Email Security Blog

New TrustIndex Shows Brands Remain Under Persistent Email Cyberattack

Agari August 20, 2014 Cybercrime
Fallback Featured Image

What do the Target breach, Heartbleed and Cryptolocker have in common? They all experienced fallout from the weakest link in the cybersecurity fence – email.

Today we released our 2014 Q2 edition of the Email TrustIndex, which identifies 147 companies across 11 industries to determine who has the highest and lowest risk for email brand attacks, and ranks the companies and industries to show who is taking action to stop cybercriminals from reaching consumers. Check out some of our key findings below. You can download the complete Q2 TrustIndex here to compare the the worst offenders with those who reach security rockstar status.

Q2 TrustIndex Findings – Why Brands Should Care

Industry Disparity in Email Security

Despite growing knowledge of email security weakness, some industries still haven’t fully confronted the challenge. Of the industries we surveyed for this report, three quarters have yet to completely implement DMARC security controls, which is the only email practice that prevents criminals from brand hijacking through email.

Travel Industry – Under Siege

One recent Cryptolocker attack involved mail that purported to be from a widely-used travel reservation site. The episode highlights an unfortunate fact of life about the travel business: It remains one of the most attacked in our survey. In the second quarter, in fact, its threat score shot up nearly 800 percent, far and away the biggest jump in the survey. Travel is a natural for the “social engineering” that occurs with all email attacks to motivate consumers to click based on their typical experience.

Travel Industry TrustIndex Findings

Banks Are a Criminal Target

You are 15 times more likely to receive a malicious email pretending to be from a major bank than you are from an airline or any other industry surveyed. So while Financial Services is average in adopting email security best practices, the TrustIndex reveals that only 43% have adopted DMARC and they remain a target until more of the industry gets on board.

Companies Taking Action

An 8% increase in the industry-wide TrustScore is good news – companies are taking action to protect their consumers from cyberattack and also are adding to the collective good. As specific industries strengthen their defenses, we see criminals move on to other industries that are easier targets.

Who Should Use DMARC to Prevent Email Cyberattacks?

Everyone. No matter how large or small your company is, no matter how much email your company sends, you could become the victim of domain spoofing and risk your business and others. The TrustIndex can help assess your risk and then leverage the work that Agari, Google, Yahoo!, Microsoft, AOL and others have done to provide you with the visibility that DMARC offers to protect your brand and make the internet a safer place for everyone.

Leave a Reply

Your email will not be published. All fields are required.

Agari Blog Image

July 10, 2019 Ronnie Tokazowski

‘Til Death Do Us Part… Romance Scams and the BEC Game

When we think of business email compromise (BEC), the first thing that comes to mind…

Agari Blog Image

June 5, 2019 Crane Hassold

From One to Many: Scattered Canary Evolves from One-Man Startup to BEC Enterprise

There is no denying that business email compromise (BEC) is big business, with losses exceeding…

Agari Blog Image

April 25, 2019 Crane Hassold

Bitcoin: The Next Evolution in BEC Cash Out Methods?

Historically, business email compromise (BEC) threat actors have used wire transfers as a means to…

Agari Blog Image

April 18, 2019 Ronnie Tokazowski

Do You Know Where Your W-2 Is? Probably Where You Left It

It’s like clockwork. Every year around tax time security vendors (even us!) push out warnings…

Agari Blog Image

April 4, 2019 Crane Hassold

Evolving Tactics: London Blue Starts Spoofing Target Domains

In December, the Agari Cyber Intelligence Division (ACID) published a report on a business email…

mobile image