Resources

Video

Introduction to Fortra's Cloud Email Protection Platform

Even with Secure Email Gateways in place, deceptive attacks like BEC, targeted social engineering ploys, and spear phishing attempts can still get into user inboxes. In this video, Fortra’s Advanced Email Security experts discuss how Fortra’s Cloud Email Protection, a new integrated cloud email security platform, delivers multi-faceted defense against advanced email threats, including::How AI...
Video

QR Codes That Aren’t Cool – How to Defend Your Inbox from Quishing Attacks

Most organizations have security controls in place to inspect URLs in emails to prevent the risk of credential phishing and business email compromise (BEC) attacks. However, threat adversaries have pivoted their tactics in order to bypass security stacks. The QR code is now the carrier of choice for delivering these types of payloads via email. Is your organisation ready to tackle this new...
Video

QR Codes That Aren’t Cool – How to Defend Your Inbox from Quishing Attacks

Most organizations have security controls in place to inspect URLs in emails to prevent the risk of credential phishing and business email compromise (BEC) attacks. However, threat adversaries have pivoted their tactics in order to bypass security stacks. The QR code is now the carrier of choice for delivering these types of payloads via email. Is your organization...
On-Demand Webinar

QR Codes That Aren't Cool Webinar

Threat adversaries have pivoted their credential phishing and BEC tactics in order to bypass security stacks. In this video, Fortra’s Advanced Email Security expert, Dr. Steve Jeffery, discusses how the QR code has become the carrier of choice for delivering payloads via email and what your organization needs to put in place to stop them. You’ll learn: How human and machine mitigations help...
On-Demand Webinar

DMARC Revisited: Email Authentication in 2024

Implementing DMARC is one of the simplest ways to prevent email spoofing and ensure consistent email deliverability. Agari DMARC Protection will lead you through a safe and efficient DMARC implementation with features that allow you to: Catalogue and authenticate all legitimate senders–both 3rd-party and internal Navigate past common authentication pitfalls Comply with today’s major email...
On-Demand Webinar

Is Microsoft Email Security Enough in 2024?

As Microsoft’s security capabilities continue to evolve, many organizations are questioning how much they should rely on Microsoft for their email security needs. Watch this webinar to hear Fortra experts discuss enterprise email security requirements and how Microsoft fits into the equation and where it falls short, along with: How to evaluate Microsoft’s role in your email security stack ...
On-Demand Webinar

Email Impersonation and Machine Learning

Over 98% of threats reaching user inboxes impersonate individuals or brands to slip past email filters. In this video, Fortra’s Advanced Email Security experts discuss how machine learning models can help detect and remove email impersonation threats at scale. You’ll learn: The machine learning applications for comprehensive email threat...
Blog

DMARC Quarantine vs. DMARC Reject: Which Should You Implement?

You did it! You can now take a quiz and accurately answer "What Is DMARC?"! Next you've generated your DMARC record, implemented your policy, and authenticated your email domains. DMARC is no easy feat in itself and now, after DNS requests, third-party conference calls and writing internal policies, you are ready...to enforce a stricter DMARC policy! ...
Blog

Dark Web Focus on Credit Unions Increases in Q1

In Q1, Credit Unions nearly surpassed Banking Institutions as the top targeted industry on the dark web. Just under 36% of stolen card data on dark web platforms was linked to Credit Unions, marking the fourth consecutive quarter the industry has seen an increase in malicious activity.Every quarter, Fortra’s PhishLabs analyzes hundreds of thousands of attacks targeting enterprises and our clients....
Blog

Social Media Attacks Targeting Banks and Retail Climb in Q1

Social media attacks targeting businesses have jumped 12.2% in Q1 from the previous quarter, according to Fortra’s PhishLabs. Attacks on social channels are also trending higher than Q1 2022, with the average business experiencing more than 81 attacks per month. External platforms, such as social media, are widely used by cybercriminals to engage in fraud and distribute misinformation. Threatening...
Blog

Untrustworthy Email in Inboxes Reaches All-Time High

In Q1, the volume of emails classified as malicious or do not engage reached nearly a quarter of all reported emails. This is the highest combined volume of these categories since Fortra’s PhishLabs has documented this data point. Of those classified as malicious, threats considered email impersonation or, those lacking known signatures, made up a significant 98.7%.Every quarter, Fortra analyzes...
Blog

Free Domain Abuse Plummets in Q1 as Staging Methods Shift

Free domain registrations used to stage phishing sites have experienced a significant drop in activity, contributing to just under 2% of phishing abuse in Q1. Free domain registrations and other no-cost means of staging phishing infrastructures are historically a favorite of threat actors. While no-cost methods as a whole did make up the majority of abuse in Q1, the decline in free domains can be...
Article

Effective Strategies for Protecting Against BEC

While BEC is incredibly simple and effective, it is not unstoppable. Organizations need to go beyond traditional email security measures to detect, block, and prevent email impersonations. Learn what steps need to be taken in order to combat BEC and protect your organization from this popular attack.
Blog

Microsoft 365's Good. Clearswift's SEG Makes It More Secure.

Microsoft 365 has certainly become a mainstay. In order to stay safe and secure, Fortra's Clearswift Secure Email Gateway provides an additional needed layer to Microsoft 365.
Blog

Top Tactics of BEC Attacks in 2023

Email impersonation is the fastest growing and most successful means of bypassing email security controls. In Q4 2022, the response-based and credential theft attacks that make up email impersonation reached their highest percentage of share of all email threat volume, contributing to more than 97% of attacks reported by end users.In this series, we look at the top email impersonation threats...
Blog

The Rise in Hybrid Vishing: How Spoofed Phone Numbers Are the Top Email Threat to Bypass SEGs

Email attacks using impersonation as their primary means of success are the top threats making it past Secure Email Gateways. These socially engineered messages have gradually increased in volume to overtake more malicious links or attachments typically used in payload campaigns targeting businesses.In this series, we look at the top email impersonation threats based on the reported volume in user...
Blog

Emotet Returns from Hiatus, Trails QBot in Q1 Volume

QBot and Emotet payloads contributed to more than 93% of reported payload volume in Q1, according to Fortra’s PhishLabs. While QBot represented the majority of attacks, this is the first known activity by Emotet actors since 2022 and the largest spike in Emotet reports since Q2 of last year.Email payloads remain the primary delivery method of ransomware targeting organizations. PhishLabs’...
On-Demand Webinar

What's Making It Past Secure Email Gateways?

How frequently are advanced threats actually bypassing your email security controls?One of the greatest challenges to protecting end users from high impact email attacks is detecting identity deception. Fortra has conducted an analysis of real end user phishing reports to determine which advanced threat types evade common secure email gateways and the frequency which they occur to better...
Guide

Securing Government Data - UK

With nation-state attacks on the rise, and cyber criminals more targeted, professional, and motivated than ever, governments around the world have become dependent on cybersecurity solutions to stay ahead of the latest threats. But with government departments holding valuable data on its citizens, it's vital that they use a solution that can defend themselves against attack and keep that data safe and secure.
Blog

What to Know About Business Email Compromise (BEC) Scams

Business email compromise (BEC) is a dangerous type of email spoofing that targets businesses, aiming to damage them in some way. Overall, BEC “is one of the most financially damaging online crimes,” according to a joint Cybersecurity Advisory by the Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of...