Resources

Scattered Canary Guide
Guide
Guide

Scattered Canary Threat Dossier

Business email compromise (BEC) has continued to grow into a billion-dollar industry as cybercriminals turn to it as their preferred scam. But with the West African gang we’ve named Scattered Canary, we have deeper insight into how BEC is connected to the rest of cybercrime, and why it has grown in recent years. Download the threat dossier to learn: How Scattered Canary grew...
Advanced Persistent Threats (APT)
Business Email Compromise
Data Breach
Spear Phishing
Guide
Guide

Cosmic Lynx Threat Dossier: The Rise of Russian BEC

Cosmic Lynx is a Russia-based BEC cybercriminal organization that has significantly impacted the email threat landscape with sophisticated, high-dollar phishing attacks. In this threat dossier, you’ll discover key details about Cosmic Lynx, including: How Cosmic targets global corporations with incredibly sophisticated BEC attacks How Cosmic Lynx exploits DMARC controls to...
Advanced Persistent Threats (APT)
Business Email Compromise
Spear Phishing
Advanced Threat Protection
Anti-Phishing
Cloud Email Security
Blog
Blog

2022 Data Privacy Week – Education and Inspiration

Mon, 01/24/2022
As the world becomes more and more dependent on online resources to complete daily tasks, such as work meetings, grocery shopping, and even exercising, the risk of cyber attacks, data breaches, and information stealing increases. If you’re not already protecting your personal information online, now is the perfect time to start, as Data Privacy Weeks kicks off today.Led by the...
Advanced Persistent Threats (APT)
Data Breach
Social Engineering
Advanced Threat Protection
Anti-Phishing
Blog
Blog

What Is Email Phishing? Protect Your Enterprise

Wed, 12/08/2021
Phishing emails can steal sensitive data and cost companies' their reputation. However, protecting a company from these scammers doesn't need to be difficult.  What Is Email Phishing?  Phishing is when an attacker mimics a trusted person or brand in an attempt to steal sensitive information, or gain a foothold inside a company network. While phishing emails are by far the...
Advanced Persistent Threats (APT)
Business Email Compromise
Data Breach
Spear Phishing
Cloud Email Security
Blog
Blog

It’s the Most Wonderful Time of the Year… for Cybercriminals

Mon, 11/29/2021
The holiday season is upon us, which means it’s also the busiest time of the year for online shopping. There’s Black Friday, Cyber Monday, and gifts to buy for loved ones. Plus, gifts to buy for yourself when the deals are this good! But beware, for cybercriminals ‘tis also the season to scam millions of dollars from unsuspecting people and companies. They’re banking on people...
Advanced Threat Protection
Anti-Phishing
Phishing Simulation & Training
Cloud Email Security
DMARC Email Authentication
Blog
Blog

What is Email Spoofing & How to Stop Attackers from Spoofing Your Email Address

Tue, 12/15/2020
What is email spoofing, how does it work, and why is it so dangerous to your company? We’ll explain everything you need to proactively stop attackers from spoofing your email address. Email Spoofing: What Is It? Email spoofing is when a fraudster forges an email header’s ‘From’ address to make it appear as if it was sent by someone else, usually a known contact like a high...
Advanced Persistent Threats (APT)
Consumer Phishing
Spear Phishing
Advanced Threat Protection
Anti-Phishing
Cloud Email Security
Blog
Blog

DKIM for Email: What It Is, How It Works, and How to Add It

Thu, 11/19/2020
We'll cover what DKIM for email is, why your company needs it, how it works, how to set DKIM up, and additional ways to prevent email spoofing attacks. What is DKIM? First, let’s clarify what DKIM is in email. DomainKeys Identified Mail is a technique that uses your domain name to sign your emails with a digital “signature” so your customers know it’s really you sending those...
Cloud Email Security
DMARC Email Authentication
DKIM
Blog
Blog

Phishing: With Zero-Day Email Attacks Rising, Are Some Companies Giving Up the Fight?

Mon, 06/15/2020
Amid a troubling rise in zero-day phishing attacks, recent research suggests that some companies may be making an ill-advised shift away from blocking advanced email threats to responding to them post-delivery. If true, the capitulation couldn't come at a worse time. Since January, cybercriminals taking advantage of the COVID-19 outbreak have been targeting businesses and...
Advanced Threat Protection
Anti-Phishing
Phishing Simulation & Training
Remote Workforce Protection
Cloud Email Security
Email Security for G-Suite
Email Security for Office 365
Blog
Blog

Preventing Phishing Attacks:  The Dangers of Two-Factor Authentication

Mon, 06/08/2020
Are you protecting your remote workers against an endless barrage of COVID-19 related phishing attacks by requiring 2-factor authentication (2FA) to log into employee email accounts? Smart move—just don't let it give you a false sense of security.
Advanced Persistent Threats (APT)
Account Takeover
Consumer Phishing
Spear Phishing
Blog
Blog

