Traditional email security products struggle to detect email impersonation threats such as Business Email Compromise (BEC) and spear phishing campaigns. These threats consistently bypass defenses that rely on signatures and policies like Secure Email Gateways and native-cloud email filters. This guide breaks down how Fortra uses advanced data science, including machine learning models, to find and mitigate attacks that slip past traditional email defenses.
In his guest essay for The Last Watchdog, Eric George, Director of Solutions Engineering at PhishLabs by, explains what ransomware is, who the high-stake threat actors are, and how organizations can defend themselves against ransomware attacks.
Originally published in The Last Watchdog
“Ransomware usually starts with a phishing email. An unsuspecting employee will open a legitimate-looking...
Transcript
Social engineering is the use of idiosyncrasies of the way our brains work to trick us into doing something we would otherwise not do.
Let me give you an example. Suppose that you live in an apartment complex that has a secure gate and everyone at that complex has been told, "Don't let strangers in. Don't hold the door for anyone." I could use a...
Transcript
Ransomware really is continuing to be that go-to attack for attackers, and it's really one of the most effective ways that they have to extort businesses and compromise user data. How does ransomware work? Well, typically, it's delivered via infected email attachments or via compromised websites or contact management systems.
Here at Agari, we...
Ransomware threats can change daily, making consumers and businesses more vulnerable than ever. Names like Angler malvertising, Locky ransomware and Angler Exploit Kit frequently crop up in the news, despite law enforcement’s best efforts to contain them.
Simply put, malware is popular because it’s successful. Cyber criminals make an estimated 1,425% ROI for exploit kit and ransomware schemes,...
Table of Contents
Who is Scarlet Widow?
Femmes Fictionale and Counterfeit Romeos
The Long Con: Making Moves for Money
Starry Eyes for Starling Michael
Up Close and Personal: The Case of "Robert Blackwell"
...
While many cybercriminal gangs scam medium-sized and large corporations, Agari has now uncovered and documented the practices of a Nigeria-based scammer group, dubbed Scarlet Widow, that has evolved a different strategy focused on more vulnerable sectors such as school districts, universities, and nonprofits.
In this report, we uncover:
How Scarlet...
Ransomware has evolved from targeting individuals to extorting large sums of money from businesses with the threat of releasing or destroying their private company data. This type of email-based attack can cause tremendous financial losses as well as reputation damage that’s difficult and expensive to repair.
Read our ransomware white paper now for insights from Agari Chief Scientist Markus...
Financial Services Tips for Securing Email with Agari
Although email is one of the primary digital channels for customer interaction within financial services institutions, it has never been secure. Today, with phishing more common than ever, anyone can spoof your brand and leverage it to hijack sensitive information from your customers. Phishing has played a role in almost every type of...
Why Integrated Email Threat Data Matters
Email is a primary vector for attacks on your business today—and email threats are evolving faster than ever. But actionable data about email attacks is often inaccessible to time-strapped security operations and incident response teams. That disconnect leaves your business vulnerable and unable to mitigate hidden email threats.
Improve Visibility with...
Social media threats targeting enterprises more than doubled last year. Attacks on the retail industry specifically have grown, as threat actors are targeting victims with impersonation and counterfeit ad campaigns.
Purchasing behavior is increasingly influenced by social media, making it an attractive vector for these kinds of campaigns. The tendency of social media users to consume information...
As the world becomes more and more dependent on online resources to complete daily tasks, such as work meetings, grocery shopping, and even exercising, the risk of cyber attacks, data breaches, and information stealing increases. If you’re not already protecting your personal information online, now is the perfect time to start, as Data Privacy Weeks kicks off today.Led by the National Cyber...
Over the course of my technical career, I’ve always thought of Oauth2 to, frankly, be a bit of a pain. Oauth2 offers a mind boggling amount of possibilities and is the basis of many authorization workflows.However, I have found the documentation and supporting examples of how to integrate Oauth2 somewhat lacking. I hope that someone out in the ether will find this blog post and save a few days of...
Amid a troubling rise in zero-day phishing attacks, recent research suggests that some companies may be making an ill-advised shift away from blocking advanced email threats to responding to them post-delivery. If true, the capitulation couldn't come at a worse time. Since January, cybercriminals taking advantage of the COVID-19 outbreak have been targeting businesses and individuals with an...
Enterprise email architecture is evolving, which is good news for cybercriminals. Legacy secure email gateways (SEGs) simply don't provide full protection from today’s evolving and costly attacks, and cloud-based email requires a new security approach. In contrast, the next generation of email security—the AI-powered Secure Email Cloud—gives organizations more comprehensive security and better...
Targeted email attacks continue to escalate as organizations deal with increasing numbers of phishing, spear phishing and ransomware attempts. But another attack vector—account takeovers—is affecting 44% of organizations and is posing a significant risk.
Watch this webinar to learn how:
These attacks lead to large-scale data breaches and financial losses;
How organizations can identify account...