Resources

On-Demand Webinar
On-Demand Webinar

Email Impersonation and Machine Learning

Over 98% of threats reaching user inboxes impersonate individuals or brands to slip past email filters. In this video, Fortra’s Advanced Email Security experts discuss how machine learning models can help detect and remove email impersonation threats at scale. You’ll learn: The machine learning applications for comprehensive email threat detection How mapping email senders informs models to ferret...
On-Demand Webinar
On-Demand Webinar

QR Codes That Aren't Cool Webinar

Threat adversaries have pivoted their credential phishing and BEC tactics in order to bypass security stacks. In this video, Fortra’s Advanced Email Security expert, Dr. Steve Jeffery, discusses how the QR code has become the carrier of choice for delivering payloads via email and what your organization needs to put in place to stop them. You’ll learn: How human and machine mitigations help ward...
Advanced Persistent Threats (APT)
Business Email Compromise
Spear Phishing
Advanced Threat Protection
Anti-Phishing
Cloud Email Security
On-Demand Webinar
On-Demand Webinar

DMARC Revisited: Email Authentication in 2024

Implementing DMARC is one of the simplest ways to prevent email spoofing and ensure consistent email deliverability. Agari DMARC Protection will lead you through a safe and efficient DMARC implementation with features that allow you to: Catalogue and authenticate all legitimate senders–both 3rd-party and internal Navigate past common authentication pitfalls Comply with today’s major email provider...
Advanced Persistent Threats (APT)
Business Email Compromise
Spear Phishing
Advanced Threat Protection
Anti-Phishing
Cloud Email Security
man-laptop
Blog
Blog

DMARC Quarantine vs. DMARC Reject: Which Should You Implement?

Tue, 06/20/2023
You did it! You can now take a quiz and accurately answer "What Is DMARC?"! Next you've generated your DMARC record, implemented your policy, and authenticated your email domains. DMARC is no easy feat in itself and now, after DNS requests, third-party conference calls and writing internal policies, you are ready...to enforce a stricter DMARC policy ! If your DMARC policy has been set to p=none...
Cloud Email Security
DMARC Email Authentication
Blog
Blog

Dark Web Focus on Credit Unions Increases in Q1

Thu, 06/15/2023
In Q1, Credit Unions nearly surpassed Banking Institutions as the top targeted industry on the dark web . Just under 36% of stolen card data on dark web platforms was linked to Credit Unions, marking the fourth consecutive quarter the industry has seen an increase in malicious activity. Every quarter, Fortra’s PhishLabs analyzes hundreds of thousands of attacks targeting enterprises and our...
man in front of laptop looking at mobile phone
Blog
Blog

Social Media Attacks Targeting Banks and Retail Climb in Q1

Thu, 06/08/2023
Social media attacks targeting businesses have jumped 12.2% in Q1 from the previous quarter, according to Fortra’s PhishLabs. Attacks on social channels are also trending higher than Q1 2022, with the average business experiencing more than 81 attacks per month. External platforms, such as social media , are widely used by cybercriminals to engage in fraud and distribute misinformation...
Blog
Blog

Untrustworthy Email in Inboxes Reaches All-Time High

Thu, 06/01/2023
In Q1, the volume of emails classified as malicious or do not engage reached nearly a quarter of all reported emails. This is the highest combined volume of these categories since Fortra’s PhishLabs has documented this data point. Of those classified as malicious, threats considered email impersonation or, those lacking known signatures, made up a significant 98.7%. Every quarter, PhishLabs...
Blog
Blog

Free Domain Abuse Plummets in Q1 as Staging Methods Shift

Thu, 05/25/2023
Free domain registrations used to stage phishing sites have experienced a significant drop in activity, contributing to just under 2% of phishing abuse in Q1. Free domain registrations and other no-cost means of staging phishing infrastructures are historically a favorite of threat actors. While no-cost methods as a whole did make up the majority of abuse in Q1, the decline in free domains can be...
Blog
Blog

Top Tactics of BEC Attacks in 2023

Thu, 04/27/2023
Email impersonation is the fastest growing and most successful means of bypassing email security controls. In Q4 2022, the response-based and credential theft attacks that make up email impersonation reached their highest percentage of share of all email threat volume, contributing to more than 97% of attacks reported by end users. In this series, we look at the top email impersonation threats...
Blog
Blog

Emotet Returns from Hiatus, Trails QBot in Q1 Volume

Thu, 04/13/2023
QBot and Emotet payloads contributed to more than 93% of reported payload volume in Q1, according to Fortra’s PhishLabs. While QBot represented the majority of attacks, this is the first known activity by Emotet actors since 2022 and the largest spike in Emotet reports since Q2 of last year. Email payloads remain the primary delivery method of ransomware targeting organizations. PhishLabs’...
On-Demand Webinar
On-Demand Webinar

What's Making It Past Secure Email Gateways?

