Blog

Blog

Gmail User? Your Email is About to Get Safer

Your email is about to get safer if you are a Gmail user! This week in the Gmail Blog, Product Manager John Rae-Grant talked about a couple of changes to Gmail on the web that will allow users to see if an email might not be as secure as it should be. First, Gmail will display a broken lock symbol in the upper right of the email window if it is not encrypted in transit with TLS. And second, Gmail...
Blog

What Happens When Your CEO’s Email is Compromised?

What would you do if you received a confidential email from your CEO asking you to wire money to an attorney as part of an acquisition? This is what happened to Texas manufacturing firm, Ameriforge Group Inc., whose director of accounting wired $480,000 to the Agricultural Bank of China, before realizing that it was an email scam. Unfortunately, these kinds of highly targeted phishing scams, known...
Blog

8 Reasons Why DLP is Now Practical for SMB, Education and Local Government Organizations

While SMBs and public sector organizations were not the primary target for cyber-attacks and data breaches when DLP solutions were first brought to market, newer automated threats via malware and data theft monetization strategies (i.e. identify theft, ransomware, etc.) have made it more efficient and profitable to focus on smaller organizations that were apparently in the clear. As a result, the likes of SMBs, educational institutions and local county and city government organizations are faced to deal with an ever increasing set of information-borne threats and compliance regulations without a practical DLP option. Until now...
Blog

USBs: The Inconspicuous Enemy

At around three centimetres in length and weighing less than 30 grams on average, the USB flash drive would appear to be a relatively innocuous storage device, but losing or inserting an unknown USB into a personal or company computer could have devastating consequences. With over 22,000 USB sticks being left in the pockets of clothing sent to Britain’s dry cleaners, alone last year, we thought it valuable to outline the dangers of the simple USB and how individuals and organizations alike can protect against the potential cyber weaknesses they can bring about.
Blog

DANE vs DMARC: The Email Authentication Landscape

Lately, the question of DANE vs DMARC has been coming up quite a bit. While both DANE and DMARC involve “authentication”, there are significantly different things meant by each. Let’s start by addressing the underlying technologies. DANE, or RFC6698, is intended to mitigate the threat of a man-in-the-middle intercepting encrypted communications by posing as one of the end points. A common vector...
Blog

Don’t Let Your Customers Be Fooled By Cousin Domains

In the last five years, we’ve all become far too familiar with it – hackers spoofing a company’s domain and therefore tarnishing the brand, bad actors attempting to infect our computers with malware, and criminals sending millions of spam messages. As if this isn’t enough, now there is a whole group of people working to outsmart companies AND their customers by using cousin domains to fool...
Blog

New Email-Embedded Malware Getting Through Major AV Scans

Clearswift has recently been approached by a number of top cybersecurity teams and organizations to help them address an increasing threat of ongoing attempts to deliver embedded malware hidden in email attachments that is automatically activated by malicious scripting code. The sophistication and continuous morphing of delivery methods have made it so these new malware variants go undetected and pass right by major AV scanning solutions.
Blog

Email Scams to Avoid this Holiday Season

With the high volume of email activity the holiday season brings, we’ve been getting a lot of questions about holiday email scams – what to look for and how to avoid them. So in the spirit of giving…some good advice…our Field CTO John Wilson has published a blog on LinkedIn with suggestions that can help people better protect themselves from online criminals, and help businesses ensure they aren’t...
Blog

What Is Adaptive Data Loss Prevention?

