Welcome!

API Journal Authors: Elizabeth White, Liz McMillan, Pat Romanski, Carmen Gonzalez, Harry Trott

News Feed Item

Agari Q2 Email TrustIndex Shows Brands Remain Under Persistent Email Cyberattack; Banks Are 15 Times More Likely to Be Spoofed Than Other Industries

Agari, the leading provider of real-time, data-driven security solutions that detect and prevent advanced email cyberthreats, today released its 2014 Q2 edition of the Email TrustIndex.

The Q2 Email TrustIndex covers the period from April through June 2014 and provides email “threat” ratings, or the volume of cyberthreats targeted towards any given company’s consumers via email, and email “trust” ratings, or how well companies are protecting consumers from email cyberthreats. To compile the Index, Agari analyzes 6.5 billion emails per day across 11 industries to identify which companies are being targeted and which companies are taking action to prevent attacks from reaching consumers.

The Travel sector saw threat volume increase by 800% in Q2, signifying a major target for hackers. Mega Banks were found to have the highest ThreatScore in Q2, where consumers are 15 times more likely to receive a malicious email pretending to be from a major bank than they are from an airline. Health Care is still in critical condition with the lowest TrustScore of all industries. Out of the 14 health care companies analyzed, 13 classified as "easy targets" for cybercriminals.

“Quarter after quarter we are witnessing industries struggle with email security. We see countless high-profile breaches in the news where email is a stepping stone in the attack or is leveraged post-attack to steal credentials, begging the question, ‘Why are these industries not protecting themselves and their customers?’” said Patrick Peterson, Founder and CEO of Agari. “We issue these quarterly reports to encourage people to take email security more seriously. For a long time, brands couldn’t do anything to stop brand hijacking, but now they can deploy DMARC to stop brand abuse through email and protect their consumers.”

Email is the Weakest Link

The disparity in email security between the best- and the worst-performing industries is significant: of the industries surveyed, three-quarters have yet to completely implement DMARC (Domain-based Message Authentication, Reporting, & Conformance), an open standard enabled on 70% of the world’s inboxes. DMARC is the only security solution that enables Internet-scale email protection and prevents fraudulent brand abuse for email-borne cyberattacks. Social companies have a 64% DMARC implementation rate – five times what has occurred among airlines.

Despite the importance, ubiquity and staying power of email, there are still flaws. According to the Identity Theft Resource Center, as of July there have been 395 data breaches in the U.S. alone; a 21 percent increase from the same time in 2013. In Q2 2014, Agari witnessed a rise in the number and threat-level of malicious email attacks from many of the security incidents making headlines. Cryptolocker, GameOver Zeus and the recent hacking of 1 billion passwords by a Russian gang all involve security gaps from email.

Additional Key Findings in Q2:

  • Financial Services was broken down into Payments, Mega Banks (US and Europe), and Large Banks in Q2.
    • Large Banks are the least trustworthy financial institution. Every large bank evaluated was classified as an “easy target.”
  • E-tailers are excelling in email security, with online-only pioneers, such as Netflix and Newegg, leading the pack, whereas the majority of retailers are lagging in implementing best practices.
  • Social Media sites are "security rockstars" with Facebook, Google+, LinkedIn and Twitter having near-perfect TrustScores.

About the Agari TrustIndex

The Agari TrustIndex contains ratings developed by Agari that reflects how fully organizations have deployed three standards (SPF, DKIM, and DMARC) across their primary active domains. While all three standards are deployed "behind the scenes" and are not directly visible to consumers in most cases, by looking at TrustIndex scores you can get a simple, easy to understand rating of how well any given organization is protecting their customers from receiving malicious email under the guise of the organization's brand and domain name. It's important to note that the Agari TrustScore reflects that level of security deployed by the organization, and is not directly related to the ThreatScore, which is an indicator of how high a level of attack is directed at an organization. A company could have a very high TrustIndex score and still have a high ThreatScore as well, as even though they've deployed effective security the bad guys are still trying to break in.

The latest copy of the Agari Email TrustIndex is available for download here.

