Email Security Blog

Understanding Email Identity

Agari October 12, 2016 Email Security
Fallback Featured Image

One of the things that often stumps even the most security conscious companies is knowing all the third-party email service providers they are working with. It is extremely difficult, if not impossible for these organizations to protect their customers from phishing attacks if they don’t even know who is sending legitimate email on their behalf. And this gets even more challenging when you consider the fact that the email identity of a business is constantly evolving, driven by the addition of new cloud-based email services, the acquisition of new companies or the set-up of unauthorized email servers by shadow IT.

Agari Email Cloud Identity solves this problem – and stops phishing – by helping companies to automatically identify, monitor and manage the 5 billion emails sent every month on their behalf by third-party email senders. These senders can be external entities, such as, Marketo or Epsilon, as well as internal resources, such as a department or business unit. The typical Agari customer, which includes 6 of the top 10 banks and 5 of the leading social media platforms, send 64% of their email via these cloud-based email service providers. Understanding exactly who these email senders are is essential to their ability to protect their brand and their customers.


Use Cases
Many organizations aren’t typically aware of how many cloud-based email services are sending messages on their behalf. The employee survey that was just sent out? There’s a good chance the HR team used a third-party survey solution like MailChimp. That newsletter your customers receive every month? There’s a good chance the Marketing team used a third-party marketing automation solution like Marketo. And it’s not just unknown external senders. Every time an organization acquires a new company, they have to integrate and secure a full range of new domains.

One very large, well-known Financial Services company we work with thought they had a clear understanding of who was sending email on their behalf. They believed there were 200 approved domains on 3,900 approved servers, being used to send 1.2 billion legitimate emails per month. Imagine their surprise when, after deploying the Agari platform, they learned there were actually more than 1.25 million malicious URLs on 1.3 million servers that were spoofing their domains – and this infrastructure was being used to send millions of malicious emails every month!

Our Approach
Today, most security solutions view the identity of an email sender as noise. This means they are unable to tell the difference between emails sent from legitimate senders and malicious emails sent by cyber criminals. We take a different approach with the Agari Email Trust Platform. Instead, we detect the unique behavior of legitimate senders to build their email identities, based on our insight into 10 billion emails per day. Agari Email Cloud Identity leverages this insight to simplify the process of email governance, automatically discovering trusted third-party senders, identifying unauthorized internal email senders and continuously monitoring data about an organization’s email identity.

If you’re interested in learning more about Agari Email Cloud Identity, don’t miss our upcoming webinar: Stop Phishing Attacks by Gaining Visibility into 3rd Party Senders

Leave a Reply

Your email will not be published. All fields are required.

Agari Blog Image

December 15, 2020 Armen Najarian

What is Email Spoofing & How to Stop Attackers From Posing as You

What is email spoofing, how does it work, and why is it so dangerous to…

Agari Blog Image

May 12, 2020 Chuck Holland

Hosted DMARC: Accelerating Protection Against Email-based Brand Jacking Scams

The coronavirus pandemic is shining a spotlight on the importance of hosted Domain-based Message Authentication,…

Agari Blog Image

March 17, 2020 Armen Najarian

Phishing & Business Email Compromise (BEC): How Law Firms Can Protect Against Email Scams

The legal sector is learning some painful lessons about the growing threat phishing and business…

Agari Blog Image

December 17, 2019 Armen Najarian

Email Security Predictions 2020

Spoiler alert: When it comes to email security and the fight against business email compromise…

Agari Blog Image

November 19, 2019 Suela Vahdat

BEC Attacks on the Rise in Europe: 2019 Email Threat Survey

Business email compromise (BEC) scams, phishing campaigns, and other targeted email attacks happen all over…

mobile image