Resources

Going Phishing Isn't Seasonal–Get the Latest Results from 2023's Tournament

By Monica Delyani on Thu, 02/22/2024

Preview the latest global phishing benchmarking results and expert security awareness recommendations from Fortra's Terranova Security 2023 Gone Phishing Tournament.

Guide

Machine Learning Models in Cloud Email Protection

Traditional email security products struggle to detect email impersonation threats such as Business Email Compromise (BEC) and spear phishing campaigns. These threats consistently bypass defenses that rely on signatures and policies like Secure Email Gateways and native-cloud email filters. This guide breaks down how Fortra uses advanced data science, including machine learning models, to find and mitigate attacks that slip past traditional email defenses.

Advanced Persistent Threats (APT)

Business Email Compromise

Social Engineering

Advanced Threat Protection

Anti-Phishing

Cloud Email Security

Blog

Holiday Season Triggers Rise in Counterfeit Activity

Fri, 12/09/2022

Counterfeit activity increases every year during the pre-holiday shopping blitz -- most notably Black Friday, Cyber Monday, Christmas and Hanukkah. Arm yourself with defenses now to combat ever-evolving counterfeiting methods during peak retail shopping season.

Blog

Financials & Card Data Top Q3 Targets on the Dark Web

Mon, 12/05/2022

In Q3, credit unions nearly overtook national banks as the top targeted industry on the Dark Web, according to recent data from Fortra’s PhishLabs.

Blog

Attacks Targeting Businesses on Social Media Jump 40% YoY

Wed, 11/23/2022

In this post, we discuss the industries most prone to attack on social media, and the top threat types found on those platforms.

Blog

Emails Reported as Malicious Reach Four-Quarter High in Q3

Wed, 11/23/2022

The volume of malicious emails reported in corporate inboxes has reached a four-quarter high, according to the latest data from Fortra's PhishLabs.

Blog

DKIM vs. SPF Email Standards: Do I Need Them Both?

Thu, 10/20/2022

When it comes to email authentication standards, should you use DKIM, SPF, or both? We’re going to cover these terms, when you should use them, what they do—and how best to protect your email domains. Is it Either/Or—or Both? Should the battle really be SPF vs. DKIM? While not mandatory, it’s highly recommended to use both SPF and DKIM to protect your email domains from spoofing attacks and fraud...

Press Release

Forbes: 8 Ways To Keep Your Social Security Number Safe From Identity Theft

It’s difficult to control your Social Security number in the wild. In his September contribution to Forbes Advisor, John Wilson discusses the most common scams involving Social Security numbers and provides 8 steps individuals can take to prevent identity fraud. Originally published in Forbes Advisor : “For too many of us, our SSNs are already in the hands of miscreants, along with our other...

Article

How to Mitigate Online Counterfeit Threats

Tue, 09/27/2022

The broad scope of counterfeit campaigns and unclear boundaries of abuse make it challenging to successfully mitigate online threats targeting retail brands. There is a fine line between infringement and fair use of publicly made materials, as well as immeasurable online environments where counterfeit campaigns may live and grow.

Blog

The “i'’s” Have It: How BEC Scammers Validate New Targets with Blank Emails

Fri, 07/29/2022

Have you ever received a blank email from someone you don’t know? If you have, it may have been from a cybercriminal making sure your email account is legitimate prior to a Business Email Compromise (BEC) attack. Agari and PhishLabs define BEC as any response-based spear phishing attack involving the impersonation of a trusted party to trick victims into making an unauthorized financial...

On-Demand Webinar

Simplifying DMARC Email Authentication with Agari DMARC Protection

By Brent Sleeper

In this webinar, discover how Agari DMARC Protection automates and simplifies DMARC email authentication so you can get to policy=reject faster. You will gain valuable insights, such as: The challenge and limits of DMARC. The benefits of hosted DMARC, BIMI, SPF, and DKIM records. How automated discovery helps quickly identify email senders. Ways to quickly investigate unknown senders. Tips for...

Video

What is Social Engineering?

Tue, 07/26/2022

Transcript Social engineering is the use of idiosyncrasies of the way our brains work to trick us into doing something we would otherwise not do. Let me give you an example. Suppose that you live in an apartment complex that has a secure gate and everyone at that complex has been told, "Don't let strangers in. Don't hold the door for anyone." I could use a few techniques to get in there. For...

