Resources

Blog
Blog

Ensuring DMARC Compliance for Third-Party Senders

Fri, 09/06/2019
Marketo. Salesforce. Eloqua. Bamboo HR. Zendesk. It only takes a minute to realize how much organizations love third-party senders. They are typically responsible for sending our important customer notifications, marketing promotions, prospecting emails, and even employee information. Because their mail is so important to your business, we should do what we can to help them become DMARC compliant...
Cloud Email Security
DMARC Email Authentication
Blog
Blog

From One to Many: Scattered Canary Evolves from One-Man Startup to BEC Enterprise

Tue, 06/04/2019
There is no denying that business email compromise (BEC) is big business, with losses exceeding a billion dollars in the United States in the last year alone. Globally, BEC attacks have cost more than $13 billion in the last five years. Chances are likely that you’ve probably been a recipient of one of these social-engineered emails yourself. But the question remains… who is behind these...
ACID Research
Advanced Persistent Threats (APT)
Business Email Compromise
Blog
Blog

Quick, Urgent, Request: Agari Research Reveals Top Ten Subject Lines Used for BEC

Mon, 05/13/2019
You likely have a fraudulent email from a business email compromise (BEC) scammer sitting in your inbox, and you may not realize it. However, recent research from the Agari Cyber Intelligence Division (ACID) has shown that these advanced phishing attacks increasingly possess a handful of commonalities, making them easier to spot—which is good news considering their popularity. There are more BEC...
ACID Research
Advanced Persistent Threats (APT)
Business Email Compromise
Blog
Blog

The Time is Now: Underscoring the Importance of DMARC for State and Local Governments

Wed, 04/17/2019
Scammers know that impersonating a trusted government agency is an extremely effective way to trick or scare victims into handing over money, personal data, or sensitive information. In many cases, it’s all too easy for cybercriminals to use the agency’s own domains to send authentic-looking phishing emails to constituents and contractors. That’s why the Department of Homeland Security announced...
Cloud Email Security
DMARC Email Authentication
Blog
Blog

Protecting our Clients from Email Spoofing: Our DMARC Journey

Tue, 03/26/2019
This post originally appeared on the Armadillo Blog and has been lightly edited for clarity. Most organisations have been successful in blocking malicious emails targeted at their employees, at least to some extent. Various on-premise and cloud providers exist to take care of anti-spam, anti-virus, reputation scores, and advanced features such as sandboxing of executables. As a service provider...
Cloud Email Security
DMARC Email Authentication
SPF
DKIM
Product Video
Product Video

Watch a Short Demo of Agari Phishing Response

Tue, 02/12/2019
Agari Phishing Response prioritizes reported incidents, automating investigative analysis and triage, to elevate the most suspicious to the top of the list. Then, it reduces manual efforts with remediation workflows to accelerate time-to-containment.
Advanced Threat Protection
Anti-Phishing
Product Video
Product Video

Watch a Short Demo of Agari Phishing Defense

Fri, 02/01/2019
Agari Phishing Defense uses predictive, artificial intelligence and real-time insights from trillions of emails each year, and we stop 99.987% of the attacks that secure email gateways missed. How? Let's take a look.
Advanced Threat Protection
Anti-Phishing
Blog
Blog

The ROI of Protecting Your Brand, Customers and Partners from Phishing

Thu, 10/25/2018
Over the past 6 months, 100% of Agari customer brands and more than 80% of their domains have been the target of consumer phishing or B2B phishing attacks impersonating their brand to commit fraud. While the cost of phishing attacks isn't always visible, there are very real costs to businesses in the form of email deliverability, brand value and fraud costs. The root cause of this problem is that...
Cloud Email Security
DMARC Email Authentication
Press Release
Press Release

Agari Summer '18 Release Extends Protection against Advanced Deception Attacks

FOSTER CITY, Calif., June 13, 2018 – Agari, a leader in Identity Deception Protection solutions, today announced its Summer ’18 Release, which extends the protection of the Agari Email Trust Platform™ against advanced identity deception attacks. Major enhancements in this release include attachment analysis for improved account takeover detection, an interactive threat taxonomy for granular attack...
Blog
Blog

Email Phishing Scam Continues to Target College Students

Thu, 02/22/2018
According to a public service announcement issued by the FBI, college students across the United States continue to be targeted in a common email phishing scam that lures students in with the promise of employment. It works like this: email Scammers advertise phony job opportunities on college employment websites or students receive emails on their student accounts recruiting them for fictitious...
Advanced Persistent Threats (APT)
Spear Phishing
Advanced Threat Protection
Anti-Phishing
Blog
Blog

