Resources

Blog

Phishing with Invisible Ink

You might remember as a child, there was a revelation…invisible ink. Stepping forward to today, there is now a new type of phishing which uses invisible ink, or as it’s also called, ‘zero font’, as a means to beat the spam and phishing filters. Anti-spam / phishing filters work in several different ways; they look for specific words or phrases and there is then a statistical element. If there are...
Press Release

IT Security Wire: Cybersecurity in 2023: Top Three Predictions

In this IT Security Wire article, cybersecurity experts Eric George and Tom Gorup, Vice President of Security Operations at Fortra’s Alert Logic, share their 2023 cybersecurity predictions. Originally published in IT Security Wire "PaaS (phishing-as-a-service) platforms simplify the creation and execution of credential theft phishing attacks which target the customers or employees of enterprise...
Blog

What Is Whaling Phishing & How Does It Work?

“Whaling” phishing fraud attacks target the C-suite of a company which creates high risk of extremely sensitive, mission-critical data being stolen and exposed. Fortunately, protecting the organization from these attacks is possible. Whaling phishing is a type of phishing attack targeting larger, high-value targets, which is why it's called "Whaling." Attackers themselves often pretend to be C...
Blog

Office 365 + DMARC: Best Practices for Protecting Your Company & Customers From Phishing Attacks

In 2021, Gartner includes DMARC, or known by its full name as Domain-based Message Authentication, Reporting & Conformance, in its list of top 10 security projects . With very few exceptions, the best way for organizations to prevent getting impersonated in email attacks is to integrate DMARC into their Office 365-based email ecosystems. To understand why, let’s consider the benefits of deploying...
Video

Simplify Phishing Incident Response, Remediation, and Containment with Agari

In this webinar, enterprise email and security expert Art Chavez, demonstrates how Agari Phishing Response™ automates, simplifies, and accelerates the process of phishing incident response, remediation, and breach containment. You’ll discover valuable insights, and learn how to: Avoid SOC overload through automated prioritization and remediation of user-reported phish emails. Accelerate threat...
Guide

Frost Radar: Email Security Report

Frost & Sullivan has released the Frost Radar: Email Security, providing a benchmarking system to help you protect your email from cyber attacks. Download the report for more information about: Why email is a top threat vector for cyber attacks, and how working from home has increased the risk How the email security market will continue to grow as more organizations transition to the cloud, and...
Guide

Cosmic Lynx Threat Dossier: The Rise of Russian BEC

Cosmic Lynx is a Russia-based BEC cybercriminal organization that has significantly impacted the email threat landscape with sophisticated, high-dollar phishing attacks. In this threat dossier, you’ll discover key details about Cosmic Lynx, including: How Cosmic targets global corporations with incredibly sophisticated BEC attacks How Cosmic Lynx exploits DMARC controls to impersonate corporate...
Guide

2020 Election Security

The 2020 Election Security Poll delves into the issue of election security from the voters’ perspective. Findings include: 69% of registered voters say that foreign interference in 2020 U.S. presidential election campaigns is a threat to U.S. democracy 59% of respondents said receiving a fake/phishing email from one campaign would negatively impact their donation to other 2020 U.S. presidential...
Blog

Email Security: Agari Delivers a Whole New Level of Actionable Insight to Outpace Threat Actors

CISOs and their teams are about to get some serious performance enhancers in their high-stakes race against email security threats. According to the FBI, phishing campaigns, business email compromise (BEC) scams, and other advanced email attacks have resulted in $26 billion in business losses over the course of three years. Then 2020 happened. With 75 million corporate employees even now still...
Blog

What is Email Spoofing & How to Stop Attackers from Spoofing Your Email Address

What is email spoofing, how does it work, and why is it so dangerous to your company? We’ll explain everything you need to proactively stop attackers from spoofing your email address. Email Spoofing: What Is It? Email spoofing is when a fraudster forges an email header’s ‘From’ address to make it appear as if it was sent by someone else, usually a known contact like a high-level executive or...
Blog

Office 365 Phishing Emails: Prevention, Detection, Response

Office 365 phishing emails come in common patterns. I'll list them here and also cover Office 365 anti-phishing features for prevention, detection, and response. Today, the typical Office 365 phishing emails direct users to fake Office 365 Sign-in pages. The victim submits their credentials, effectively handing over their password. Fraudsters use that login to access the victim’s address book...
Blog

Agari Fall ' 20 Release Boosts CISO Confidence in Enterprise DMARC Deployment

With cyber gangs leveraging business email compromise (BEC) attacks that actively exploit their targets' level of DMARC adoption, CISOs have been ratcheting up email security. Until now, the need to dial up defenses against imposters posing as senior executives in email attacks has been increasingly forcing legitimate business correspondence into quarantine. The chain reaction kneecaps commerce...
Blog

Business Email Compromise: New Shift in BEC Threat Landscape Puts CISOs on Notice

A seismic shift in the email threat landscape has CISOs bracing for sophisticated new forms of business email compromise (BEC) scams, as phishing's center of gravity begins to tilt from West African email scammers toward Russian and Eastern European cybercrime lords. As detailed in our new threat actor dossier on a threat group we call Cosmic Lynx , the Agari Cyber Intelligence Division (ACID) has...
Blog

Phishing: With Zero-Day Email Attacks Rising, Are Some Companies Giving Up the Fight?

Amid a troubling rise in zero-day phishing attacks, recent research suggests that some companies may be making an ill-advised shift away from blocking advanced email threats to responding to them post-delivery. If true, the capitulation couldn't come at a worse time. Since January, cybercriminals taking advantage of the COVID-19 outbreak have been targeting businesses and individuals with an...