Thu, 04/13/2023
How frequently are advanced threats actually bypassing your email security controls? One of the greatest challenges to protecting end users from high impact email attacks is detecting identity deception. Fortra has conducted an analysis of real end user phishing reports to determine which advanced threat types evade common secure email gateways and the frequency which they occur to better...
Cloud Email Security
Blog
Blog

What to Know About Business Email Compromise (BEC) Scams

Thu, 04/06/2023
Business email compromise (BEC) is a dangerous type of email spoofing that targets businesses, aiming to damage them in some way. Overall, BEC “is one of the most financially damaging online crimes,” according to a joint Cybersecurity Advisory by the Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of...
Blog
Blog

What is the Relationship Between Ransomware and Phishing?

Thu, 03/30/2023
Ransomware and phishing are usually put in two separate categories when cyberattack methodologies are discussed. However, ransomware operators are increasingly leveraging phishing tactics to deploy their malicious payloads, and the potential for compromise is exponentiating as a result. Ransomware and Phishing - a match made in heaven Phishing is the number one delivery vehicle for ransomware...
Blog
Blog

DRP Solutions Market Guide

Thu, 03/16/2023
The demand for Digital Risk Protection (DRP) is on the rise as cybercriminals are increasingly targeting businesses on channels outside the corporate firewall. According to Frost & Sullivan’s latest Frost Radar Global DRP Report , the traditional security perimeter has changed, and unlike phishing attacks that can be managed and mitigated through internal controls, these threats live on spaces not...
On-Demand Webinar
On-Demand Webinar

Is Microsoft Email Security Enough?

Wed, 03/15/2023
As Microsoft’s security capabilities continue to evolve, many organizations are questioning how much they should rely on Microsoft for their email security needs. This video includes email security experts from Fortra discussing enterprise email security requirements and how Microsoft fits into an organization’s email security strategy and stack. Learn: • How to evaluate Microsoft’s role in your...
Cloud Email Security
Email Security for Office 365
Blog
Blog

Stolen Credit Union Data on Dark Web Hits High in Q4

Fri, 03/10/2023
In Q4, Dark Web activity targeting Credit Unions reached its highest count in five consecutive quarters, according to Fortra’s PhishLabs. Attacks on Credit Unions jumped significantly during the second half of 2022, with threat actors advertising stolen card data from these institutions almost as frequently as National/Regional Banks. Data tied to financial institutions is considered especially...
Blog
Blog

Impersonation Represents the Top Social Media Threat in Q4

Thu, 03/02/2023
Social media attacks targeting organizations closed out 2022 nearly 19% higher than Q4 of 2021, according to Fortra’s PhishLabs. Social platforms continue to act as a hotbed for malicious activity, leaving organizations of all sizes vulnerable to impersonation and abuse. As of Q4, businesses can expect an average of 72.54 attacks on social media per month. PhishLabs analyzes hundreds of thousands...
Person reporting emails on laptop
Blog
Blog

Response-Based Email Attacks Reach Inboxes More Than Any Other Threat in Q4

Thu, 02/23/2023
In Q4, Response-Based phishing attacks were the top reported threat by end users, according to Fortra’s PhishLabs. While threats categorized as Credential Theft and Malware continue to bypass even the top secure email gateways, this is the second consecutive quarter where Response-Based attacks have led all categories. Response-Based attacks typically lack malicious indicators and instead rely...
Agari blog thumbnail
Blog
Blog

More than Half of All Phishing Sites Impersonate Financials in Q4

Thu, 02/16/2023
Phishing sites impersonating reputable organizations continue to represent the top online threat to businesses and their brands. In Q4, Financial Institutions were targeted most by credential theft phish, experiencing the largest share of malicious sites recorded since 2021, according to Fortra’s PhishLabs. Within the group, criminals capitalized on the broad customer bases and recognizable names...
Agari blog thumbnail
Blog
Blog

Healthcare: Top Trends Threatening the Privacy of Patient Data

Thu, 02/09/2023
The cyber-threat landscape is rapidly evolving, and it is becoming increasingly difficult to comply with new regulations and protect against the loss of patient. While the majority of news reports focus on malicious external threats and actors, 65 percent are the result of internal leaks. In addition, 73 percent of those are the result of inadvertent sharing of information. Challenges in...
Advanced Threat Protection