Q1 2020 Quarterly Report
Email Fraud & Identity Deception Trends
February 12, 2020
The Agari Cyber Intelligence Division (ACID) is the only counterintelligence research team dedicated to worldwide business email compromise and spearphishing investigation. ACID supports Agari’s unique mission of protecting digital communications so that humanity prevails over evil. The team works to uncover identity deception tactics, criminal group dynamics, and relevant trends in advanced email attacks. Created in 2018, ACID helps to impact the cyber threat ecosystem and mitigate cybercrime activity by working with law enforcement and other trusted partners.
Agari Active Defense is a tool used by ACID to automate active engagement sessions with cyber threat actors as a way to collect intelligence about adversary tactics and targets.
Get Notified of New Reports
Learn More About Emerging Threats
Get the Latest Agari Insights
Exaggerated Lion is a BEC cybercrime ring that operates out of Africa with members in Nigeria, Ghana, and Kenya. This is one of the most prolific BEC groups ever discovered, targeting more than 3,000 employees at nearly 2,100 companies throughout the United ...
Read the Report
Vendor email compromise is a new form of advanced email attack that uses compromised email accounts to target the global supply chain. With the cybercriminal group we’ve named Silent Starling, we see how devastating these attacks can be.
Read the Report
Business email compromise has continued to grow into a billion-dollar industry as cybercriminals turn to it as their preferred scam. But with the West African gang we’ve named Scattered Canary, we have deeper insight into how BEC is connected to the rest of ...
Read the Report
Nigeria has been a hub for scammers since long before the Internet came into wide use, and it remains one of the world’s primary centers for active gangs, including many that are focused on BEC. But with London Blue, a Nigerian gang has extended its base of ...
Read the Report