There’s a bewildering volume of data in modern business. IDC has predicted that by 2025, there will be 175 zettabytes of data in the world, a figure that's almost impossible to conceive. While this data will not be of interest to many people, there will be some that is highly prized indeed. Data has become highly valuable IP for many organizations, and the need to keep it protected from cyber...
Blog

Ansible and Terraform at Agari: An Automation Journey

Snowflakes and Early Automation EffortsAt Agari, as part of our mission to solve phishing, we deal with data at scale. We’ve chosen AWS to help us move quickly, making sure our infrastructure is as agile as we are.Unfortunately, in the beginning, we treated AWS instances much the same way as physical servers: each configuration was lovingly hand-crafted, packages were installed at the command line...
Blog

Steve Katz, FS-ISAC Chairman: Perspectives on Phishing

Steve Katz - “Phishing and social engineering is still a global threat to every business around today.”Last year, phishing attacks cost organizations $4.5 billion in losses, but as we all know the loss is not only monetary. These attacks exploit the trust we as customers have in the brands we use.Recently Agari sat down with the Financial Services industry's first CISO, previous CSO of Citi Group...
Blog

Exploring Phishing Statistics

At Agari, we are vocal about the steps organizations can take to protect their brands and customers from the impact of phishing attacks. But what exactly are the hard numbers behind our mission? Let’s look at some phishing statistics showing a clear need for change when it comes to mitigating the phishing problem. A rising threat Verizon research has found that phishing is now the second most...
Blog

Protecting Customers From Phishing At FS-ISAC

A long-time sponsor of FS-ISAC, Agari takes pride in being a member of the digital security community, committed to protecting financial services brands and their customers from email-based cyber attacks. During this year's conference, held at the Hotel del Coronado in San Diego, we once again joined our industry brethren, reconnected with familiar faces and forged new relationships with cyber...
Blog

Phishing Awareness: How to Prevent Phishing

[et_pb_section admin_label="section"][et_pb_row admin_label="row"][et_pb_column type="4_4"][et_pb_text admin_label="Text" background_layout="light" text_orientation="left" use_border_color="off" border_color="#ffffff" border_style="solid"] In the final installment in our series of blogs on the Fundamentals of Phishing we will explore how to prevent phishing attacks. To truly prevent email...
Blog

Email Phishing Examples and How to Spot Them

In the second in our series of blogs on the Fundamentals of Phishing we will explore how to identify fraudulent emails. Not that long ago, phishing attempts were quite primitive and often full of errors, and it was easier for consumers to identify when something was amiss. In addition, consumers weren’t accessing their inboxes from multiple devices and mobiles, nor did they expect to receive...
Blog

Exploring the Ashley Madison Dataset

I first heard about the Ashley Madison breach on July 15, 2015 in a post by Brian Krebs. I immediately wondered what the fallout of such a breach would be. Would Ashley Madison's new tagline be "1 million divorces and counting!" Would the perpetrators try to profit from the stolen data, perhaps through blackmail? I never imagined I'd soon have the chance to explore the dataset myself, after Forbes...
Blog

Agari and RiskIQ Join Forces to Share Threat Data to Fight Cyber Criminals

Threat intelligence exchange will benefit Agari and RiskIQ customers through heightened security awareness and the ability to respond to discovered threatsSAN MATEO, Calif. — Sept. 15, 2015 — Agari, the leading provider of data-driven security solutions that detect and prevent advanced email cyberthreats, and RiskIQ, the Enterprise Digital Footprint Security company, today announced a strategic...
Blog

Airflow DAG @ Agari

Workflow Schedulers Workflow schedulers are systems that are responsibile for the periodic execution of workflows in a reliable and scalable manner. Workflow schedulers are pervasive - for instance, any company that has a data warehouse, a specialized database typically used for reporting, uses a workflow scheduler to coordinate nightly data loads into the data warehouse. Of more interest to...
Blog

What is 'Zero-Trust'?

With the X-Files soon making a return to the small screen (!!!), I have been thinking a lot lately about the concept of trust. Specifically as it relates to security, and especially the concept of "Zero-Trust". Many security front-runners have begun enacting a new security architecture called Zero-Trust Networking and it really took off when Google decided to implement it. The underlying...
Blog

Automated Model Building with EMR, Spark, and Airflow

Data science applications provide much of the power behind Agari’s e-mail security products. The e-mail landscape is vast and dynamic, and we require the ability to regularly analyze incoming data. Models including forwarder classification, malicious campaign identification, domain reputation, and inbound sender modeling are created on hourly to daily cadences. We therefore need a fast and cost...