Search Close

Anatomy of an Attack

Why is email the #1 attack vector for cyberattacks? Because 30% of employees continue to open spear phishing emails resulting in an average of $1.6 million in stolen assets per campaign.

Phase 1
Identify Targets

Cybercriminals leverage data from corporate breaches, a target's own website, LinkedIn or other social media sites to build their target list.

Phase 2
Prepare Attack

Prior to launching the email attack, cybercriminals develop their payloads including building fake websites of reputable brands or organizations to fool their victims.

Phase 3
Distribute Emails

Emails touting urgency—"Security Alert," a tax-time request for employee W-2s, etc.—are delivered. Attacks are personalized, low volume, and targeted so they're unlikely to be detected.

Phase 4
Reap Rewards

Once the requested action is taken, usually involving clicking a phishing link or opening the attachment, criminals can login to the victim's account or access their system to steal confidential information.

The Agari Advantage

Spear Phishing Attacks
Modeling the Good to Detect the Bad

Spear phishing often looks and feels like a legitimate message which is why they easily bypass legacy email security controls.


Agari Advanced Threat Protection™ evaluates hundreds of email characteristics to “model the good”. By modeling trusted email communications and legitimate sender behaviors, Agari spots the bad, and prevents their email from reaching the inbox.

Best Practices Against Phishing Webinar
Growing Smarter Every Day

It’s not enough to react and detect spear phishing attacks, but to prevent and deter them before they strike. Agari predicts attacks based on understanding the identity and relationships behind the message and on how closely a new message correlates or deviates from known patterns of good email communication.


Even though your business may not have seen a threat, Agari likely has. And because it’s at work already protecting organizations worldwide, it grows smarter and more effective each day.

Osterman Email Threat Trends Whitepaper
artificial intelligence
security team
Automated Phishing Incident Response

Your employees are not security experts and even with security training cannot consistently detect a spear phishing attack, costing Security Operations Centers time and resources to remediate phishing incidents.

Agari Incident Response™ exponentially improves your Security Operations Center  response by up to 95% for employee-reported incident triage, forensics, remediation and containment, while applying the added intelligence to prevent future attacks.

Featured Products

Protect against costly advanced email attacks
Agari Advanced Threat ProtectionTM

Stop sophisticated identity deception threats including spear phishing, business email compromise, and account takeover-based attacks.

Learn more
Agari Incident ResponseTM

Accelerate phishing incident triage, forensics, remediation, and breach containment for the Security Operations Center (SOC).

Learn more


White Paper

London Blue Report

Nigeria has been a hub for scammers since long before the Internet came into wide use, and it remains ...

bec image


What is Business Email Compromise?

More than $12 billion dollars are lost to business email compromise every single year. Here at Agari, ...

behind from lines

White Paper

Behind the 'From' Lines: Email Fraud on a Global Scale

Organized criminals are targeting businesses with identity deception attacks that cause financial losses ...

Solution Brief

Stop Identity-Based Email Attacks

Today’s modern identity-based email attacks exploit the identity of trusted colleagues and brands. ...

identity deception


Identity Deception: The New Threat

New email security threats are a $5 billion dollar problem, as criminals exploit trusted identities to ...

social engineering email


What is Social Engineering?

Social engineering is the use of idiosyncracies in the way our brains work to trick us into doing something ...

Mail Letter

Would you like the confidence to trust your inbox?