Traditional email security products struggle to detect email impersonation threats such as Business Email Compromise (BEC) and spear phishing campaigns. These threats consistently bypass defenses that rely on signatures and policies like Secure Email Gateways and native-cloud email filters. This guide breaks down how Fortra uses advanced data science, including machine learning models, to find and mitigate attacks that slip past traditional email defenses.
In this IT Security Wire article, cybersecurity experts Eric George and Tom Gorup, Vice President of Security Operations at Fortra’s Alert Logic, share their 2023 cybersecurity predictions.
Originally published in IT Security Wire
"PaaS (phishing-as-a-service) platforms simplify the creation and execution of credential theft phishing attacks which target the customers or employees of...
This white paper takes an expansive look at the hidden threats lurking around email inboxes, and how layered email security with a clear understanding of goals can keep your organization better protected.
In Cyber Protection Magazine’s Crucial Tech podcast, John Wilson, Senior Fellow, Threat Research, delves into the latest research from Agari and PhishLabs by Fortra.
Table of Contents
Who is Scarlet Widow?
Femmes Fictionale and Counterfeit Romeos
The Long Con: Making Moves for Money
Starry Eyes for Starling Michael
Up Close and Personal: The Case of "Robert Blackwell"
...
Credential phishing leads to compromised accounts, and compromised accounts lead to more credential phishing.
In order to uncover the mechanics, the Agari Cyber Intelligence Division seeded more than 8,000 phishing sites with fake credentials and then monitored what happened next. In this report, you’ll discover more about how cybercriminals access and use compromised accounts, including
How...
Exaggerated Lion is a BEC cybercrime ring that operates out of Africa with members in Nigeria, Ghana, and Kenya.
This is one of the most prolific BEC groups ever discovered, targeting more than 3,000 employees at nearly 2,100 companies throughout the United States.
Download this report for details including:
How they name, register and host domains disguised to mimic trusted infrastructure.
...
Organized criminals are targeting businesses with identity deception attacks that cause financial losses and broken trust, but Agari is changing the game. Using responsible active defense techniques to analyze criminal email accounts, the Agari Cyber Intelligence Division (ACID) unmasked 10 cybercriminal groups during a 10-month period. ACID has used the results of its work to:
Warn financial...
Agari commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study and examine the potential return on investment (ROI) enterprises may realize by deploying Agari Phishing Defense.
Quantified benefits expressed in risk-adjusted present value generated return on investment of 97% over three years, including:
$270k value from improved IT security and reduced level of effort...
Vendor email compromise is a new form of advanced email attack that uses compromised email accounts to target the global supply chain. With the cybercriminal group we’ve named Silent Starling, we see how devastating these attacks can be.
Download the threat actor dossier to:
How Silent Starling uses phishing email lures to target their victims
Why compromised email accounts make email...
Business email compromise (BEC) has continued to grow into a billion-dollar industry as cybercriminals turn to it as their preferred scam. But with the West African gang we’ve named Scattered Canary, we have deeper insight into how BEC is connected to the rest of cybercrime, and why it has grown in recent years.
Download the threat dossier to learn:
How Scattered Canary grew from a one-man...
While many cybercriminal gangs scam medium-sized and large corporations, Agari has now uncovered and documented the practices of a Nigeria-based scammer group, dubbed Scarlet Widow, that has evolved a different strategy focused on more vulnerable sectors such as school districts, universities, and nonprofits.
In this report, we uncover:
How Scarlet...
Cosmic Lynx is a Russia-based BEC cybercriminal organization that has significantly impacted the email threat landscape with sophisticated, high-dollar phishing attacks.
In this threat dossier, you’ll discover key details about Cosmic Lynx, including:
How Cosmic targets global corporations with incredibly sophisticated BEC attacks
How Cosmic Lynx exploits DMARC controls to impersonate...
Business Email Compromise (BEC) is a worldwide scourge affecting more than three-fourths of the world’s economies. Around the globe, BEC cybercriminals operate with impunity to steal $26 billion each year.
The Agari Cyber Intelligence Division conducted nearly 10,000 active engagements with BEC threat actors and captured the scope of BEC’s global footprint and trends. In this report, you’ll...
FOSTER CITY, Calif. (July 7, 2020) -- Agari, the market share leader in phishing defense solutions for the enterprise, revealed today details of the threat actor group dubbed Cosmic Lynx, the first-ever reported Russian cybercriminal ring to conduct business email compromise (BEC) phishing scams. This is a historic shift to the global email threat landscape and portends new and sophisticated...
Below is the list of domains associated with Exaggerated Lion BEC Campaigns. You can access the PDF version of this list by clicking the "Download PDF Version" button at the top of this page.
1secure-portal-server.online
admin-office-exec-ssl-secure-server-portal-exec.management
admin-office-exec-ssl-secured-server-portal-exec.management
admin-server-apps.management
admin-servers-apps.management...
In his guest blog on The Last Watchdog, John Wilson looks at why Business Email Compromise (BEC) attacks are on the rise, how they are orchestrated, and what organizations can do to stop this all-too-common attack vector.
Excerpt:
"BEC is a growing concern, and attackers have taken full advantage of the upheaval the COVID-19 pandemic has caused to ramp up their efforts. These campaigns are hard...
Commenting on the Digital Guardian acquisition, Kate Bolseth, CEO,, said: “Our global customers look to us to provide them with powerful solutions and services to support all of their cybersecurity needs, and the data protection expertise the Digital Guardian team brings to Fortra is second to none.
Read the full article >
...
Agari by Fortra features in APWG's Q2 Phishing Activity Trends Report.
Here are some highlights:
APWG saw 222,127 attacks in June 2021, the third worst month in APWG’s reporting history.
Financial institutions and social media sectors were the most frequently victimized.
Increases in vishing and smishing continue to be observed. Vishing is phishing advertised via voice messages, and smishing...