Agari Announces Insider Impersonation Protection Technology to Stop Internal Threats

Editor’s Note: This blog was originally found on the Agari Email Security blog.

By Mike Jones

As email scammers become more sophisticated and cybercriminals expand their tactics, compromised accounts as an attack mechanism continue to rise in popularity. Here at Agari, we’ve seen a 35% increase in attacks launched from compromised accounts in the last six months. This means that account takeover-based threats are more prevalent than ever before. And since this is the hardest attack type to protect against, these threats are only going to become more dangerous.

Compromised Accounts Aren’t the Worst of It

With only a few clicks, he could establish persistent control of the account without ever alerting the victim and continuously monitor activity — preparing for the right moment to strike. Then, when he sees the opportunity, he can easily and quickly launch a targeted email attack against the contact list of the controlled account. The type of targeted email attack will be dependent on his previous reconnaissance and could consist of a business email compromise scam to extract funds or a spear-phishing campaign to gain a deeper foothold into the organization.

Perhaps most concerning is that once the attacker has access to the account, he can move laterally throughout the organization, accessing private information through systems like OneDrive and SharePoint and even using the same account credentials to log in to financial systems and divert money.

Introducing Insider Impersonation Protection

Today, that changes with the introduction of insider impersonation protection technology, a new capability available in Agari Advanced Threat Protection. With this inclusion, Agari Advanced Threat Protection is the only product on the market that simultaneously scans incoming, outgoing, and internal employee-to-employee email traffic to detect and prevent advanced email threats — including account takeover-based attacks.

Recent analysis from Osterman Research shows that 49% of organizations do not have the right tools to stop insider impersonation attacks, despite the fact that these threats account for the majority of issues with which security teams must contend. Because of their difficult-to-detect nature and the fact that they exploit the trust humans have in their previously established relationships with coworkers, compromised accounts can do serious damage — until now.

By applying the three phases of the Agari Identity Graph to determine if the email is legitimate, no matter where it originates, Agari Advanced Threat Protection can automatically remove or quarantine malicious emails and provide notifications for outgoing threats. By scanning both outgoing and internal email traffic, this technology effectively prevents the lateral spread of malware, ransomware, and spear-phishing attacks — keeping you safe from data breaches, financial loss, and other threats.

Discover more about how Agari Advanced Threat Protection protects your organization from advanced email attacks.

Agari is the Trusted Email Identity Company™, protecting companies and people from phishing and socially-engineered email attacks.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store