Blog

Blog

Forging the Future of Agari Product Development

Wed, 04/03/2019
As someone who joined Agari nearly five years ago as part of the core team building our breakthrough email security solutions, I am extremely proud of what we built, and I can't wait for you to see what's next. This is—after all—a race against time. In the battle against costly spear phishing attacks, business email compromise (BEC) scams, and other advanced email threats, serious solutions can...
Data security
Blog

Fighting the War at Home: How Your Employees are Your Greatest Asset in the Battle Against Data Loss

Tue, 04/02/2019
Sun Tzu once stated that: “The supreme art of war is to subdue the enemy without fighting” and two and a half thousand years later his rhetoric stands the test of time, as today we are seeing this ancient ideal applied in the most modern of battlegrounds: the fight against cyber-crime. To tackle both the malicious and accidental data loss threat, organizations need to have preventative technology...
Email Data Loss Prevention
Email Security
Web Security
Blog

Why iTunes? A Look into Gift Cards as an Emerging BEC Cash Out Method

Wed, 03/27/2019
One of the trends that has been slowly creeping up across the BEC threat landscape is that actors are using other techniques in order to get money outside of an organization. While a traditional BEC attack includes instructions for wiring money outside of the organization, more and more actors are asking for a large number of gift cards instead of the classical request of “Please wire $30,000 to...
Advanced Persistent Threats (APT)
Business Email Compromise
Blog

Protecting our Clients from Email Spoofing: Our DMARC Journey

Tue, 03/26/2019
This post originally appeared on the Armadillo Blog and has been lightly edited for clarity. Most organizations have been successful in blocking malicious emails targeted at their employees, at least to some extent. Various on-premise and cloud providers exist to take care of anti-spam, anti-virus, reputation scores, and advanced features such as sandboxing of executables.As a service provider...
DMARC Email Authentication
SPF
DKIM
Cloud Security
Blog

A Business World in the Clouds

Fri, 03/22/2019
Safeguarding Against the Security Pitfalls of Cloud-Based PlatformsMajority of us are intimately familiar with the concept of ‘the Cloud’, the seemingly omnipresent information sharing and storage solution. But how much do you know about the security systems that defend it? Most of you may already be using cloud-based programs such as GoogleDocs, DropBox or, more commonly, Microsoft 365 – the...
Cloud Email Security
Email Data Loss Prevention
Email Security
Microsoft Office 365
Blog

Email-Based Bank Impersonation Scams Hit Where It Hurts Most

Thu, 03/21/2019
We all know that phishing attacks came fast and furious. Timed and tailored for maximum effect, these malicious email messages exploit the cruelest of social engineering tactics, preying on customer anxieties, especially in the aftermath of major crises.This past May, UK banking giant TSB experienced one of these phishing-related emergencies. First came breaking news of a massive system meltdown...
Blog

BEC Goes Mobile as Cybercriminals Turn to SMS

Tue, 03/19/2019
Business email compromise (BEC) is a term that encompasses a variety of techniques and tactics that cybercriminals leverage to obtain money or data via identity deception. Despite the evolution and repurposing of this suite of associated tactics, one constant has remained throughout—the correspondence between scammer and victim is done, almost without exception, over email. This foundational...
Blog

W-2 Scams Likely to Continue as Driver for Phishing Attacks in 2019

Wed, 03/13/2019
With the 2019 tax season reaching full throttle, a volatile mix of conditions could fuel an unprecedented barrage of W-2 phishing scams through mid-April this year. For the businesses and employees who fall victim, the results can be disastrous.W-2s, of course, are the IRS documents that United States businesses provide employees after the end of each year, documenting the employee's earnings, tax...
Blog

Winning with Channel Partners: How Agari Continues to See Success

Wed, 03/06/2019
Channel partners have become a strategic extension for technology businesses all over the world. Within the cybersecurity sector, channel partners have proven to be the backbone for many companies leading them to huge success. Agari is a channel-first company with a vision of being the most channel-friendly company in the cybersecurity industry.Here at Agari, channel partners can fall in various...
Blog

Great Scott! Agari Introduces Time Travel to Stop Data Breaches

Mon, 03/04/2019
Today, we’re excited to announce a new technology called Agari Continuous Detection and Response (CDR) that will allow customers to go back in time and find latent threats that are sitting in employee inboxes that could lead to data breaches. As Marty McFly would say, ‘“What do you mean go back in time?”Let me explain.Today, Secure Email Gateways (SEGs) and advanced threat protection security...
Blog

