Resources

Blog

W-2 Scams Likely to Continue as Driver for Phishing Attacks in 2019

Wed, 03/13/2019
With the 2019 tax season reaching full throttle, a volatile mix of conditions could fuel an unprecedented barrage of W-2 phishing scams through mid-April this year. For the businesses and employees who fall victim, the results can be disastrous.W-2s, of course, are the IRS documents that United States businesses provide employees after the end of each year, documenting the employee's earnings, tax...
Blog

Winning with Channel Partners: How Agari Continues to See Success

Wed, 03/06/2019
Channel partners have become a strategic extension for technology businesses all over the world. Within the cybersecurity sector, channel partners have proven to be the backbone for many companies leading them to huge success. Agari is a channel-first company with a vision of being the most channel-friendly company in the cybersecurity industry.Here at Agari, channel partners can fall in various...
Blog

Great Scott! Agari Introduces Time Travel to Stop Data Breaches

Mon, 03/04/2019
Today, we’re excited to announce a new technology called Agari Continuous Detection and Response (CDR) that will allow customers to go back in time and find latent threats that are sitting in employee inboxes that could lead to data breaches. As Marty McFly would say, ‘“What do you mean go back in time?”Let me explain.Today, Secure Email Gateways (SEGs) and advanced threat protection security...
Blog

Phishing Survey Finds Businesses Waste $2 Million a Year Chasing False Positives

Tue, 02/12/2019
If US-based companies don't start automating phishing incident response processes within their SOCs, they could be SOL, according to new data captured in our Q1 2019 Email Fraud & Identity Deception Trends Report.That's because while businesses strive to implement security controls to prevent phishing attacks and any subsequent data breaches, the Security Operations Centers they rely on to...
Blog

Enhancing Cyber Threat Protection in Microsoft 365

Mon, 02/11/2019
The National Cyber Security Centre (NCSC) has recently published an advisory report that explores the ways M365 can be compromised by malicious parties, explaining how cybercriminals can use compromised M365 accounts to obtain financial profit. Integrating advanced threat prevention and data protection features to a M365 platform can enhance the existing security capabilities it offers. Clearswift’s bolt-on solution for M365 be seamlessly implemented to enable deep content inspection of all email traffic through the platform – inbound, outbound and internal – in both email messages and attachments.
Email Security
Microsoft Office 365
Blog

BEC Actors Exploiting Gmail “Dot Accounts” for Fun and Profit

Tue, 02/05/2019
Within Fortra's Threat Intelligence service, we regularly engage with BEC threat actors using active defense techniques. Recently, during one of our investigations into a group comprised of these threat actors, we observed several scammers taking advantage of a “feature” that Google has built into Gmail addresses. While Google sees this as an advantage of consumers, cybercriminals are exploiting...
Blog

Brand Marketing is the New Demand Generation

Mon, 02/04/2019
First, An ApologySorry, demand generation professionals. We still love you and your jobs aren’t going away. But, as you are well aware, the B2B buyer journey has changed—dramatically. Your roles, measurements, data sources, and tool sets have also transformed. All for the better.Meanwhile, building quality pipeline is becoming harder, as is capturing the mindshare of time-starved buyers who are...
Blog

Rising Romance Scams Cost Victims and Businesses Millions

Tue, 01/29/2019
A federal sting operation dubbed "Operation Gold Phish" has led to the arrest of nine people accused of bilking at least 18 victims out of $2 million through socially-engineered romance scams over the last two years.As first reported on December 19, the defendants are accused of manipulating victims into becoming unwitting money mules in an alleged wire fraud operation. According to the Chicago...
Blog

Healthcare Brand Impersonation Scams Targeting Consumers Can Cost You Millions

Thu, 01/24/2019
Memo to hospitals and healthcare providers: A growing number of phishing scams are targeting consumers—including your customers and patients—through email messages that appear to come from your brand. As these attacks continue to rise in coming months, they could cost consumers—and your brand—plenty.Without a doubt, the spear phishing and business email compromise schemes that target your...
Blog

