Anatomy of an Attack

Consumer phishing impersonates your brand with domain spoofing and lookalike emails designed to defraud customers. When your brand is used, consumers lose trust. By not protecting your email-sending domains, you risk blocked mail and poor performance on email marketing campaigns

Customer Phishing
Phase 1
Acquire List

Today's cybercriminals use sophisticated techniques to build target lists, such as leveraging consumer databases and harvesting email addresses stolen through corporate data breaches or purchased on the dark web.

Phase 2
Launch Campaign

Email campaigns sent to these lists impersonate brands that consumers know and trust, and employ identity deception techniques, such as lookalike domains and domain spoofing, to appear legitimate to recipients.

Phase 3
Create Urgency

By creating a sense of urgency through alerts, notifications, password checks and more, these messages use carefully calibrated ploys to trick users into following their call-to-action. Phishing emails typically have an open rate of more than 30%.

Phase 4
Elicit Response

Recipients click phishing site links designed to mimic the impersonated brand's login screen. Once credentials or other personal information is submitted, it's unwittingly surrendered to the criminals.

Phase 5
Reap Rewards

The criminals or their agents log into the victim's legitimate account and transfer money, use a stolen credit card number, or place an order to perpetrate the fraud. Beyond financial losses, consumers spend an average of 23 hours cleaning up the mess—and vent frustration at impersonated brands.

What is Consumer Phishing?

VP of Product Marketing, Seth Knox

Seth discusses brand impersonation and the role of DMARC in email authentication.

The Agari Advantage

Boosts Email Delivery, Opens & Conversations

Customers impacted by a phishing attack impersonating your brand can disengage from your email campaigns, lose faith in your brand, and may even leave with their business.

In a total economic impact study, Forrester identified an average 326%, three-year return on investment from implementing DMARC email authentication, including a $1.1 million reduction in customer support costs and a 10% increase in mail conversion rates.

analyst research
Analyst Research
Forrester: The Total Economic Impact of Agari Brand Protection™
Learn more
Agari Brand Protection™ Explainer
Learn more
Automates and Accelerates Authentication

Discovery of authorized and unauthorized 3rd party senders for DMARC authentication is a cumbersome and time-consuming process.

Agari Brand Protection™ creates, hosts and manages the key SPF, DMARC, and DKIM records required for DMARC authentication, streamlining and simplifying the most time-consuming aspects of authenticating outbound email. With Agari, you can effortlessly identify new senders, manage key rotation, and do away with manual DNS changes.

Delivers Complete Protection Against Phishing

Criminals go to great lengths to spoof your brand, even registering lookalike domains complete with DMARC authentication.

Agari spots all types of impersonation tactics on your domains, enabling you to root out phishing emails and get back to the business of engaging with your customers over email.


Simulated Product Demonstration

Try this simulated product demonstration to see why companies like Aetna, Chase and the United States Postal Service use Agari Brand Protection™ for DMARC email authentication.

Agari Brand Protection™

Automate DMARC email authentication and enforcement to prevent brand abuse and protect your consumers from costly phishing.


Download the Email Fraud & Identity Deception Trends Report

The Agari Cyber Intelligence Division analyzed trillions ...

Learn More
White Paper
Silent Starling Threat Dossier: BEC to VEC

Vendor email compromise is a new form ...

Learn More
Agari Brand Protection™
Watch It Now
H2 2020 Email Fraud & Identity Deception Trends Report: Page 2

Get ahead of the attacks costing organizations ...

Learn More
White Paper
Scattered Canary Threat Dossier

Business email compromise (BEC) has continued to ...

Learn More
authenticated email
Getting Started with DMARC

The reality of email is that cybercriminals ...

Learn More
London Blue Report
White Paper
London Blue Report

Nigeria has been a hub for scammers ...

Learn More
Blog Post
Brand Impersonation Scams Skyrocketing—is DMARC Email Security the Answer?

Don't look now, but a growing number ...

Learn More
Mail Letter

Would you like the confidence to trust your inbox?