Marriott Hotels, Dunkin Donuts, even the House GOP. During the final quarter of 2018, a host of high-profile data breaches and cyberattacks have made major headlines. Some stemmed from business email compromise (BEC) scams, spear phishing campaigns, or other advanced email threats. Others are expected to help fuel such attacks in the future. A few might see somebody fight back through innovative...

By the end of this year, 77% of all enterprises will have moved at least some of their operations into the cloud—including email. At the same time, we're seeing that fraudsters have been doing some modernizing of their own. Tactics that were once the domain of nation states are now being adopted by increasingly networked cybercrime organizations. Exploiting the same targeting and lead generation...

California has witnessed its most deadly and destructive wildfire on record during the month of November. As the Camp Fire blazes on, more than 70 people have died, hundreds are still missing, and in some cases, entire towns have been reduced to little more than ashes. What’s more is that impending rain threatens to bring mudslides and further destruction to an already ravaged area. Despite the...

Editor's Note: This article is Part 2 in a three-part series based on findings from the Q4 2018 Email Fraud & Identity Deception Trends report. Click here to read Part 1 . First there's the good news: 51% percent of Fortune 500 companies have adopted DMARC, the open email-authentication standard designed to prevent fraudsters from impersonating brands in email scams, according to the Email Fraud &...

Want to get a sense of the carnage being caused by business email compromise (BEC) attacks? Look no further than an October 16 report from the Securities and Exchange Commission on an investigation into nine publicly-traded companies that were swindled out of $100 million through BEC scams . It isn't pretty. According to the report, one of these companies made 14 separate wire payments for fake...

Phishing, Business Email Compromise (BEC) , and other email attacks still involve display name deception—with Microsoft, and Amazon are still impersonated in many of these identity deception attacks. (Part 1 of 3) Display name deception techniques are now used in a majority of business email compromise (BEC) scams and other advanced email attacks targeting a growing number of companies, according...

Over the past 6 months, 100% of Agari customer brands and more than 80% of their domains have been the target of consumer phishing or B2B phishing attacks impersonating their brand to commit fraud. While the cost of phishing attacks isn't always visible, there are very real costs to businesses in the form of email deliverability, brand value and fraud costs. The root cause of this problem is that...

Account takeover-based email scams are climbing fast as the barriers to entry crumble for cybercriminals. But is advanced, AI-driven email protection really the solution? Consider yourself warned: Account takeover (ATO)-based email attacks have surged 126% in just the last year, and now represent the single most successful attack vector against businesses. According to a study from Agari and...

Responding to BOD 18-01, agencies rally to complete the fastest sector-wide adoption of DMARC One year ago, the Department of Homeland Security announced its Binding Operational Directive 18-01 , a mandate for all federal executive branch domains to implement stronger security standards. Specifically, BOD 18-01 required the adoption of HTTPS and DMARC, an email authentication standard that...

Today is the deadline set by the Department of Homeland Security for all executive branch agencies to fully adopt Domain-based Message Authentication, Reporting and Conformance (DMARC) , the email authentication protocol needed to prevent phishing attacks that hijack or mimic their domains. In the past 24 hours, Agari has analyzed federal DMARC adoption on the eve of BOD 18-01 and the results are...

New forms of phishing attacks and other advanced email threats can cost your clients—and your brand—more than you may realize. You could call her a dream client: well-heeled, well-connected, and surely worth a fortune in potential referrals. But when a pair of business email compromise (BEC) attacks against an accountant at her wealth management firm led to $350,000 in losses, the relationship...

NYDFS, HIPAA, GDPR? As Cyber-defenses are Hardened to Comply with an Alphabet Soup of Regulatory Mandates, Organizations are Growing More Vulnerable to Cyberattack—Not Less Name the industry, and it's safe to say that regulatory governance efforts have IT and security teams racing to erect new cyber-defenses to address a rising tide of domestic and international mandates. But if that isn't painful...

Business Email Compromise (BEC) is on the rise, and Office 365 users are among the most heavily targeted. With new LinkedIn-integration features potentially upping the stakes, here's what you need to know now. It's official: Office 365 users will soon be able to co-edit documents from within LinkedIn. But who wins more—businesses and their employees? Or the email fraudsters who increasingly launch...

The email channel has always been the linchpin of your digital marketing operations. But a failure to use something called DMARC could obliterate your deliverability rates, your revenues—even your brand. It's no secret to digital-savvy CMOs that old-school email is a cutting-edge marketing team's killer app. But what you don't know is something called "Domain-based Message Authentication...

A growing number of attacks on businesses and their customers are evading email security systems. Can automation really make the difference? If you’re reading this blog post, chances are your current email security controls are leaving something to be desired. With the sheer volume of email rising fast and cybercriminals continuing to prioritize email over all other threat vectors combined, is...

How many summer internships give you the chance to work on a security solution that's changing the world? I was fortunate enough to be selected for a summer internship at Agari in Foster City, California, where top data scientists, software engineers, IT analysts and others take a data-driven approach to advanced email fraud prevention. A Fantastic Experience During my time working on the...

As email marketing turns 40, more than 90% of companies report fraudsters have impersonated their brand in phishing attacks targeting their customers. Can a new standard known as BIMI be the answer? Forty-years-old and still the center of attention, despite younger competition. It's true: Email marketing's hotter than ever. But it's also facing a growing threat from brand impersonation scams. Can...

You’ve seen headlines like " Facebook and Google were Scammed Out of $100 Million " and " Equifax's Massive Data Breach Has Cost the Company $4 Billion So Far ." Despite significant investments in email security solutions, the threat from an endless barrage of spear-phishing attacks, business email compromise (BEC) schemes, account takeover-based attacks (ATOs) and other advanced email threats...

Losses from business email compromise (BEC) attacks targeting title companies, real estate firms and others are up 136% in just 18 months. Here's what you need to know to avoid becoming the next victim Real estate industry marketers seeking to grow revenues and boost market share are increasingly facing a threat that can decimate their competitive position: Business Email Compromise (BEC) . That's...

Recent Dark Web activity points to a boom in assaults against financial services organizations and their customers—and why advanced email attacks via business email compromise remain cybercriminals’ preferred point of entry A 150% increase in cyberattacks in recent months may have financial services organizations focusing on protecting corporate systems while ignoring their Achilles heel—advanced...