet now. The rest can wait. Malware incidents suck, but if you want to know what it’s like responding to a BEC incident, triple the carnage, shake the...
Advanced Persistent Threats (APT)
Business Email Compromise
Blog
Blog

BEC Cash-out Methods: Email Fraudsters Experimenting With Alternative Approaches

Tue, 12/01/2020
Business email compromise (BEC) actors are exploring alternative cash-out methods for spiriting away the profits from their crimes. Traditional bank accounts have long been the go-to choice for email scammers seeking to cash out the funds they've pilfered from organizations they victimize. Just since 2016, BEC groups have defrauded businesses out of more than $26 billion...
Advanced Persistent Threats (APT)
Business Email Compromise
Cloud Email Security
Blog
Blog

Office 365 Phishing Emails: Prevention, Detection, Response

Tue, 11/24/2020
Office 365 phishing emails come in common patterns. I'll list them here and also cover Office 365 anti-phishing features for prevention, detection, and response. Today, the typical Office 365 phishing emails direct users to fake Office 365 Sign-in pages. The victim submits their credentials, effectively handing over their password. Fraudsters use that login to access the...
Cloud Email Security
Email Security for Office 365
Blog
Blog

DKIM for Email: What It Is, How It Works, and How to Add It

Thu, 11/19/2020
We'll cover what DKIM for email is, why your company needs it, how it works, how to set DKIM up, and additional ways to prevent email spoofing attacks. What is DKIM? First, let’s clarify what DKIM is in email. DomainKeys Identified Mail is a technique that uses your domain name to sign your emails with a digital “signature” so your customers know it’s really you sending those...
Cloud Email Security
DMARC Email Authentication
DKIM
Blog
Blog

DMARC: 5 Keys to Success

Wed, 11/18/2020
In this post, we will look at 5 keys to DMARC success both organizationally and in enterprise-wide implementation. Domain-based Message Authentication, Reporting, and Conformance (DMARC) is a standard email authentication protocol that plays an essential role in any organization’s cyber security arsenal. That’s because DMARC is key to protecting your business, customers, and...
Cloud Email Security
DMARC Email Authentication