RELATED LINKS AND CONVERSATIONS

About Agari

Agari builds new, Internet scale, data driven security solutions that eliminate email as a channel for cyberattacks and enable businesses and consumers to interact safely. The Agari cloud-based SaaS solution aggregates data from 2.5 billion mailboxes to help global brands eliminate email threats, protect customers and their personal data, and proactively guard brand reputation. Today, Agari analyzes over 6 billion messages per day, identifies over 2 million malicious URLs per month, and blocks over 200 million malicious emails per month. Founded by the thought leaders behind Cisco’s IronPort solutions, Agari, a recipient of the JPMorgan Chase Hall of Innovation Award and recognized as a Gartner Cool Vendor in Security, is headquartered in Silicon Valley. Learn more at http://www.agari.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...
DevOps is being widely accepted (if not fully adopted) as essential in enterprise IT. But as Enterprise DevOps gains maturity, expands scope, and increases velocity, the need for data-driven decisions across teams becomes more acute. DevOps teams in any modern business must wrangle the ‘digital exhaust’ from the delivery toolchain, "pervasive" and "cognitive" computing, APIs and services, mobile devices and applications, the Internet of Things, and now even blockchain. In this power panel at @...
Major trends and emerging technologies – from virtual reality and IoT, to Big Data and algorithms – are helping organizations innovate in the digital era. However, to create real business value, IT must think beyond the ‘what’ of digital transformation to the ‘how’ to harness emerging trends, innovation and disruption. Architecture is the key that underpins and ties all these efforts together. In the digital age, it’s important to invest in architecture, extend the enterprise footprint to the cl...
Bert Loomis was a visionary. This general session will highlight how Bert Loomis and people like him inspire us to build great things with small inventions. In their general session at 19th Cloud Expo, Harold Hannon, Architect at IBM Bluemix, and Michael O'Neill, Strategic Business Development at Nvidia, discussed the accelerating pace of AI development and how IBM Cloud and NVIDIA are partnering to bring AI capabilities to "every day," on-demand. They also reviewed two "free infrastructure" pr...
Whether your IoT service is connecting cars, homes, appliances, wearable, cameras or other devices, one question hangs in the balance – how do you actually make money from this service? The ability to turn your IoT service into profit requires the ability to create a monetization strategy that is flexible, scalable and working for you in real-time. It must be a transparent, smoothly implemented strategy that all stakeholders – from customers to the board – will be able to understand and comprehe...
Businesses and business units of all sizes can benefit from cloud computing, but many don't want the cost, performance and security concerns of public cloud nor the complexity of building their own private clouds. Today, some cloud vendors are using artificial intelligence (AI) to simplify cloud deployment and management. In his session at 20th Cloud Expo, Ajay Gulati, Co-founder and CEO of ZeroStack, will discuss how AI can simplify cloud operations. He will cover the following topics: why clou...
"Dice has been around for the last 20 years. We have been helping tech professionals find new jobs and career opportunities," explained Manish Dixit, VP of Product and Engineering at Dice, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
More and more brands have jumped on the IoT bandwagon. We have an excess of wearables – activity trackers, smartwatches, smart glasses and sneakers, and more that track seemingly endless datapoints. However, most consumers have no idea what “IoT” means. Creating more wearables that track data shouldn't be the aim of brands; delivering meaningful, tangible relevance to their users should be. We're in a period in which the IoT pendulum is still swinging. Initially, it swung toward "smart for smar...
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform and how we integrate our thinking to solve complicated problems. In his session at 19th Cloud Expo, Craig Sproule, CEO of Metavine, demonstrated how to move beyond today's coding paradigm and sh...
We are always online. We access our data, our finances, work, and various services on the Internet. But we live in a congested world of information in which the roads were built two decades ago. The quest for better, faster Internet routing has been around for a decade, but nobody solved this problem. We’ve seen band-aid approaches like CDNs that attack a niche's slice of static content part of the Internet, but that’s it. It does not address the dynamic services-based Internet of today. It does...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life sett...
The WebRTC Summit New York, to be held June 6-8, 2017, at the Javits Center in New York City, NY, announces that its Call for Papers is now open. Topics include all aspects of improving IT delivery by eliminating waste through automated business models leveraging cloud technologies. WebRTC Summit is co-located with 20th International Cloud Expo and @ThingsExpo. WebRTC is the future of browser-to-browser communications, and continues to make inroads into the traditional, difficult, plug-in web ...
20th Cloud Expo, taking place June 6-8, 2017, at the Javits Center in New York City, NY, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy.
WebRTC is the future of browser-to-browser communications, and continues to make inroads into the traditional, difficult, plug-in web communications world. The 6th WebRTC Summit continues our tradition of delivering the latest and greatest presentations within the world of WebRTC. Topics include voice calling, video chat, P2P file sharing, and use cases that have already leveraged the power and convenience of WebRTC.
"We're a cybersecurity firm that specializes in engineering security solutions both at the software and hardware level. Security cannot be an after-the-fact afterthought, which is what it's become," stated Richard Blech, Chief Executive Officer at Secure Channels, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
The Internet of Things (IoT) promises to simplify and streamline our lives by automating routine tasks that distract us from our goals. This promise is based on the ubiquitous deployment of smart, connected devices that link everything from industrial control systems to automobiles to refrigerators. Unfortunately, comparatively few of the devices currently deployed have been developed with an eye toward security, and as the DDoS attacks of late October 2016 have demonstrated, this oversight can ...
Fact is, enterprises have significant legacy voice infrastructure that’s costly to replace with pure IP solutions. How can we bring this analog infrastructure into our shiny new cloud applications? There are proven methods to bind both legacy voice applications and traditional PSTN audio into cloud-based applications and services at a carrier scale. Some of the most successful implementations leverage WebRTC, WebSockets, SIP and other open source technologies. In his session at @ThingsExpo, Da...
Internet-of-Things discussions can end up either going down the consumer gadget rabbit hole or focused on the sort of data logging that industrial manufacturers have been doing forever. However, in fact, companies today are already using IoT data both to optimize their operational technology and to improve the experience of customer interactions in novel ways. In his session at @ThingsExpo, Gordon Haff, Red Hat Technology Evangelist, will share examples from a wide range of industries – includin...
We're entering the post-smartphone era, where wearable gadgets from watches and fitness bands to glasses and health aids will power the next technological revolution. With mass adoption of wearable devices comes a new data ecosystem that must be protected. Wearables open new pathways that facilitate the tracking, sharing and storing of consumers’ personal health, location and daily activity data. Consumers have some idea of the data these devices capture, but most don’t realize how revealing and...
Unless your company can spend a lot of money on new technology, re-engineering your environment and hiring a comprehensive cybersecurity team, you will most likely move to the cloud or seek external service partnerships. In his session at 18th Cloud Expo, Darren Guccione, CEO of Keeper Security, revealed what you need to know when it comes to encryption in the cloud.