Resources

Guide

Machine Learning Models in Cloud Email Protection

Traditional email security products struggle to detect email impersonation threats such as Business Email Compromise (BEC) and spear phishing campaigns. These threats consistently bypass defenses that rely on signatures and policies like Secure Email Gateways and native-cloud email filters. This guide breaks down how Fortra uses advanced data science, including machine learning models, to find and mitigate attacks that slip past traditional email defenses.

Advanced Persistent Threats (APT)

Business Email Compromise

Social Engineering

Advanced Threat Protection

Anti-Phishing

Cloud Email Security

Blog

Attacks Targeting Businesses on Social Media Jump 40% YoY

Wed, 11/23/2022

In this post, we discuss the industries most prone to attack on social media, and the top threat types found on those platforms.

Blog

Emails Reported as Malicious Reach Four-Quarter High in Q3

Wed, 11/23/2022

The volume of malicious emails reported in corporate inboxes has reached a four-quarter high, according to the latest data from Fortra's PhishLabs.

Press Release

The Last Watchdog: The Drivers Behind Persistent Ransomware and Defensive Tactics to Deploy

In his guest essay for The Last Watchdog, Eric George, Director of Solutions Engineering at PhishLabs by, explains what ransomware is, who the high-stake threat actors are, and how organizations can defend themselves against ransomware attacks. Originally published in The Last Watchdog “Ransomware usually starts with a phishing email. An unsuspecting employee will open a legitimate-looking message...

Blog

The “i'’s” Have It: How BEC Scammers Validate New Targets with Blank Emails

Fri, 07/29/2022

Have you ever received a blank email from someone you don’t know? If you have, it may have been from a cybercriminal making sure your email account is legitimate prior to a Business Email Compromise (BEC) attack. Agari and PhishLabs define BEC as any response-based spear phishing attack involving the impersonation of a trusted party to trick victims into making an unauthorized financial...

Video

What is Social Engineering?

Tue, 07/26/2022

Transcript Social engineering is the use of idiosyncrasies of the way our brains work to trick us into doing something we would otherwise not do. Let me give you an example. Suppose that you live in an apartment complex that has a secure gate and everyone at that complex has been told, "Don't let strangers in. Don't hold the door for anyone." I could use a few techniques to get in there. For...

Video

What is Ransomware?

Tue, 07/26/2022

Transcript Ransomware really is continuing to be that go-to attack for attackers, and it's really one of the most effective ways that they have to extort businesses and compromise user data. How does ransomware work? Well, typically, it's delivered via infected email attachments or via compromised websites or contact management systems. Here at Agari, we actually think that the best way to...

On-Demand Webinar

Revealing the State of Customer Phishing and DMARC Enforcement

By John Wilson

In this presentation, we’ll reveal the latest from our 2022 Email Fraud and Identity Trends report, focusing on Customer Phishing and DMARC Enforcement.

Press Release

How Enterprises Can Defend Against Rapidly Evolving Ransomware

Ransomware threats can change daily, making consumers and businesses more vulnerable than ever. Names like Angler malvertising, Locky ransomware and Angler Exploit Kit frequently crop up in the news, despite law enforcement’s best efforts to contain them. Simply put, malware is popular because it’s successful. Cyber criminals make an estimated 1,425% ROI for exploit kit and ransomware schemes...

Guide

Scarlet Widow Part 1: Breaking Hearts for Profit

Table of Contents Who is Scarlet Widow? Femmes Fictionale and Counterfeit Romeos The Long Con: Making Moves for Money Starry Eyes for Starling Michael Up Close and Personal: The Case of "Robert Blackwell"

Guide

Scarlet Widow Part 2: BEC Bitcoin Laundry—Scam, Rinse, Repeat

While many cybercriminal gangs scam medium-sized and large corporations, Agari has now uncovered and documented the practices of a Nigeria-based scammer group, dubbed Scarlet Widow, that has evolved a different strategy focused on more vulnerable sectors such as school districts, universities, and nonprofits. In this report, we uncover: How Scarlet Widow transitioned from romance scams to tax...

Guide

Ransomware: Exploring the Leading Cyber Extortion Tool

Ransomware has evolved from targeting individuals to extorting large sums of money from businesses with the threat of releasing or destroying their private company data. This type of email-based attack can cause tremendous financial losses as well as reputation damage that’s difficult and expensive to repair. Read our ransomware white paper now for insights from Agari Chief Scientist Markus...