New “BEC-as-a-Service” Trend Means Just About Anyone Can Launch an Attack

Tue, 01/22/2019
Business email compromise (BEC) fraud is a lucrative venture, and now that industry is expanding in a troubling way—by lowering the barrier to entry so that anyone with a couple hundred bucks can outsource a BEC attack. BEC criminals are organized, behaving in many ways like legitimate businesses. And just like any successful company in a growing industry, these criminals are looking to add...
Advanced Persistent Threats (APT)
Business Email Compromise
Blog

M&As Put Your Company at Risk for BEC Losses and Data Breach Liability

Thu, 01/17/2019
Mergers and acquisitions can build your company's value overnight, but business email compromise (BEC) and data breaches can tear it down just as quickly. Too often, M&A announcements are followed by waves of BEC attacks against the companies involved, or by news that the target company was the victim of a data breach. To get the most value from a merger or acquisition, you need to know how to...
Advanced Persistent Threats (APT)
Business Email Compromise
Data Breach
Spear Phishing
Blog

New Trend Sees BEC Gangs Focus on Executives for Payroll Diversion Scams

Mon, 01/14/2019
Human resources departments are the epitome of task ownership, carefully and efficiently connecting an organization’s needs with that of its employees. Employees in HR are tasked with recruitment, onboarding, and employee relations, and oftentimes handle payroll and benefits. Because of their wide reach, threat actors are now turning their attention to this organizational pipeline as they continue...
Blog

Phishing Attacks Set to Put Healthcare Under the Knife in 2019

Thu, 01/10/2019
As the healthcare industry closes the books on 2018, it is still reeling from more than 327 major data breaches that exposed personal health information (PHI) on at least 9.8 million US citizens this past year. Sixty percent of the attacks reported to federal authorities involved phishing or other email attacks, impacting up to 5.88 million individuals. And the costs can be steep. According to...
Blog

5 Reasons Why I Joined Agari as Chief Revenue Officer

Mon, 01/07/2019
More than $9 billion in direct losses from advanced email threats. $1 billion in ransomware payments. Six million personal identity records stolen every 24 hours—at an average cost of $7.9 million per breach.If you think the crushing losses stemming from an endless barrage of spear-phishing schemes, business email compromise (BEC) scams, and other advanced email attacks were bad in 2018, just wait...
Blog

Why Your Company Needs Third-Party Solutions for Microsoft Office 365

Thu, 01/03/2019
Osterman Research has released a new industry report warning that many organizations will likely need to augment their Microsoft Office 365 implementations with best-in-class, third-party solutions—especially when it comes to advanced email threat protection.That's not an indictment of Microsoft, mind you. In fact, Osterman researchers point out that O365 is quickly proving to be a capable and...
Blog

Cutting Out the ‘False Positive’ with Lexical Expression Qualifiers

Thu, 12/20/2018
When it comes to traditional Data Loss Prevention (DLP) solutions, the ‘false positive’ is frequently the downfall. This is where an event is triggered by a policy in error. For example, a 16-digit number could be a credit card number, or it could be a reference number. If one is mistaken for the other, then this gives rise to a false positive.All DLP events need to be investigated, so the false...
Email Data Loss Prevention
Blog

How to Discover and Contain Data Breaches in Minutes—Not Months

Thu, 12/20/2018
A breach itself is bad enough, but the time it takes an organization to discover and contain that breach is where the majority of costs are incurred.Just ask Marriott. Or Equifax. Or Under Armour. When a phishing attack occurs, it takes an average of 197 days before it's discovered—and an additional 69 days to contain it. In many cases, such as the recently discovered breach at Marriott, it can...
Blog

Inside the Identity Graph: How Predictive AI Beats BEC Scams

Mon, 12/17/2018
Our recent report on London Blue, the cybercrime network that has amassed a list of 50,000 finance executives targeted for upcoming business email compromise (BEC) scams was alarming. But what makes it worse is that London Blue is not the only group of sophisticated cybercriminals out there. Phishing and other email attacks have jumped 50% in the last three months. The FBI is warning accounting...
Blog

Cybercriminals Adapting Tactics for Cloud Era

Tue, 11/27/2018
By the end of this year, 77% of all enterprises will have moved at least some of their operations into the cloud—including email. At the same time, we're seeing that fraudsters have been doing some modernizing of their own. Tactics that were once the domain of nation states are now being adopted by increasingly networked cybercrime organizations. Exploiting the same targeting and lead generation...