Scams related to COVID-19 helped fuel a 65% increase in employee-reported phishing attacks during the first half of 2020, according to our mid-year Phishing Incident Response Survey of SOC professionals at 13 large organizations spanning a cross-section of industries. Even before the outbreak, phishing was implicated in nearly 7 in 10 corporate data breaches, prompting many organizations to arm...

The first half of 2020 saw 25 additional Fortune 500 companies adopt Domain-based Messaging, Reporting & Conformance (DMARC)—bringing the total to 20% of organizations within the index, according to our H2 2020 Email Fraud and Identity Deception Trends Video . Which is salutatory, to be sure. But it means 80% of the world's biggest companies haven't adopted the standard email authentication...

Coronavirus-related phishing attacks and business email compromise (BEC) scams skyrocketed 3,000% from mid-March through early June, according to mid-year analysis from the Agari Cyber-Intelligence Division (ACID). As chronicled in our H2 2020 Email Fraud & Identity Deception Trends Report , the year began with expectations of record-breaking profits for email threat groups—long before most of us...

In the first reported case of its kind, a phishing ring in Eastern Europe is exploiting companies' own Domain-based Message Authentication, Reporting and Conformance ( DMARC ) controls to impersonate CEOs in business email compromise (BEC) scams worth millions. As detailed in our new threat actor dossier on a group we call Cosmic Lynx , the Agari Cyber Intelligence Division (ACID) has identified...

A seismic shift in the email threat landscape has CISOs bracing for sophisticated new forms of business email compromise (BEC) scams, as phishing's center of gravity begins to tilt from West African email scammers toward Russian and Eastern European cybercrime lords. As detailed in our new threat actor dossier on a threat group we call Cosmic Lynx , the Agari Cyber Intelligence Division (ACID) has...

“At some point, Russian and Eastern European cybercriminals are going to start thinking to themselves, ‘Why am I spending all of this time and money setting up infrastructure and hiring malware developers when I can just send someone an email, ask them to send me money, and they’ll do it.’” For more than a year, this is a line we have used over and over again, expecting that some of the world’s...

With business email compromise (BEC) scams up sharply amid the coronavirus pandemic, CISOs have been forced to scour an expanding but largely inscrutable email threat landscape in hopes of fending off costly attacks—until now, that is. In an industry first, the new Agari Summer '20 Release offers CISOs access to real-world intelligence on specific phishing threats unique to their organizations...

A new Total Economic Impact (TEI) Study from Forrester finds that Agari Phishing Defense™ (APD) delivered results 36% faster than competing solutions, and results in a 97% ROI in just three years. But it turns out that's just the warm-up act. TEI reports are designed to help organizations accurately evaluate potential IT initiatives. In this instance, we commissioned the study so Forrester...

Amid a troubling rise in zero-day phishing attacks, recent research suggests that some companies may be making an ill-advised shift away from blocking advanced email threats to responding to them post-delivery. If true, the capitulation couldn't come at a worse time. Since January, cybercriminals taking advantage of the COVID-19 outbreak have been targeting businesses and individuals with an...

Are you protecting your remote workers against an endless barrage of COVID-19 related phishing attacks by requiring 2-factor authentication (2FA) to log into employee email accounts? Smart move—just don't let it give you a false sense of security.

After barely registering a pulse last year, W2-based business email compromise (BEC) scams are back with a vengeance thanks to coronavirus-related business upheaval. With the 2019 tax filing deadline pushed back to July 15, 2020, and as much as 66% of all corporate employees working from home, operations for many companies have been anything but business as usual. Still we are surprised to see a...

Recently, news broke about how a sophisticated Nigerian cybercriminal organization has been committing mass unemployment fraud against a number of states, including Florida, Massachusetts, North Carolina, Oklahoma, Rhode Island, Washington, and Wyoming. Based on information uncovered by the Agari Cyber Intelligence Division, some, if not all, the actors behind these fraudulent schemes are likely...

The coronavirus pandemic is shining a spotlight on the importance of hosted Domain-based Message Authentication, Reporting, and Conformance ( DMARC ) to prevent cybercriminals from hijacking an organization's domains to launch phishing attacks that put the public at risk. A case in point - the World Health Organization (WHO). The UN's international public health agency has been issuing warnings...

With billions of dollars in stimulus being earmarked for US companies and individuals reeling from the economic fallout of the coronavirus pandemic, business email compromise (BEC) rings are angling for a piece of the pie. At the top of the menu: banks, lenders, and other financial services organizations chartered with managing key facets of this unprecedented distribution effort. But for an...

Since the beginning of February, we have seen more than a 3,000% increase in Coronavirus-themed phishing attacks targeting our customers. The spike in attacks is as logical as it is repugnant. With an estimated 75 million employees more reliant than ever on email during the largest "work-from-home experiment" in history, phishing scammers and other threat actors seem hellbent on exploiting...

Government officials are issuing fresh warnings about COVID-19 related business email compromise (BEC) scams targeting legions of remote workers participating in what has become "the world's largest work-from-home experiment." The troubling rise in success rates for these attacks could have serious implications for the future of email security. In just the last few weeks, cybercriminals...

As cybercrime gangs exploit COVID-19 to target the lonely, victims (and their banks) could get jilted out of millions. Law enforcement agencies around the world are reporting a surge in romance scams as fraudsters seek to cash in on the profound loneliness many people are feeling due to social distancing amid the coronavirus pandemic. Those who fall prey could face financial ruin or get conned...

With a growing number of phishing attacks successfully eluding email security controls, losses for businesses and their customers have been mounting fast—and that's before the current tsunami of email scams seeking to exploit the coronavirus pandemic. The good news: Our Spring '20 Release is here to help change that. Since the beginning of March, Agari scored more than 73 million inbound messages...

With 60 million corporate employees working remotely due to the Coronavirus outbreak, cybercriminals are switching up their tactics in business email compromise (BEC) scams. In what has been called the " world's largest work-from-home experiment ," organizations around the globe are being forced to quickly transition to a remote workforce, ready or not. Cybercriminals have opportunistically...

As if coronavirus hasn't put enough of a damper on vacation schedules this spring, corporate employees taking time off might want to rethink their "out of office" email settings for fear a different threat: Business Email Compromise ( BEC ) scams. Sure, the temptation to share humorous details about your big spring adventure can be irresistible for a certain species of corporate denizen...