Email Security Blog

Understanding Email Identity

Agari October 12, 2016 Email Security
Fallback Featured Image

One of the things that often stumps even the most security conscious companies is knowing all the third-party email service providers they are working with. It is extremely difficult, if not impossible for these organizations to protect their customers from phishing attacks if they don’t even know who is sending legitimate email on their behalf. And this gets even more challenging when you consider the fact that the email identity of a business is constantly evolving, driven by the addition of new cloud-based email services, the acquisition of new companies or the set-up of unauthorized email servers by shadow IT.

Agari Email Cloud Identity solves this problem – and stops phishing – by helping companies to automatically identify, monitor and manage the 5 billion emails sent every month on their behalf by third-party email senders. These senders can be external entities, such as, Marketo or Epsilon, as well as internal resources, such as a department or business unit. The typical Agari customer, which includes 6 of the top 10 banks and 5 of the leading social media platforms, send 64% of their email via these cloud-based email service providers. Understanding exactly who these email senders are is essential to their ability to protect their brand and their customers.


Use Cases
Many organizations aren’t typically aware of how many cloud-based email services are sending messages on their behalf. The employee survey that was just sent out? There’s a good chance the HR team used a third-party survey solution like MailChimp. That newsletter your customers receive every month? There’s a good chance the Marketing team used a third-party marketing automation solution like Marketo. And it’s not just unknown external senders. Every time an organization acquires a new company, they have to integrate and secure a full range of new domains.

One very large, well-known Financial Services company we work with thought they had a clear understanding of who was sending email on their behalf. They believed there were 200 approved domains on 3,900 approved servers, being used to send 1.2 billion legitimate emails per month. Imagine their surprise when, after deploying the Agari platform, they learned there were actually more than 1.25 million malicious URLs on 1.3 million servers that were spoofing their domains – and this infrastructure was being used to send millions of malicious emails every month!

Our Approach
Today, most security solutions view the identity of an email sender as noise. This means they are unable to tell the difference between emails sent from legitimate senders and malicious emails sent by cyber criminals. We take a different approach with the Agari Email Trust Platform. Instead, we detect the unique behavior of legitimate senders to build their email identities, based on our insight into 10 billion emails per day. Agari Email Cloud Identity leverages this insight to simplify the process of email governance, automatically discovering trusted third-party senders, identifying unauthorized internal email senders and continuously monitoring data about an organization’s email identity.

If you’re interested in learning more about Agari Email Cloud Identity, don’t miss our upcoming webinar: Stop Phishing Attacks by Gaining Visibility into 3rd Party Senders

Leave a Reply

Your email will not be published. All fields are required.

Agari Blog Image

August 27, 2019 Taylor La

Expanding Email Security One Post at a Time — Experiences of a Digital Marketing Intern

Agari is more than an email security company that detects cyberattacks. It is a community…

Agari Blog Image

August 20, 2019 Armen Najarian

Brand Impersonation and Look-alike Domains: How Cybercriminals are Hurting Tech Brands

Here’s some earned media you don’t want for your brand—headlines announcing that your customers are…

Agari Blog Image

August 15, 2019 Paul Lorence

Building a Career at Agari: One Designer’s Experience

Being a user experience (UX) designer and managing design teams is a rewarding job. I…

Agari Blog Image

August 1, 2019 John Wilson

Email @ttack: Why Identity Deception is Your #1 Threat

Want to know how email became the number one attack vector for cybercriminals? Look no…

Agari Blog Image

July 31, 2019 Armen Najarian

2020 Presidential Candidates Remain Vulnerable to Email Fraud Despite Increased Warnings

Only three months ago, the Agari team published our first in-depth analysis on how the…

mobile image