Video

What is a Data Breach?

Tue, 07/26/2022

Transcript A data breach occurs anytime somebody has unauthorized access to data. In a corporate sense, this can be anytime that an employee internally is able to access data that they do not have permission for, or more specifically, when somebody outside of the organization is able to gain access inside the organization by using compromised credentials or some type of persistence on an endpoint...

On-Demand Webinar

Revealing the State of Customer Phishing and DMARC Enforcement

By John Wilson

In this presentation, we’ll reveal the latest from our 2022 Email Fraud and Identity Trends report, focusing on Customer Phishing and DMARC Enforcement.

Guide

Scarlet Widow Part 1: Breaking Hearts for Profit

Table of Contents Who is Scarlet Widow? Femmes Fictionale and Counterfeit Romeos The Long Con: Making Moves for Money Starry Eyes for Starling Michael Up Close and Personal: The Case of "Robert Blackwell"

Datasheet

Stop Identity-Based Email Attacks

Understanding The Threats Today’s modern identity-based email attacks exploit the identity of trusted colleagues and brands. However, each varies in the tactics and techniques used. Understanding the differences will be critical in being able to effectively and accurately stop these attacks. Customer Phishing : Cybercriminals use brand impersonation techniques such as domain spoofing and malicious...

Datasheet

Agari Automation and Hosting Features

The Email Authentication Challenge Email is the #1 way attackers target an organization’s customers and email ecosystem. DMARC authentication, specifically with an enforcement policy of Reject, is the single most effective way to close this vulnerability inherent to email. While the premise of authentication is straightforward, organizations can encounter roadblocks and challenges along the way to...

Case Study

Los Angeles-Based Large Credit Union Eradicates Phishing Attacks

Executive Summary Los Angeles Federal Credit Union (LAFCU) was in the crosshairs of email scammers. Its brand was constantly being spoofed, putting its members at risk of being defrauded. The CTO prioritized email security as part of his broader risk management strategy, and selected Agari as his partner. That was more than a decade ago. Today, domain spoofing is at near-zero. "Our initial goal...

Guide

Scattered Canary Threat Dossier

Business email compromise (BEC) has continued to grow into a billion-dollar industry as cybercriminals turn to it as their preferred scam. But with the West African gang we’ve named Scattered Canary, we have deeper insight into how BEC is connected to the rest of cybercrime, and why it has grown in recent years. Download the threat dossier to learn: How Scattered Canary grew from a one-man startup...

Guide

Scarlet Widow Part 2: BEC Bitcoin Laundry—Scam, Rinse, Repeat

While many cybercriminal gangs scam medium-sized and large corporations, Agari has now uncovered and documented the practices of a Nigeria-based scammer group, dubbed Scarlet Widow, that has evolved a different strategy focused on more vulnerable sectors such as school districts, universities, and nonprofits. In this report, we uncover: How Scarlet Widow transitioned from romance scams to tax...

Going Phishing Isn't Seasonal–Get the Latest Results from 2023's Tournament

Machine Learning Models in Cloud Email Protection

Holiday Season Triggers Rise in Counterfeit Activity

Financials & Card Data Top Q3 Targets on the Dark Web

Attacks Targeting Businesses on Social Media Jump 40% YoY

Emails Reported as Malicious Reach Four-Quarter High in Q3

DKIM vs. SPF Email Standards: Do I Need Them Both?

Forbes: 8 Ways To Keep Your Social Security Number Safe From Identity Theft

How to Mitigate Online Counterfeit Threats

The “i'’s” Have It: How BEC Scammers Validate New Targets with Blank Emails

Simplifying DMARC Email Authentication with Agari DMARC Protection

What is Social Engineering?

What is a Data Breach?

Revealing the State of Customer Phishing and DMARC Enforcement

Scarlet Widow Part 1: Breaking Hearts for Profit

Stop Identity-Based Email Attacks

Agari Automation and Hosting Features

Los Angeles-Based Large Credit Union Eradicates Phishing Attacks

Scattered Canary Threat Dossier

Scarlet Widow Part 2: BEC Bitcoin Laundry—Scam, Rinse, Repeat

Contact Information

Privacy Policy

Cookie Policy

Impressum