Resources

email spoofing
Blog
Blog

How to Protect Against BEC from Inception to Inbox

By Monica Delyani on Mon, 05/06/2024
What Is Business Email Compromise (BEC)? Business email compromise (BEC) is a dangerous and pervasive type of email spoofing that targets businesses, aiming to damage them in some financial or reputation-based way. It does so via deceptive tactics, such as CEO or executive impersonation, allowing BEC attacks to evade security filters, leading to fraud, compromised accounts, and data leakage. Other...
Cloud Email Security
Live Webinar
Live Webinar
May
22

Is Microsoft Email Security Enough in 2024?

-
John Wilson |
Chris Spencer
While Microsoft offers tiers of security features, their email security capabilities may not be enough on their own. In this webinar, Fortra experts discuss possible shortcomings in Microsoft email security and how adding solutions to fill the gaps can protect better against advanced email threats.
Cloud Email Security,
Email Security for Office 365
FREE
In CDT
Datasheet
Datasheet

Suspicious Email Analysis

Detect, Analyze & Mitigate Advanced Threats Enterprises struggle to stop email threats from routinely reaching user inboxes, leading to Business Email Compromise (BEC) and ransomware attacks. While users become more adept at identifying suspicious emails and enterprises invest in increasingly sophisticated email security stacks, threat actors continue to deploy emails designed to trick employees...
Advanced Persistent Threats (APT)
Advanced Threat Protection
Video
Video

QR Codes That Aren’t Cool – How to Defend Your Inbox from Quishing Attacks

Wed, 06/21/2023
Most organizations have security controls in place to inspect URLs in emails to prevent the risk of credential phishing and business email compromise (BEC) attacks. However, threat adversaries have pivoted their tactics in order to bypass security stacks. The QR code is now the carrier of choice for delivering these types of payloads via email. Is your organisation ready to tackle this new...
Advanced Persistent Threats (APT)
Advanced Threat Protection
Anti-Phishing
Phishing
Blog
Blog

Phishing with Invisible Ink

Fri, 02/03/2023
You might remember as a child, there was a revelation…invisible ink. Stepping forward to today, there is now a new type of phishing which uses invisible ink, or as it’s also called, ‘zero font’, as a means to beat the spam and phishing filters. Anti-spam / phishing filters work in several different ways; they look for specific words or phrases and there is then a statistical element. If there are...
Cloud Email Security
Press Release
Press Release

IT Security Wire: Cybersecurity in 2023: Top Three Predictions

In this IT Security Wire article, cybersecurity experts Eric George and Tom Gorup, Vice President of Security Operations at Fortra’s Alert Logic, share their 2023 cybersecurity predictions. Originally published in IT Security Wire "PaaS (phishing-as-a-service) platforms simplify the creation and execution of credential theft phishing attacks which target the customers or employees of enterprise...
Blog
Blog

What Is Whaling Phishing & How Does It Work?

Mon, 10/03/2022
“Whaling” phishing fraud attacks target the C-suite of a company which creates high risk of extremely sensitive, mission-critical data being stolen and exposed. Fortunately, protecting the organization from these attacks is possible. Whaling phishing is a type of phishing attack targeting larger, high-value targets, which is why it's called "Whaling." Attackers themselves often pretend to be C...
Advanced Persistent Threats (APT)
Business Email Compromise
Spear Phishing
Cloud Email Security
Press Release
Press Release

Forbes: 8 Ways To Keep Your Social Security Number Safe From Identity Theft

It’s difficult to control your Social Security number in the wild. In his September contribution to Forbes Advisor, John Wilson discusses the most common scams involving Social Security numbers and provides 8 steps individuals can take to prevent identity fraud. Originally published in Forbes Advisor : “For too many of us, our SSNs are already in the hands of miscreants, along with our other...
Press Release
Press Release

The Last Watchdog: The Drivers Behind Persistent Ransomware and Defensive Tactics to Deploy

In his guest essay for The Last Watchdog, Eric George, Director of Solutions Engineering at PhishLabs by, explains what ransomware is, who the high-stake threat actors are, and how organizations can defend themselves against ransomware attacks. Originally published in The Last Watchdog “Ransomware usually starts with a phishing email. An unsuspecting employee will open a legitimate-looking message...
Blog
Blog

Office 365 + DMARC: Best Practices for Protecting Your Company & Customers From Phishing Attacks

