By the end of this year, 77% of all enterprises will have moved at least some of their operations into the cloud—including email. At the same time, we're seeing that fraudsters have been doing some modernizing of their own. Tactics that were once the domain of nation states are now being adopted by increasingly networked cybercrime organizations. Exploiting the same targeting and lead generation...

Social media is now the window to any business. 83% of organizations use social media as a marketing tactic, making it the most popular marketing tool. It is updated far more regularly than any website and businesses build a following based on publishing engaging content regularly. While businesses see the importance of using social media to quickly build their brand and reputation, there has been little emphasis on the downside to this. How social media can destroy a company’s reputation in an instant.

California has witnessed its most deadly and destructive wildfire on record during the month of November. As the Camp Fire blazes on, more than 70 people have died, hundreds are still missing, and in some cases, entire towns have been reduced to little more than ashes. What’s more is that impending rain threatens to bring mudslides and further destruction to an already ravaged area. Despite the...

Editor's Note: This article is Part 2 in a three-part series based on findings from the Q4 2018 Email Fraud & Identity Deception Trends report. Click here to read Part 1. First there's the good news: 51% percent of Fortune 500 companies have adopted DMARC, the open email-authentication standard designed to prevent fraudsters from impersonating brands in email scams, according to the Email Fraud ...

Want to get a sense of the carnage being caused by business email compromise (BEC) attacks? Look no further than an October 16 report from the Securities and Exchange Commission on an investigation into nine publicly-traded companies that were swindled out of $100 million through BEC scams. It isn't pretty. According to the report, one of these companies made 14 separate wire payments for fake...

To mitigate risks, organizations should take a number of risk mitigation steps that both improve employee mindset around handling sensitive data as well as to enforce rules that ensure unwanted sensitive data acquisition is reduced.

Phishing, Business Email Compromise (BEC), and other email attacks still involve display name deception—with Microsoft, and Amazon are still impersonated in many of these identity deception attacks.(Part 1 of 3)Display name deception techniques are now used in a majority of business email compromise (BEC) scams and other advanced email attacks targeting a growing number of companies, according to...

Over the past 6 months, 100% of Agari customer brands and more than 80% of their domains have been the target of consumer phishing or B2B phishing attacks impersonating their brand to commit fraud. While the cost of phishing attacks isn't always visible, there are very real costs to businesses in the form of email deliverability, brand value and fraud costs.The root cause of this problem is that...

Account takeover-based email scams are climbing fast as the barriers to entry crumble for cybercriminals. But is advanced, AI-driven email protection really the solution? Consider yourself warned: Account takeover (ATO)-based email attacks have surged 126% in just the last year, and now represent the single most successful attack vector against businesses.According to a study from Agari and...

As new threats are introduced into the cyberscape as well as evolved traditional threats, businesses need to be more prepared than ever for a data breach and have the latest tools in place to mitigate risks.

Responding to BOD 18-01, agencies rally to complete the fastest sector-wide adoption of DMARC One year ago, the Department of Homeland Security announced its Binding Operational Directive 18-01, a mandate for all federal executive branch domains to implement stronger security standards. Specifically, BOD 18-01 required the adoption of HTTPS and DMARC, an email authentication standard that prevents...

Today is the deadline set by the Department of Homeland Security for all executive branch agencies to fully adopt Domain-based Message Authentication, Reporting and Conformance (DMARC), the email authentication protocol needed to prevent phishing attacks that hijack or mimic their domains. In the past 24 hours, Agari has analyzed federal DMARC adoption on the eve of BOD 18-01 and the results are...

New forms of phishing attacks and other advanced email threats can cost your clients—and your brand—more than you may realize. You could call her a dream client: well-heeled, well-connected, and surely worth a fortune in potential referrals. But when a pair of business email compromise (BEC) attacks against an accountant at her wealth management firm led to $350,000 in losses, the relationship...

Last month, British Airways was hacked and 380,000 payment details were stolen. In the immediate aftermath, the question on everyone’s minds was, in the era of GDPR, whether the airline would see a substantial fine. While there have been a number of breaches since the introduction of the EU regulation, what was different in this instance was that the incident ticked every box in regards to...

NYDFS, HIPAA, GDPR? As Cyber-defenses are Hardened to Comply with an Alphabet Soup of Regulatory Mandates, Organizations are Growing More Vulnerable to Cyberattack—Not Less Name the industry, and it's safe to say that regulatory governance efforts have IT and security teams racing to erect new cyber-defenses to address a rising tide of domestic and international mandates. But if that isn't...

Business Email Compromise (BEC) is on the rise, and Office 365 users are among the most heavily targeted. With new LinkedIn-integration features potentially upping the stakes, here's what you need to know now.It's official: Office 365 users will soon be able to co-edit documents from within LinkedIn. But who wins more—businesses and their employees? Or the email fraudsters who increasingly launch...

The email channel has always been the linchpin of your digital marketing operations. But a failure to use something called DMARC could obliterate your deliverability rates, your revenues—even your brand.It's no secret to digital-savvy CMOs that old-school email is a cutting-edge marketing team's killer app.But what you don't know is something called "Domain-based Message Authentication, Reporting ...

A growing number of attacks on businesses and their customers are evading email security systems. Can automation really make the difference?If you’re reading this blog post, chances are your current email security controls are leaving something to be desired. With the sheer volume of email rising fast and cybercriminals continuing to prioritize email over all other threat vectors combined, is...