Blog

Blog

The Unthought About Risks of Encryption

We hear a lot about encryption in this day in age, particularly around it being the panacea for compliance with data protection regulations. It’s true it can be a component of an information security and compliance strategy, but there are a variety of different encryption options available on the market today, so care needs to be taken with selecting the right solution to ensure it doesn’t turn into a nightmare resulting in non-compliance.
Blog

Internal Intruders: Stopping Insider Threats Requires Smarter Tech and Better Training

Security incidents hit 81% of organizations over the past twelve months, and internal threats pose a serious challenge for security teams, according to a new report from Osterman Research. The latest research says that the most common incidents are advanced threats—including spear phishing, social engineering, and account takeover-based attacks. The report also says that too many organizations ...
Blog

Using ML to Stop Latent Email Attacks That Dodge Early Detection

When implemented effectively, real-world deployments of machine learning (ML)-based email security can block business email compromise (BEC) scams, phishing campaigns, and other advanced email threats. But sometimes, it's what happens when a malicious email is somehow able to evade early detection that can matter most to that effort. According to recent research, 22.9 phishing attacks are...
Blog

BIMI Moves Forward as Google Commits to Pilot Program

BIMI is going big time like never before—and brands won't want to get left behind. In a major announcement this week, Internet search giant Google revealed it has joined the AuthIndicators Working Group and committed to a pilot program for BIMI. For those unfamiliar with the term, Brand Indicators for Message Identification (BIMI) is a standardized way for inboxes to display brand logos beside...
Blog

Weaponizing Accounts Receivable

Receipts and invoices—two accounting powerhouses that require little introduction. But step a little further into the world of finance and accounts, and you can quickly become a fish out of water, as the terminology to this numerical land seems to multiply exponentially.That said, in some of our recent active defense engagements with BEC cybercriminals, we have observed a new way scammers are...
Blog

Businesses Grow More Vulnerable to Email Attacks, Even with Improved Defenses

Cybercriminals increasingly use new forms of identity deception to launch an email attack to target your weakest link: humans.Call it a case of locking the back window while leaving the front door wide open. Throughout the last year, a number of reports have surfaced about sophisticated cyberattacks that are proving all too successful at circumventing the elaborate defenses erected against them...
Blog

Restoring Trust to Digital Communications: How Smart Communities Model the Good

Legacy email security systems are failing, as more enterprises migrate their emails to the cloud and cyber-attacks become more professional and difficult to detect. Companies in all industries and government agencies simply are not moving fast enough to counter the increasingly sophisticated threats like business email compromise (BEC) and account takeover attacks. The first part of this two-part...
Blog

‘Til Death Do Us Part… Romance Scams and the BEC Game

When we think of business email compromise (BEC), the first thing that comes to mind is likely an executive spoof—an email sent to an employee from someone pretending to be the CEO or other high-profile executive. One of the things that people don’t traditionally think about is love, or more specifically, the role that romance victims play in the BEC game. Behind the Scenes with a Romance Scam...
Blog

BEC: Just Defend Against Business Email Compromise or Strike Back?

With losses from business email compromise rising fast, the active defense movement is generating buzz—but what are the ramifications? Why just raise the shield without wielding the sword, too?Organizations in the United States shouldered over one billion in losses from BEC in the last year alone, so the notion of using active defense measures that strike back at fraudsters seems to be gaining new...
Blog

How to Win the Competition for Top Talent—And Keep Your New Hires on Board

What is the biggest obstacle right now to recruiting and retaining great talent? Simply put, there is not enough supply to meet demand—and there may not be any time soon. The most recent jobs data put the national unemployment rate at 3.6%, the lowest it’s been in half a century. Across the country, there are more open jobs than people without work. That means employers in industries from tech to...
Blog

The 4 Fundamentals of AI-Based Email Security

Predictive, AI-based email security is proving to be remarkably effective at protecting against today's most advanced business email compromise (BEC) scams, phishing attacks, and other rapidly evolving email threats. But only when it's done right. According to the FBI, targeted email attacks doubled last year, leading to $1.2 billion in business losses. Nearly 30% of all email attacks are...
Blog

Ticket to Fraud: Airline Industry Sees Increased Consumer Phishing Scams

For many, there are few things more satisfying than receiving an email confirmation for a flight just booked to a tropical location for a much-needed vacation. Most people love traveling, especially to favorite destinations or to explore new locales. The opposite of that feeling? The immediate pang of anxiety a consumer feels when getting a notification for a ticket that they in fact never...
Blog

Strategies for Testing Async Code in Python

Creating a future where all of our customers can trust their inbox can push Agari engineers to the limits of available technologies. In fact, handling the scaling requirements of Cloud Email Protection has led our Sensor team to test some of the most advanced features of the Python programming language. To maintain quality while using these features, our team created some of the first approaches...
Blog

Email Security: Using ML to Prevent Advanced Attacks

According to Verizon's 2024 DBIR report, the statistics on data breaches still remain grim. While email dropped behind compromised credentials through Web applications as the top vector spot, it is still the second-leading point of entry responsible for over a quarter of breaches. The good news is Verizon's partner simulation engagement data conducted in 2023 showed improvement from prior years–20...
Blog

Paying the Piper: What We Learned From the British Airways Fine

Protecting your data using Clearswift’s Secure Web Gateway solution and Secure ICAP Gateway deployed in both forward- and reverse-proxy modes and used to mitigate advanced threats on web pages. It also helps keep your business compliant.
Blog

Restoring Trust to Digital Communications: Working with Human Nature

Cybercriminals have used email to scam more than $13 billion out of organizations since 2013, according to the most recent Internet Crime Report. Phishing is rising by the day, and despite advancing threat-detection technology, the problem is getting worse. Why? Fraudsters are becoming more sophisticated at identifying targets and crafting messages that evade traditional secure email gateways....
Blog

Email Security: Using AI to Prevent Business Email Compromise

Business email compromise (BEC), phishing, and ransomware are growing ever-more targeted and personalized, changing the face of email security from an event that happens at email delivery to a continuous process of detection and remediation. As enterprises move email to the cloud, more of these attacks are never-before-seen, zero-day events targeting unreported security gaps. Others arrive as...
Blog

Next-Generation Cyber Threats: Images

Traditional Data Loss Prevention (DLP) technology provides protection against the traditional threat of someone trying to send a file to an unauthorized individual, but it required a step change to enable Adaptive Data Loss Prevention with Deep Content Inspection (DCI) to address threats such as ransomware that is delivered embedded in innocuous-looking documents. Clearswift delivered our first version of Adaptive Redaction in 2013 and have continuously improved the technology in every release since then.
Blog

5 Reasons Why I Joined Agari as Chief Business Development and Strategy Officer

A 300% increase in phishing attacks in just twelve months, with more than 40% launched using cloud-based email, URLs, or both. As many as 1.5 million malicious emails sent from hijacked Office 365 accounts on a monthly basis. Average losses of $2 million for the businesses they victimize—and $7.9 million in additional average costs when they result in a data breach.Unfortunately, these numbers are...