By John Wilson on Mon, 08/15/2022
In 2021, Gartner includes DMARC, or known by its full name as Domain-based Message Authentication, Reporting & Conformance, in its list of top 10 security projects . With very few exceptions, the best way for organizations to prevent getting impersonated in email attacks is to integrate DMARC into their Office 365-based email ecosystems. To understand why, let’s consider the benefits of deploying...
Cloud Email Security
DMARC Email Authentication
Email Security for Office 365
Guide
Guide

Frost Radar: Email Security Report

Frost & Sullivan has released the Frost Radar: Email Security, providing a benchmarking system to help you protect your email from cyber attacks. Download the report for more information about: Why email is a top threat vector for cyber attacks, and how working from home has increased the risk How the email security market will continue to grow as more organizations transition to the cloud, and...
Cloud Email Security
DMARC Email Authentication
Scattered Canary Guide
Guide
Guide

Scattered Canary Threat Dossier

Business email compromise (BEC) has continued to grow into a billion-dollar industry as cybercriminals turn to it as their preferred scam. But with the West African gang we’ve named Scattered Canary, we have deeper insight into how BEC is connected to the rest of cybercrime, and why it has grown in recent years. Download the threat dossier to learn: How Scattered Canary grew from a one-man startup...
Advanced Persistent Threats (APT)
Business Email Compromise
Data Breach
Spear Phishing
Guide
Guide

Scarlet Widow Part 2: BEC Bitcoin Laundry—Scam, Rinse, Repeat

While many cybercriminal gangs scam medium-sized and large corporations, Agari has now uncovered and documented the practices of a Nigeria-based scammer group, dubbed Scarlet Widow, that has evolved a different strategy focused on more vulnerable sectors such as school districts, universities, and nonprofits. In this report, we uncover: How Scarlet Widow transitioned from romance scams to tax...
Advanced Persistent Threats (APT)
Business Email Compromise
Social Engineering
Guide
Guide

Cosmic Lynx Threat Dossier: The Rise of Russian BEC

Cosmic Lynx is a Russia-based BEC cybercriminal organization that has significantly impacted the email threat landscape with sophisticated, high-dollar phishing attacks. In this threat dossier, you’ll discover key details about Cosmic Lynx, including: How Cosmic targets global corporations with incredibly sophisticated BEC attacks How Cosmic Lynx exploits DMARC controls to impersonate corporate...
Advanced Persistent Threats (APT)
Business Email Compromise
Spear Phishing
Advanced Threat Protection
Anti-Phishing
Cloud Email Security
Guide
Guide

2020 Election Security

The 2020 Election Security Poll delves into the issue of election security from the voters’ perspective. Findings include: 69% of registered voters say that foreign interference in 2020 U.S. presidential election campaigns is a threat to U.S. democracy 59% of respondents said receiving a fake/phishing email from one campaign would negatively impact their donation to other 2020 U.S. presidential...
Advanced Persistent Threats (APT)
Advanced Threat Protection
Cloud Email Security
Blog
Blog

Email Security: Agari Delivers a Whole New Level of Actionable Insight to Outpace Threat Actors

Sun, 01/24/2021
CISOs and their teams are about to get some serious performance enhancers in their high-stakes race against email security threats. According to the FBI, phishing campaigns, business email compromise (BEC) scams, and other advanced email attacks have resulted in $26 billion in business losses over the course of three years. Then 2020 happened. With 75 million corporate employees even now still...
Advanced Persistent Threats (APT)
Business Email Compromise
Advanced Threat Protection
Cloud Email Security
DMARC Email Authentication
Blog
Blog

What is Email Spoofing & How to Stop Attackers from Spoofing Your Email Address

Tue, 12/15/2020
What is email spoofing, how does it work, and why is it so dangerous to your company? We’ll explain everything you need to proactively stop attackers from spoofing your email address. Email Spoofing: What Is It? Email spoofing is when a fraudster forges an email header’s ‘From’ address to make it appear as if it was sent by someone else, usually a known contact like a high-level executive or...
Advanced Persistent Threats (APT)
Consumer Phishing
Spear Phishing
Advanced Threat Protection
Anti-Phishing
Cloud Email Security
Blog
Blog

Office 365 Phishing Emails: Prevention, Detection, Response

Tue, 11/24/2020
Office 365 phishing emails come in common patterns. I'll list them here and also cover Office 365 anti-phishing features for prevention, detection, and response. Today, the typical Office 365 phishing emails direct users to fake Office 365 Sign-in pages. The victim submits their credentials, effectively handing over their password. Fraudsters use that login to access the victim’s address book...
Cloud Email Security
Email Security for Office 365