In the first reported case of its kind, a phishing ring in Eastern Europe is exploiting companies' own Domain-based Message Authentication, Reporting and Conformance ( DMARC ) controls to impersonate CEOs in business email compromise (BEC) scams worth millions. As detailed in our new threat actor dossier on a group we call Cosmic Lynx , the Agari Cyber Intelligence Division (ACID) has identified...

A growing body of evidence suggests employees throughout the healthcare sector may be uniquely vulnerable to phishing attacks. If finding itself a growing target for cybercriminals weren’t bad enough, the industry is also seeing associated lawsuits piling up. Montana-based Kalispell Regional Healthcare was recently hit with a suit after it disclosed that multiple employees had fallen victim to...

There is no denying that business email compromise (BEC) is big business, with losses exceeding a billion dollars in the United States in the last year alone. Globally, BEC attacks have cost more than $13 billion in the last five years. Chances are likely that you’ve probably been a recipient of one of these social-engineered emails yourself. But the question remains… who is behind these...

You likely have a fraudulent email from a business email compromise (BEC) scammer sitting in your inbox, and you may not realize it. However, recent research from the Agari Cyber Intelligence Division (ACID) has shown that these advanced phishing attacks increasingly possess a handful of commonalities, making them easier to spot—which is good news considering their popularity. There are more BEC...