Resources

On-Demand Webinar

Cosmic Lynx Threat Disorder: The Rise of Russian BEC

In this webinar, Agari Sr. Director of Threat Research, Crane Hassold discusses Cosmic Lynx, the first-ever reported Russian BEC criminal organization, and how the group has significantly impacted the email threat landscape with sophisticated, high-dollar phishing attacks.
Video

Shining a Light on BEC Risk and Fraud: How Active Engagement Closes the BEC Intelligence Gap

Business Email Compromise (BEC) costs organizations like yours $9 billion every year. These hard-to-detect phishing schemes drive more than 40% of all cybercrime losses. But threat intelligence and fraud prevention teams have had little visibility into the scope of their risk, the BEC attack cycle, or threat actors’ objectives and methods. That’s about to change. Agari Active Defense leverages an...
Video

How and Why COVID-19 is Being Used for BEC and Phishing Attacks

Phishing and Business Email Compromise (BEC) attacks always take advantage of natural disasters and personal misfortune to target even the most vulnerable among us. This time is no different as we are all experiencing the COVID-19 outbreak, but the tactics can be spotted and defeated. In this webinar Crane Hassold, Agari's former Senior Director of Threat Research, provides an inside look into the...
Video

Informatica Gains Visibility into Threats by Using Fortra

Listen to Bill Burns, Chief Trust Officer and VP of Business Transformation for Informatica, speak about his experience working with Fortra's Agari. Transcript I'm Bill Burns, Chief Trust Officer and VP of Business Transformation for Informatica. I've been working with Fortra's Agari for about six years at previous companies, introducing them to solve specific problems and I'm bringing Fortra's...
Guide

Anatomy of a Compromised Account

Credential phishing leads to compromised accounts, and compromised accounts lead to more credential phishing. In order to uncover the mechanics, the Agari Cyber Intelligence Division seeded more than 8,000 phishing sites with fake credentials and then monitored what happened next. In this report, you’ll discover more about how cybercriminals access and use compromised accounts, including How 50%...
Guide

Exaggerated Lion Threat Dossier: BEC Check Fraud Ring

Exaggerated Lion is a BEC cybercrime ring that operates out of Africa with members in Nigeria, Ghana, and Kenya. This is one of the most prolific BEC groups ever discovered, targeting more than 3,000 employees at nearly 2,100 companies throughout the United States. Download this report for details including: How they name, register and host domains disguised to mimic trusted infrastructure. Their...
Guide

Behind the 'From' Lines: Email Fraud on a Global Scale

Organized criminals are targeting businesses with identity deception attacks that cause financial losses and broken trust, but Agari is changing the game. Using responsible active defense techniques to analyze criminal email accounts, the Agari Cyber Intelligence Division (ACID) unmasked 10 cybercriminal groups during a 10-month period. ACID has used the results of its work to: Warn financial...
Guide

Silent Starling Threat Dossier: BEC to VEC

Vendor email compromise is a new form of advanced email attack that uses compromised email accounts to target the global supply chain. With the cybercriminal group we’ve named Silent Starling, we see how devastating these attacks can be. Download the threat actor dossier to: How Silent Starling uses phishing email lures to target their victims Why compromised email accounts make email attacks easy...
Guide

Scattered Canary Threat Dossier

Business email compromise (BEC) has continued to grow into a billion-dollar industry as cybercriminals turn to it as their preferred scam. But with the West African gang we’ve named Scattered Canary, we have deeper insight into how BEC is connected to the rest of cybercrime, and why it has grown in recent years. Download the threat dossier to learn: How Scattered Canary grew from a one-man startup...
Guide

Scarlet Widow Part 2: BEC Bitcoin Laundry—Scam, Rinse, Repeat

While many cybercriminal gangs scam medium-sized and large corporations, Agari has now uncovered and documented the practices of a Nigeria-based scammer group, dubbed Scarlet Widow, that has evolved a different strategy focused on more vulnerable sectors such as school districts, universities, and nonprofits. In this report, we uncover: How Scarlet Widow transitioned from romance scams to tax...
Guide

