As email scammers become more sophisticated and cybercriminals expand their tactics, phishing and BEC attacks from compromised email accounts continue to rise in popularity. We’ve seen a 35% increase in attacks launched from compromised accounts in the last six months. This means that email account takeover-based threats are more prevalent than ever before. And since this is the hardest attack type to protect against, these threats are only going to become more dangerous.
Security incidents hit 81% of organizations over the past twelve months, and internal threats pose a serious challenge for security teams, according to a new report from Osterman Research. The latest research says that the most common incidents are advanced threats—including spear phishing, social engineering, and account takeover-based attacks.
Creating a future where all of our customers can trust their inbox can push Agari engineers to the limits of available technologies. In fact, handling the scaling requirements of Cloud Email Protection has led our Sensor team to test some of the most advanced features of the Python programming language.
In December, the Agari Cyber Intelligence Division (ACID) published a report on a business email compromise group of cybercriminals we call London Blue.
With the 2019 tax season reaching full throttle, a volatile mix of conditions could fuel an unprecedented barrage of W-2 phishing scams through mid-April this year. For the businesses and employees who fall victim, the results can be disastrous.
W-2s, of course, are the IRS documents that United States businesses provide employees after the end of each year, documenting the employee's earnings, tax withholding, Social Security number, and address. The employee must include the information from the W-2 on their income tax returns.
Today, we’re excited to announce a new technology called Agari Continuous Detection and Response (CDR) that will allow customers to go back in time and find latent threats that are sitting in employee inboxes that could lead to data breaches. As Marty McFly would say, ‘“What do you mean go back in time?”
Business email compromise (BEC) fraud is a lucrative venture, and now that industry is expanding in a troubling way—by lowering the barrier to entry so that anyone with a couple hundred bucks can outsource a BEC attack. BEC criminals are organized, behaving in many ways like legitimate businesses.
Ask any security professional what the number one pain point is within their organization, and chances are they’ll say ‘user behavior’…with ‘malware’ coming in as a very close second. And while these issues are very different on the surface, they do have one thing in common: both are often the cause of high-profile data breaches, largely in part to the increased use of spear phishing email exploits by cybercriminals.