FOSTER CITY, Calif. and LONDON (Aug. 5, 2020)Agari, the market share leader in phishing defense solutions for the enterprise, announced today insights from its latest Email Fraud and Identity Deception Trends report. Highlights from the H2 2020 report reveal:

  • A 90x increase in malicious emails are detected by a Security Operations Center (SOC) that uses automated phishing response tools, driving cost- and time-saving efficiencies.
  • 9 in 10 of ASX 100 companies leave the front-door open for scammers to send emails from their brand, oftentimes asking customers for money.
  • 80% of FTSE 100 companies are vulnerable to outbound brand impersonation attacks by email scammers.
  • 70% of business email compromise (BEC) attacks are sent from free webmail accounts, up from 54% in December, 2019; attackers put a premium on speed and flexibility with the use of these temporary, disposable accounts.

“CISOs continue to share with us that today’s operating environment is the most dangerous and dynamic to date — and not just because of the effects of COVID-19,” said Armen L. Najarian, Chief Identity Officer, Agari. “Newer email-based attacks evade traditional controls and employees are still falling victim to these attacks despite the heightened attention on phishing.”

Findings of the H2 trends report shows that anxious employees armed with tools to report suspect emails pummeled Security Operations Centers (SOCs) with more incidents to analyze, triage, and remediate than SOC analysts could manage. This chronic challenge was further aggravated by a 67 percent false-positive rate, meaning analysts are spending more time on triaging good emails and less time remediating the truly malicious emails that could bring a company to its knees.

While email fraudsters are upping their game, enterprises globally seem to be operating in the status quo. Most large enterprises have a blind spot and don’t know who is really sending emails on their behalf. As a case in point, only 20 percent of Fortune 500 companies have DMARC email authentication in place, which is a basic security control that prevents scammers from disguising themselves as a company and sending emails to that company’s customers. The operational and reputational risk is real. For example, prior to implementing DMARC, scammers spoofed a Fortune 100 company brand and sent emails to 40,000 of its customers asking for money.

COVID-themed BEC attack volume trailed off at the end of June, after reaching a crescendo in early June And cash-out methods shifted during this timeframe, too. Even though gift cards continue to be the preferred form of payment in BEC attacks, the average amount requested decreased to US$1,348. While wire transfer amounts reached their highest with the maximum hitting nearly US$1.6M. On the good news front, a decrease in the number of payroll diversion attacks occurred dropping to 13 percent compared to 25 percent in Q4 2019.

“The average amount BEC phishing scammers request is US$66K, and this potential fraud loss can no longer be considered a cost of doing business,” said Najarian. “Information security organizations are engaged in a high-stakes game of cat and mouse with fraudsters. What’s true and proven, though, is that when CISOs take a risk-based approach to email security, leveraging science and automation, they can keep pace with the bad guys, preventing phishing attacks and the costly downstream effects of data loss and customer distrust.”

Additional Resources:

About Agari
Agari is the market share leader in phishing defense solutions for the enterprise. Through applied science, the Agari Identity Graph™ delivers valuable business context to every email risk decision. Agari ensures outbound email from the enterprise cannot be spoofed, increasing deliverability and preserving brand integrity. It also protects the workforce from devastating inbound BEC, VEC, spearphishing, and account takeover-based attacks, reducing business risk and restoring trust to the inbox. Learn more at

About Agari Cyber Intelligence Division
The Agari Cyber Intelligence Division (ACID) is the only counterintelligence research group dedicated to worldwide business email compromise (BEC) investigation. Led by a former FBI intelligence analyst who helped set up the Bureau’s Cyber Behavioral Analysis Center, ACID has conducted more than 8,000 active defense engagements with BEC threat actors since May 2019. ACID works closely with law enforcement and other trusted partners to make it more difficult than ever before for cybercriminals to be successful and abate cybercrime activity. Learn more at

Media Contact
Jean Creech Avent
Sr. Director, Global Corporate Communications
+1 843-986-8229