Understanding Email Identity

Wed, 10/12/2016
One of the things that often stumps even the most security conscious companies is knowing all the third-party email service providers they are working with. It is extremely difficult, if not impossible for these organizations to protect their customers from phishing attacks if they don’t even know who is sending legitimate email on their behalf. And this gets even more challenging when you...
Advanced Threat Protection
Anti-Phishing
Cloud Email Security
Blog
Blog

Email Headers Explained: Understanding Email Header Information

Wed, 07/27/2016
With the surge of phishing and other advanced email attacks, you can’t be too careful when it comes to your inbound email messages. Beyond viewing the basic information provided, you should make it a habit of viewing and understanding your emails' full headers.
Cloud Email Security
DMARC Email Authentication
Blog
Blog

Security Professional Pain Points – and How to Solve Them

Fri, 05/20/2016
Ask any security professional what the number one pain point is within their organization, and chances are they’ll say ‘user behavior’…with ‘malware’ coming in as a very close second. And while these issues are very different on the surface, they do have one thing in common: both are often the cause of high-profile data breaches, largely in part to the increased use of spear phishing email...
Advanced Persistent Threats (APT)
Spear Phishing
Advanced Threat Protection
Anti-Phishing
Cloud Email Security
Press Release
Press Release

How to Become Unphishable

As phishing attacks continue unabated, vendors and banks alike are scrambling to find better solutions. In a warning issued this week, the FBI said it’s seen a 270% increase in identified victims and exposed losses due to business email compromise since January 2015. Business email compromise or “CEO fraud” phishing targets businesses that frequently perform wire transfers. Perpetrators compromise...
Blog
Blog

Don’t Let Your Customers Be Fooled By Cousin Domains

Tue, 12/15/2015
In the last five years, we’ve all become far too familiar with it – hackers spoofing a company’s domain and therefore tarnishing the brand, bad actors attempting to infect our computers with malware, and criminals sending millions of spam messages. As if this isn’t enough, now there is a whole group of people working to outsmart companies AND their customers by using cousin domains to fool...
Cloud Email Security
DMARC Email Authentication
SPF
DKIM
Blog
Blog

Email Phishing Examples and How to Spot Them

Tue, 10/13/2015
In the second in our series of blogs on the Fundamentals of Phishing we will explore how to identify fraudulent emails. Not that long ago, phishing attempts were quite primitive and often full of errors, and it was easier for consumers to identify when something was amiss. In addition, consumers weren’t accessing their inboxes from multiple devices and mobiles, nor did they expect to receive...
Advanced Threat Protection
Anti-Phishing
Blog
Blog

What is Identifier Alignment?

Tue, 10/07/2014
When you begin to work with DMARC, you realize just how important identifier alignment is. Identifier alignment forces the domains authenticated by SPF and DKIM to have a relationship to the "header From" domain. Header From Domain and the MailFrom domain are different? Yes, they are! Hearing these terms can confuse people. They sound like the same thing, but in reality they are not. The...
Cloud Email Security
DMARC Email Authentication
DKIM
Blog
Blog

What are the Differences Between DomainKeys (DK) and DKIM?

Tue, 09/16/2014
This is the second in a new ongoing series for us that gives you the tips and tricks you need for successful DMARC deployment . Read the previous tip here . DomainKeys Identified Mail (DKIM) is the successor to Yahoo DomainKeys. Both share similarities, however DKIM has the additional aspects of Cisco's Identified Internet Mail standard (IIM). The enhancements to this standard gives more security...
Cloud Email Security
DMARC Email Authentication
DKIM
Blog
Blog

DMARC Deployment Tips & Tricks: PermError SPF

Tue, 09/09/2014
This is the start of a new ongoing series for us that gives you the tips and tricks you need for successful DMARC deployment. What does "PermError SPF Permanent Error: Too many DNS lookups" mean? There are several safeguards put in place with SPF . One of these is a limitation of DNS lookups to help ensure that you do not have timeout issues. SPF will evaluate only 10 DNS mechanism lookups in an...
Cloud Email Security
DMARC Email Authentication
SPF
Blog
Blog

The Phishing Kill Chain

Mon, 08/04/2014
One of the great things about a conference like BlackHat is that it gives people like me the opportunity to take a step back, get out of the specific back alleyways of cybersecurity that we usually inhabit, and take a broader, more holistic look at attack and defense. One concept that's been talked about for a while is the Cyber Kill Chain. It takes a military-theoretical approach to network asset...
Advanced Threat Protection
Anti-Phishing
Cloud Email Security
DMARC Email Authentication