Blog

Top Social Media Threats Targeting the Retail Industry

Fri, 03/04/2022

Social media threats targeting enterprises more than doubled last year. Attacks on the retail industry specifically have grown, as threat actors are targeting victims with impersonation and counterfeit ad campaigns. Purchasing behavior is increasingly influenced by social media, making it an attractive vector for these kinds of campaigns. The tendency of social media users to consume information...

Blog

2022 Data Privacy Week – Education and Inspiration

Mon, 01/24/2022

As the world becomes more and more dependent on online resources to complete daily tasks, such as work meetings, grocery shopping, and even exercising, the risk of cyber attacks, data breaches, and information stealing increases. If you’re not already protecting your personal information online, now is the perfect time to start, as Data Privacy Weeks kicks off today. Led by the National Cyber...

Blog

Inside a Compromised Account: How Cybercriminals Use Credential Phishing to Further BEC Scams

Mon, 06/07/2021

Why would a cybercriminal spend time developing malware when he can simply trick unsuspecting users into handing over their passwords? Why would a threat actor spend her money and resources on ransomware, when she can get that same information through a compromised account? It’s a good question, and exactly what the Agari Cyber Intelligence Division wanted to discover. In a growing trend known as...

Blog

Cyber Threat Intelligence: How to Stay Ahead of Threats

Tue, 05/18/2021

Generally defined, cyber threat intelligence is information used to better understand possible digital threats that might target your organization. This data will help identify threats in order to prevent security breaches in the future. Why Cyber Threat Intelligence is Important Having a system in place that can produce threat intelligence is critical to staying ahead of digital threats, as well...

Blog

Frost Radar Names Agari as a Leader in Email Security

Wed, 04/28/2021

Three months ago, when I joined Agari as the Chief Marketing Officer, I knew that I was joining a leader in email security. I knew this partially because I worked for Agari from 2016-2019 during an exciting time of change for the company. But my time away from Agari made me realize how much it has to offer its customers and partners, which is ultimately why I decided to return. And I’m thrilled to...

Blog

Cosmic Lynx Returns in 2021 with Updated Tricks

Thu, 02/11/2021

In July 2020, we published a report on a Russian-based BEC group we called Cosmic Lynx . In that report , we described the tactics used by the group, which included its targeting of senior executives at large companies with a global footprint and how it uses mergers and acquisitions (M&A) themes in its BEC email lures. Shortly after we published the report, we saw a significant decrease in Cosmic...

Blog

How to Make Oauth2 Play Nice with EKS Ingress

Tue, 12/22/2020

Over the course of my technical career, I’ve always thought of Oauth2 to, frankly, be a bit of a pain. Oauth2 offers a mind boggling amount of possibilities and is the basis of many authorization workflows. However, I have found the documentation and supporting examples of how to integrate Oauth2 somewhat lacking. I hope that someone out in the ether will find this blog post and save a few days of...

Blog

The Global Reach of Business Email Compromise (BEC)

Mon, 10/12/2020

Over the last five years, Business Email Compromise (BEC) has evolved into the predominant cyber threat businesses face today. Since 2016, businesses have lost at least $26 billion as a result of BEC scams and, based on the most recent FBI IC3 report , losses from BEC attacks grew another 37 percent in 2019—accounting for 40 percent of all cybercrime losses over the course of the year. The...

Machine Learning Models in Cloud Email Protection

Attacks Targeting Businesses on Social Media Jump 40% YoY

Emails Reported as Malicious Reach Four-Quarter High in Q3

The Last Watchdog: The Drivers Behind Persistent Ransomware and Defensive Tactics to Deploy

The “i'’s” Have It: How BEC Scammers Validate New Targets with Blank Emails

What is Social Engineering?

What is Ransomware?

Revealing the State of Customer Phishing and DMARC Enforcement

How Enterprises Can Defend Against Rapidly Evolving Ransomware

Scarlet Widow Part 1: Breaking Hearts for Profit

Scarlet Widow Part 2: BEC Bitcoin Laundry—Scam, Rinse, Repeat

Ransomware: Exploring the Leading Cyber Extortion Tool

Top Social Media Threats Targeting the Retail Industry

2022 Data Privacy Week – Education and Inspiration

Inside a Compromised Account: How Cybercriminals Use Credential Phishing to Further BEC Scams

Cyber Threat Intelligence: How to Stay Ahead of Threats

Frost Radar Names Agari as a Leader in Email Security

Cosmic Lynx Returns in 2021 with Updated Tricks

How to Make Oauth2 Play Nice with EKS Ingress

The Global Reach of Business Email Compromise (BEC)

Contact Information

Privacy Policy

Cookie Policy

Impressum