Email Security Blog

Understanding Email Identity

Agari October 12, 2016 Email Security
Fallback Featured Image

One of the things that often stumps even the most security conscious companies is knowing all the third-party email service providers they are working with. It is extremely difficult, if not impossible for these organizations to protect their customers from phishing attacks if they don’t even know who is sending legitimate email on their behalf. And this gets even more challenging when you consider the fact that the email identity of a business is constantly evolving, driven by the addition of new cloud-based email services, the acquisition of new companies or the set-up of unauthorized email servers by shadow IT.

Agari Email Cloud Identity solves this problem – and stops phishing – by helping companies to automatically identify, monitor and manage the 5 billion emails sent every month on their behalf by third-party email senders. These senders can be external entities, such as Salesforce.com, Marketo or Epsilon, as well as internal resources, such as a department or business unit. The typical Agari customer, which includes 6 of the top 10 banks and 5 of the leading social media platforms, send 64% of their email via these cloud-based email service providers. Understanding exactly who these email senders are is essential to their ability to protect their brand and their customers.

eci

Use Cases
Many organizations aren’t typically aware of how many cloud-based email services are sending messages on their behalf. The employee survey that was just sent out? There’s a good chance the HR team used a third-party survey solution like MailChimp. That newsletter your customers receive every month? There’s a good chance the Marketing team used a third-party marketing automation solution like Marketo. And it’s not just unknown external senders. Every time an organization acquires a new company, they have to integrate and secure a full range of new domains.

One very large, well-known Financial Services company we work with thought they had a clear understanding of who was sending email on their behalf. They believed there were 200 approved domains on 3,900 approved servers, being used to send 1.2 billion legitimate emails per month. Imagine their surprise when, after deploying the Agari platform, they learned there were actually more than 1.25 million malicious URLs on 1.3 million servers that were spoofing their domains – and this infrastructure was being used to send millions of malicious emails every month!

Our Approach
Today, most security solutions view the identity of an email sender as noise. This means they are unable to tell the difference between emails sent from legitimate senders and malicious emails sent by cyber criminals. We take a different approach with the Agari Email Trust Platform. Instead, we detect the unique behavior of legitimate senders to build their email identities, based on our insight into 10 billion emails per day. Agari Email Cloud Identity leverages this insight to simplify the process of email governance, automatically discovering trusted third-party senders, identifying unauthorized internal email senders and continuously monitoring data about an organization’s email identity.

If you’re interested in learning more about Agari Email Cloud Identity, don’t miss our upcoming webinar: Stop Phishing Attacks by Gaining Visibility into 3rd Party Senders

Leave a Reply

Your email will not be published. All fields are required.

Agari Blog Image

April 11, 2019 Raymond Lim

Beware of Phishing Attacks as Tax Day Looms Closer

The April 15th deadline to file taxes in the United States is almost here, which…

Agari Blog Image

March 13, 2019 Ernest Yuen

W-2 Scams Likely to Continue as Driver for Phishing Attacks in 2019

With the 2019 tax season reaching full throttle, a volatile mix of conditions could fuel…

Agari Blog Image

March 6, 2019 Mandeep Khera

Winning with Channel Partners: How Agari Continues to See Success

Channel partners have become a strategic extension for technology businesses all over the world.  Within…

Advanced Threat Capture Rate

February 7, 2019 Paul Chavez

Why You Should Care About an Advanced Threat Catch Rate

Artificial intelligence (AI), machine learning, and deep learning analysis have become common buzzwords synonymous with…

Brand Design is New Demand Generation

February 4, 2019 Armen Najarian

Brand Marketing is the New Demand Generation

First, An Apology Sorry, demand generation professionals.  We still love you and your jobs aren’t…

mobile image