COVID-19 Credential Phishing Scams: Feeding Off Coronavirus Fears

Tue, 04/28/2020
Since the beginning of February, we have seen more than a 3,000% increase in Coronavirus-themed phishing attacks targeting our customers. The spike in attacks is as logical as it is repugnant. With an estimated 75 million employees more reliant than ever on email during the largest "work-from-home experiment" in history, phishing scammers and other threat actors seem hellbent...
Advanced Persistent Threats (APT)
Consumer Phishing
Advanced Threat Protection
Anti-Phishing
Phishing Simulation & Training
Blog
Blog

Phishing Attacks: Top 3 Reasons Healthcare Employees Are Prime Targets

Wed, 01/22/2020
A growing body of evidence suggests employees throughout the healthcare sector may be uniquely vulnerable to phishing attacks. If finding itself a growing target for cybercriminals weren’t bad enough, the industry is also seeing associated lawsuits piling up. Montana-based Kalispell Regional Healthcare was recently hit with a suit after it disclosed that multiple employees had...
Advanced Threat Protection
Anti-Phishing
Phishing Simulation & Training
Phishing Incident Response
Blog
Blog

How to Stop Phishing Message Voicemail Attacks

Tue, 09/24/2019
At Agari we often talk about the evolving nature of advanced email attacks and the identity deception tactics that go with them. These attacks bypass legacy controls and like a magician delighting a curious audience, they trick the human psyche by targeting core human emotions such as fear, anxiety and curiosity. Of course, the magic in this case comes with ill intent. A good...
Advanced Persistent Threats (APT)
Consumer Phishing
Spear Phishing
Blog
Blog

Protecting our Clients from Email Spoofing: Our DMARC Journey

Tue, 03/26/2019
This post originally appeared on the Armadillo Blog and has been lightly edited for clarity.   Most organisations have been successful in blocking malicious emails targeted at their employees, at least to some extent. Various on-premise and cloud providers exist to take care of anti-spam, anti-virus, reputation scores, and advanced features such as sandboxing of executables. As...
Cloud Email Security
DMARC Email Authentication
SPF
DKIM
Blog
Blog

M&As Put Your Company at Risk for BEC Losses and Data Breach Liability

Thu, 01/17/2019
Mergers and acquisitions can build your company's value overnight, but business email compromise (BEC) and data breaches can tear it down just as quickly. Too often, M&A announcements are followed by waves of BEC attacks against the companies involved, or by news that the target company was the victim of a data breach. To get the most value from a merger or acquisition, you...
Advanced Persistent Threats (APT)
Business Email Compromise
Data Breach
Spear Phishing
Cloud Email Security
Video
Video

Account Takeover: The Evolution of Advanced Cyberattacks

By Markus Jakobsson
Targeted email attacks continue to escalate as organizations deal with increasing numbers of phishing, spear phishing and ransomware attempts. But another attack vector—account takeovers—is affecting 44% of organizations and is posing a significant risk. Watch this webinar to learn how: These attacks lead to large-scale data breaches and financial losses; How organizations...
Advanced Persistent Threats (APT)
Ransomware
Spear Phishing
Blog
Blog

Email Phishing Scam Continues to Target College Students

Thu, 02/22/2018
According to a public service announcement issued by the FBI, college students across the United States continue to be targeted in a common email phishing scam that lures students in with the promise of employment.It works like this: email Scammers advertise phony job opportunities on college employment websites or students receive emails on their student accounts recruiting...
Advanced Persistent Threats (APT)
Spear Phishing
Advanced Threat Protection
Anti-Phishing
Blog
Blog

Security Professional Pain Points – and How to Solve Them

Fri, 05/20/2016
Ask any security professional what the number one pain point is within their organization, and chances are they’ll say ‘user behavior’…with ‘malware’ coming in as a very close second. And while these issues are very different on the surface, they do have one thing in common: both are often the cause of high-profile data breaches, largely in part to the increased use of spear...
Advanced Persistent Threats (APT)
Spear Phishing
Advanced Threat Protection
Anti-Phishing
Cloud Email Security
Press Release
Press Release

New Cybersecurity Book Highlights Growing Threat of Social Engineering

Book Offers Tools and Techniques to Prevent Social Engineering-based Email Attacks SAN MATEO, Calif. – Dec. 13, 2016 – Agari, a leading cybersecurity company, today announced the release of a new book by Agari Chief Scientist Markus Jakobsson and other cybersecurity thought leaders, Understanding Social Engineering Based Scams. The book describes the increased use of social...
Blog
Blog

Don’t Let Your Customers Be Fooled By Cousin Domains

Tue, 12/15/2015
In the last five years, we’ve all become far too familiar with it – hackers spoofing a company’s domain and therefore tarnishing the brand, bad actors attempting to infect our computers with malware, and criminals sending millions of spam messages. As if this isn’t enough, now there is a whole group of people working to outsmart companies AND their customers by using cousin...
Cloud Email Security
DMARC Email Authentication
SPF
DKIM
Blog
Blog

What is Identifier Alignment?

Tue, 10/07/2014
When you begin to work with DMARC, you realize just how important identifier alignment is. Identifier alignment forces the domains authenticated by SPF and DKIM to have a relationship to the "header From" domain. Header From Domain and the MailFrom domain are different?Yes, they are! Hearing these terms can confuse people. They sound like the same thing, but in reality they are...
Cloud Email Security
DMARC Email Authentication
DKIM