Case Study
Fortune 200 Mining Company Implements DMARC Standards
See how this Fortune 200 mining company utilized Agari email solutions to protect and implement DMARC standards for their organization.
Guide
Scarlet Widow Part 1: Breaking Hearts for Profit
Table of Contents
Who is Scarlet Widow?
Femmes Fictionale and Counterfeit Romeos
The Long Con: Making Moves for Money
Starry Eyes for Starling Michael
Up Close and Personal: The Case of "Robert Blackwell"
...
Datasheet
Stop Identity-Based Email Attacks
Understanding The Threats
Today’s modern identity-based email attacks exploit the identity of trusted colleagues and brands. However, each varies in the tactics and techniques used. Understanding the differences will be critical in being able to effectively and accurately stop these attacks.
Customer Phishing: Cybercriminals use brand impersonation techniques such as domain spoofing and...
Datasheet
Agari Automation and Hosting Features
The Email Authentication Challenge
Email is the #1 way attackers target an organization’s customers and email ecosystem. DMARC authentication, specifically with an enforcement policy of Reject, is the single most effective way to close this vulnerability inherent to email. While the premise of authentication is straightforward, organizations can encounter roadblocks and challenges along the way...
Case Study
Los Angeles-Based Large Credit Union Eradicates Phishing Attacks
Executive Summary
Los Angeles Federal Credit Union (LAFCU) was in the crosshairs of email scammers. Its brand was constantly being spoofed, putting its members at risk of being defrauded. The CTO prioritized email security as part of his broader risk management strategy, and selected Agari as his partner. That was more than a decade ago. Today, domain spoofing is at near-zero.
"Our initial goal...
Guide
Scattered Canary Threat Dossier
Business email compromise (BEC) has continued to grow into a billion-dollar industry as cybercriminals turn to it as their preferred scam. But with the West African gang we’ve named Scattered Canary, we have deeper insight into how BEC is connected to the rest of cybercrime, and why it has grown in recent years.
Download the threat dossier to learn:
How Scattered Canary grew from a one-man...
Guide
Scarlet Widow Part 2: BEC Bitcoin Laundry—Scam, Rinse, Repeat
While many cybercriminal gangs scam medium-sized and large corporations, Agari has now uncovered and documented the practices of a Nigeria-based scammer group, dubbed Scarlet Widow, that has evolved a different strategy focused on more vulnerable sectors such as school districts, universities, and nonprofits.
In this report, we uncover:
How...
Guide
From SEG to SEC: The Rise of the Next-Generation Secure Email Cloud Architecture
The secure email gateway no longer works for business email compromise and advanced email threats. Discover why you need the Fortra Advanced Email Security.
Datasheet
Fortra's Integration for Palo Alto Networks Cortex XSOAR
Why Integrated Email Threat Data Matters
Email is a primary vector for attacks on your business today—and email threats are evolving faster than ever. But actionable data about email attacks is often inaccessible to time-strapped security operations and incident response teams. That disconnect leaves your business vulnerable and unable to mitigate hidden email threats.
Improve Visibility with...
Guide
Fortra Advanced Email Security + Microsoft 365
A majority of companies are shifting to Microsoft 365. See why integrating Fortra Advanced Email Security is needed to protect your email environment.
Case Study
Pharmaceutical Company Prevents Domain Spoofing with Agari DMARC Protection
Discover how one company implemented Agari DMARC Protection and secured their domains at p=reject in five months to block 26,000 spoofing attempts.
Blog
Top Social Media Threats Targeting the Retail Industry
Fri, 03/04/2022
Social media threats targeting enterprises more than doubled last year. Attacks on the retail industry specifically have grown, as threat actors are targeting victims with impersonation and counterfeit ad campaigns.
Purchasing behavior is increasingly influenced by social media, making it an attractive vector for these kinds of campaigns. The tendency of social media users to consume information...
Blog
2022 Data Privacy Week – Education and Inspiration
Mon, 01/24/2022
As the world becomes more and more dependent on online resources to complete daily tasks, such as work meetings, grocery shopping, and even exercising, the risk of cyber attacks, data breaches, and information stealing increases. If you’re not already protecting your personal information online, now is the perfect time to start, as Data Privacy Weeks kicks off today.
Led by the National Cyber...
Blog
What Is Email Phishing? Protect Your Enterprise
Wed, 12/08/2021
Phishing emails can steal sensitive data and cost companies' their reputation. However, protecting a company from these scammers doesn't need to be difficult.
What Is Email Phishing?
Phishing is when an attacker mimics a trusted person or brand in an attempt to steal sensitive information, or gain a foothold inside a company network. While phishing emails are by far the most popular, these...
Blog
How to Implement the BIMI-Selector Header for Multiple Brands
Thu, 05/20/2021
Wondering what Brand Indicators for Message Identification actually means? Here, we’ll cover the basics of BIMI, what the BIMI-selector header is, what it does, whether you need it, and how to implement it. But first, do you really need the BIMI-selector header? In most cases, you only need the BIMI-selector header if you want to support multiple logos for multiple brands or subdomains. Otherwise,...
Blog
How to Make Oauth2 Play Nice with EKS Ingress
Tue, 12/22/2020
Over the course of my technical career, I’ve always thought of Oauth2 to, frankly, be a bit of a pain. Oauth2 offers a mind boggling amount of possibilities and is the basis of many authorization workflows.However, I have found the documentation and supporting examples of how to integrate Oauth2 somewhat lacking. I hope that someone out in the ether will find this blog post and save a few days of...
Blog
What is Email Spoofing & How to Stop Attackers from Spoofing Your Email Address
Tue, 12/15/2020
What is email spoofing, how does it work, and why is it so dangerous to your company? We’ll explain everything you need to proactively stop attackers from spoofing your email address.
Email Spoofing: What Is It?
Email spoofing is when a fraudster forges an email header’s ‘From’ address to make it appear as if it was sent by someone else, usually a known contact like a high-level executive or...
Blog
Office 365 Phishing Emails: Prevention, Detection, Response
Tue, 11/24/2020
Office 365 phishing emails come in common patterns. I'll list them here and also cover Office 365 anti-phishing features for prevention, detection, and response.
Today, the typical Office 365 phishing emails direct users to fake Office 365 Sign-in pages. The victim submits their credentials, effectively handing over their password. Fraudsters use that login to access the victim’s address book,...
Blog
DKIM for Email: What It Is, How It Works, and How to Add It
Thu, 11/19/2020
We'll cover what DKIM for email is, why your company needs it, how it works, how to set DKIM up, and additional ways to prevent email spoofing attacks.
What is DKIM?
First, let’s clarify what DKIM is in email. DomainKeys Identified Mail is a technique that uses your domain name to sign your emails with a digital “signature” so your customers know it’s really you sending those emails and that...
Blog
Phishing: With Zero-Day Email Attacks Rising, Are Some Companies Giving Up the Fight?
Mon, 06/15/2020
Amid a troubling rise in zero-day phishing attacks, recent research suggests that some companies may be making an ill-advised shift away from blocking advanced email threats to responding to them post-delivery. If true, the capitulation couldn't come at a worse time. Since January, cybercriminals taking advantage of the COVID-19 outbreak have been targeting businesses and individuals with an...