Email Security Blog

New TrustIndex Shows Brands Remain Under Persistent Email Cyberattack

Agari August 20, 2014 Cybercrime
Fallback Featured Image

What do the Target breach, Heartbleed and Cryptolocker have in common? They all experienced fallout from the weakest link in the cybersecurity fence – email.

Today we released our 2014 Q2 edition of the Email TrustIndex, which identifies 147 companies across 11 industries to determine who has the highest and lowest risk for email brand attacks, and ranks the companies and industries to show who is taking action to stop cybercriminals from reaching consumers. Check out some of our key findings below. You can download the complete Q2 TrustIndex here to compare the the worst offenders with those who reach security rockstar status.

Q2 TrustIndex Findings – Why Brands Should Care

Industry Disparity in Email Security

Despite growing knowledge of email security weakness, some industries still haven’t fully confronted the challenge. Of the industries we surveyed for this report, three quarters have yet to completely implement DMARC security controls, which is the only email practice that prevents criminals from brand hijacking through email.

Travel Industry – Under Siege

One recent Cryptolocker attack involved mail that purported to be from a widely-used travel reservation site. The episode highlights an unfortunate fact of life about the travel business: It remains one of the most attacked in our survey. In the second quarter, in fact, its threat score shot up nearly 800 percent, far and away the biggest jump in the survey. Travel is a natural for the “social engineering” that occurs with all email attacks to motivate consumers to click based on their typical experience.

Travel Industry TrustIndex Findings

Banks Are a Criminal Target

You are 15 times more likely to receive a malicious email pretending to be from a major bank than you are from an airline or any other industry surveyed. So while Financial Services is average in adopting email security best practices, the TrustIndex reveals that only 43% have adopted DMARC and they remain a target until more of the industry gets on board.

Companies Taking Action

An 8% increase in the industry-wide TrustScore is good news – companies are taking action to protect their consumers from cyberattack and also are adding to the collective good. As specific industries strengthen their defenses, we see criminals move on to other industries that are easier targets.

Who Should Use DMARC to Prevent Email Cyberattacks?

Everyone. No matter how large or small your company is, no matter how much email your company sends, you could become the victim of domain spoofing and risk your business and others. The TrustIndex can help assess your risk and then leverage the work that Agari, Google, Yahoo!, Microsoft, AOL and others have done to provide you with the visibility that DMARC offers to protect your brand and make the internet a safer place for everyone.

Leave a Reply

Your email will not be published. All fields are required.

February 14, 2019 Crane Hassold

Scarlet Widow Breaks Hearts and Empties Wallets via Romance Scam Operations

February 5, 2019 Ronnie Tokazowski

BEC Actors Exploiting Gmail “Dot Accounts” for Fun and Profit

December 6, 2018 Crane Hassold

How an Elite Counterintelligence Team Investigates BEC Scams Worldwide

November 28, 2018 Crane Hassold

Why Just Play Defense Against Cybercriminals When You Can Do So Much More?

February 22, 2018 John Wilson

Email Phishing Scam Continues to Target College Students

mobile image