Phishing Survey Finds Businesses Waste $2 Million a Year Chasing False Positives

Tue, 02/12/2019
If US-based companies don't start automating phishing incident response processes within their SOCs, they could be SOL, according to new data captured in our Q1 2019 Email Fraud & Identity Deception Trends Report.That's because while businesses strive to implement security controls to prevent phishing attacks and any subsequent data breaches, the Security Operations Centers they rely on to...
Blog

Enhancing Cyber Threat Protection in Microsoft 365

Mon, 02/11/2019
The National Cyber Security Centre (NCSC) has recently published an advisory report that explores the ways M365 can be compromised by malicious parties, explaining how cybercriminals can use compromised M365 accounts to obtain financial profit. Integrating advanced threat prevention and data protection features to a M365 platform can enhance the existing security capabilities it offers. Clearswift’s bolt-on solution for M365 be seamlessly implemented to enable deep content inspection of all email traffic through the platform – inbound, outbound and internal – in both email messages and attachments.
Email Security
Microsoft Office 365
Blog

BEC Actors Exploiting Gmail “Dot Accounts” for Fun and Profit

Tue, 02/05/2019
Within Fortra's Threat Intelligence service, we regularly engage with BEC threat actors using active defense techniques. Recently, during one of our investigations into a group comprised of these threat actors, we observed several scammers taking advantage of a “feature” that Google has built into Gmail addresses. While Google sees this as an advantage of consumers, cybercriminals are exploiting...
Blog

Brand Marketing is the New Demand Generation

Mon, 02/04/2019
First, An ApologySorry, demand generation professionals. We still love you and your jobs aren’t going away. But, as you are well aware, the B2B buyer journey has changed—dramatically. Your roles, measurements, data sources, and tool sets have also transformed. All for the better.Meanwhile, building quality pipeline is becoming harder, as is capturing the mindshare of time-starved buyers who are...
Blog

Rising Romance Scams Cost Victims and Businesses Millions

Tue, 01/29/2019
A federal sting operation dubbed "Operation Gold Phish" has led to the arrest of nine people accused of bilking at least 18 victims out of $2 million through socially-engineered romance scams over the last two years.As first reported on December 19, the defendants are accused of manipulating victims into becoming unwitting money mules in an alleged wire fraud operation. According to the Chicago...
Blog

Healthcare Brand Impersonation Scams Targeting Consumers Can Cost You Millions

Thu, 01/24/2019
Memo to hospitals and healthcare providers: A growing number of phishing scams are targeting consumers—including your customers and patients—through email messages that appear to come from your brand. As these attacks continue to rise in coming months, they could cost consumers—and your brand—plenty.Without a doubt, the spear phishing and business email compromise schemes that target your...
Blog

New “BEC-as-a-Service” Trend Means Just About Anyone Can Launch an Attack

Tue, 01/22/2019
Business email compromise (BEC) fraud is a lucrative venture, and now that industry is expanding in a troubling way—by lowering the barrier to entry so that anyone with a couple hundred bucks can outsource a BEC attack. BEC criminals are organized, behaving in many ways like legitimate businesses. And just like any successful company in a growing industry, these criminals are looking to add...
Advanced Persistent Threats (APT)
Business Email Compromise
Blog

M&As Put Your Company at Risk for BEC Losses and Data Breach Liability

Thu, 01/17/2019
Mergers and acquisitions can build your company's value overnight, but business email compromise (BEC) and data breaches can tear it down just as quickly. Too often, M&A announcements are followed by waves of BEC attacks against the companies involved, or by news that the target company was the victim of a data breach. To get the most value from a merger or acquisition, you need to know how to...
Advanced Persistent Threats (APT)
Business Email Compromise
Data Breach
Spear Phishing
Blog

New Trend Sees BEC Gangs Focus on Executives for Payroll Diversion Scams

Mon, 01/14/2019
Human resources departments are the epitome of task ownership, carefully and efficiently connecting an organization’s needs with that of its employees. Employees in HR are tasked with recruitment, onboarding, and employee relations, and oftentimes handle payroll and benefits. Because of their wide reach, threat actors are now turning their attention to this organizational pipeline as they continue...