Cosmic Lynx Threat Dossier: The Rise of Russian BEC

Cosmic Lynx is a Russia-based BEC cybercriminal organization that has significantly impacted the email threat landscape with sophisticated, high-dollar phishing attacks. In this threat dossier, you’ll discover key details about Cosmic Lynx, including: How Cosmic targets global corporations with incredibly sophisticated BEC attacks How Cosmic Lynx exploits DMARC controls to impersonate corporate...
Guide

Threat Intelligence Brief: The Geography of BEC

Business Email Compromise (BEC) is a worldwide scourge affecting more than three-fourths of the world’s economies. Around the globe, BEC cybercriminals operate with impunity to steal $26 billion each year. The Agari Cyber Intelligence Division conducted nearly 10,000 active engagements with BEC threat actors and captured the scope of BEC’s global footprint and trends. In this report, you’ll...
Press Release

Agari Identifies First-ever Reported Russian BEC Cybercriminal Ring Targeting Executives in 46 Countries Across Six Continents

FOSTER CITY, Calif. (July 7, 2020) -- Agari , the market share leader in phishing defense solutions for the enterprise, revealed today details of the threat actor group dubbed Cosmic Lynx, the first-ever reported Russian cybercriminal ring to conduct business email compromise (BEC) phishing scams. This is a historic shift to the global email threat landscape and portends new and sophisticated...
Guide

Domains Associated with Exaggerated Lion BEC Campaigns

Below is the list of domains associated with Exaggerated Lion BEC Campaigns. You can access the PDF version of this list by clicking the "Download PDF Version" button at the top of this page. 1secure-portal-server.online admin-office-exec-ssl-secure-server-portal-exec.management admin-office-exec-ssl-secured-server-portal-exec.management admin-server-apps.management admin-servers-apps.management...
Blog

Customer Phishing Protection Couldn’t Be Easier with PhishLabs' Digital Risk Protection

It’s not news that cybercrime is a constant battle—large enterprises and small businesses everywhere are susceptible to a myriad of advanced email threats and socially engineered attacks , such as executive or brand impersonation. According to IC3’s Internet Crime Report, over $44 million in losses in 2021 were a direct result of malicious phishing and advanced email scams. Despite billions having...
Press Release

Blunting BEC Capers that Continue to Target and Devastate SMBs and Enterprises

In his guest blog on The Last Watchdog, John Wilson looks at why Business Email Compromise (BEC) attacks are on the rise, how they are orchestrated, and what organizations can do to stop this all-too-common attack vector. Excerpt: "BEC is a growing concern, and attackers have taken full advantage of the upheaval the COVID-19 pandemic has caused to ramp up their efforts. These campaigns are hard to...
Blog

Common Phishing Email Attacks | Examples & Descriptions

What does a phishing email look like? We've compiled phishing email examples to help show what a spoofed email looks like to prevent against phishing attacks. Brand deception phishing is the most common example of phishing people will come across. Brand deception phishing occurs when an attacker mimics a trusted company in an email and asks someone for their personal information like credit card...
Blog

What Is Email Phishing? Protect Your Enterprise

Phishing emails can steal sensitive data and cost companies' their reputation. However, protecting a company from these scammers doesn't need to be difficult. What Is Email Phishing? Phishing is when an attacker mimics a trusted person or brand in an attempt to steal sensitive information, or gain a foothold inside a company network. While phishing emails are by far the most popular, these attacks...
Press Release

Phishing Sustain Near- Record Levels Through the First Half of 2021

Agari by Fortra features in APWG's Q2 Phishing Activity Trends Report. Here are some highlights: APWG saw 222,127 attacks in June 2021, the third worst month in APWG’s reporting history. Financial institutions and social media sectors were the most frequently victimized. Increases in vishing and smishing continue to be observed. Vishing is phishing advertised via voice messages, and smishing is...