Resources

Article
Article

How to Mitigate Online Counterfeit Threats

Tue, 09/27/2022
The broad scope of counterfeit campaigns and unclear boundaries of abuse make it challenging to successfully mitigate online threats targeting retail brands. There is a fine line between infringement and fair use of publicly made materials, as well as immeasurable online environments where counterfeit campaigns may live and grow.
Advanced Persistent Threats (APT)
Consumer Phishing
Data Breach
Blog
Blog

What Is Email Spoofing & How You Protect Against It

Tue, 09/20/2022
What is Email Spoofing? Email spoofing is one of the most common forms of cybercriminal activity, specifically a form of identity deception that's widely used in phishing and spam attacks. It underpins the mechanism required to conduct hacking activities, and it can take many forms. Unfortunately, most email users will eventually receive an email that has been spoofed—whether...
Advanced Persistent Threats (APT)
Business Email Compromise
Cloud Email Security
DMARC Email Authentication
Blog
Blog

How to Run Simulated Phishing Campaigns

Tue, 09/13/2022
Here's how to run a simulated phishing campaign to test and train your employees before they receive an actual phishing email.  What is a Phishing Campaign? To be clear, when we say “phishing campaign,” we’re not referring to malicious, black-hat phishing campaigns. A simulated phishing campaign is part of an internal training program to raise employee awareness about real...
Advanced Threat Protection
Anti-Phishing
Article
Article

Hybrid Vishing. It's Such A Thing.

Mon, 09/12/2022
In this podcast, John Wilson, senior fellow for threat research at, discusses how vishing, a tactic used to gain PII information from people through phone messages is - like its success - on the rise. Gain insight into this devious scam and the best defense against it. ...
Advanced Persistent Threats (APT)
Blog
Blog

The Definitive Report Analyzer: Deciphering DMARC

By Monica Delyani on Sat, 08/20/2022
It takes years to build trusted relationships with your customers — but as all-too-familiar headlines and recounted tales of woe from IT departments tell us, cybercriminals can abuse that trust to trick your customers, employees, and partners into opening their malicious emails in a matter of minutes.   DMARC, or Domain-Based Message Authentication, Reporting, and Conformance,...
Cloud Email Security
DMARC Email Authentication
Blog
Blog

DMARC Authentication: Is DIY’ing it Worth the Risk?

By Monica Delyani on Sat, 08/20/2022
Do-it-yourselfers abound everywhere in these days – from YouTube stars demonstrating the latest hacks through tutorials to entire cable channels and streaming networks devoted to DIY, average laypeople have become self-proclaimed experts in a variety of areas and skills. But should you take a do-it-yourself approach when it comes to technology and email security, or more...
Cloud Email Security
DMARC Email Authentication
Blog
Blog

Office 365 + DMARC: Best Practices for Protecting Your Company & Customers From Phishing Attacks

By John Wilson on Mon, 08/15/2022
In 2021, Gartner includes DMARC, or known by its full name as Domain-based Message Authentication, Reporting & Conformance, in its list of top 10 security projects. With very few exceptions, the best way for organizations to prevent getting impersonated in email attacks is to integrate DMARC into their Office 365-based email ecosystems. To understand why, let’s consider the...
Cloud Email Security
DMARC Email Authentication
Email Security for Office 365
Security Software
Blog
Blog

One Big Threat Protection Problem, One Simple Email Security Solution

Fri, 08/12/2022
There’s no question, Microsoft 365 is a production powerhouse used by millions worldwide. It offers a multitude of robust products that allow easy collaboration and efficiency, and many organizations believe the email security features are adequately protecting them. The harsh truth is that it’s probably not protecting them as much as they think. The proverbial saying goes: ...
Blog
Blog

The “i'’s” Have It: How BEC Scammers Validate New Targets with Blank Emails

Fri, 07/29/2022
Have you ever received a blank email from someone you don’t know? If you have, it may have been from a cybercriminal making sure your email account is legitimate prior to a Business Email Compromise (BEC) attack. Agari and PhishLabs define BEC as any response-based spear phishing attack involving the impersonation of a trusted party to trick victims into making an unauthorized...
ACID Research
Advanced Persistent Threats (APT)
Consumer Phishing
Spear Phishing
Guide
Guide

Scarlet Widow Part 1: Breaking Hearts for Profit

Table of Contents Who is Scarlet Widow? Femmes Fictionale and Counterfeit Romeos The Long Con: Making Moves for Money Starry Eyes for Starling Michael Up Close and Personal: The Case of "Robert Blackwell" ...
Advanced Persistent Threats (APT)
Social Engineering
Advanced Threat Protection
Anti-Phishing
Video
Video

Informatica Gains Visibility into Threats by Using Fortra

Listen to Bill Burns, Chief Trust Officer and VP of Business Transformation for Informatica, speak about his experience working with Fortra's Agari.       Transcript  I'm Bill Burns, Chief Trust Officer and VP of Business Transformation for Informatica. I've been working with Fortra's Agari for about six years at previous companies, introducing...
Advanced Persistent Threats (APT)
Account Takeover
Business Email Compromise
Case Study
Case Study

Los Angeles-Based Large Credit Union Eradicates Phishing Attacks

Executive Summary Los Angeles Federal Credit Union (LAFCU) was in the crosshairs of email scammers. Its brand was constantly being spoofed, putting its members at risk of being defrauded. The CTO prioritized email security as part of his broader risk management strategy, and selected Agari as his partner. That was more than a decade ago. Today, domain spoofing is at near-zero....
Advanced Persistent Threats (APT)
Consumer Phishing
Advanced Threat Protection
Anti-Phishing
Guide
Guide

Anatomy of a Compromised Account

Credential phishing leads to compromised accounts, and compromised accounts lead to more credential phishing. In order to uncover the mechanics, the Agari Cyber Intelligence Division seeded more than 8,000 phishing sites with fake credentials and then monitored what happened next. In this report, you’ll discover more about how cybercriminals access and use compromised accounts...
Advanced Persistent Threats (APT)
Business Email Compromise
Spear Phishing
Vendor Email Compromise
Getting Started with DMARC Guide
Guide
Guide

Getting Started with DMARC

Discover why cybercriminals target enterprise email channels for phishing schemes and how you can protect yourself from phishing by implementing DMARC.
Cloud Email Security
DMARC Email Authentication
Guide
Guide

Frost Radar: Email Security Report

Frost & Sullivan has released the Frost Radar: Email Security, providing a benchmarking system to help you protect your email from cyber attacks. Download the report for more information about: Why email is a top threat vector for cyber attacks, and how working from home has increased the risk How the email security market will continue to grow as more organizations...
Cloud Email Security
DMARC Email Authentication