In 16 Industries, Including Retail and Telecommunications, No Fortune 500 Companies Block Phishing
SAN MATEO, Calif. – August 23, 2017 – Agari, a leading cybersecurity company, today announced the publication of “Agari Global DMARC Adoption Report: Open Season for Phishers,” a research report examining the growing threat of phishing amid slow adoption of an email authentication standard called Domain-based Message Authentication, Report & Conformance (DMARC). The research finds that 92 percent of U.S. Fortune 500 companies have left their customers, partners and brand names vulnerable to domain name spoofing, one of the most common digital deception attack vectors.
“It is unconscionable that only eight percent of the Fortune 500, and even fewer government organizations, are protecting the public against domain name spoofing,” said Patrick Peterson, founder and executive chairman, Agari. “Phishing and other forms of digital deception are preventable, and the first step is for our largest companies and organizations to deploy DMARC, a highly-effective open standard.”
DMARC emerged in 2007 from a pilot program between PayPal and Yahoo! to eliminate phishing emails. As a founding member of DMARC, Agari has worked with the largest email account hosts (AOL, Comcast, Google, Microsoft and Yahoo!) to protect the receipt of email since January 2012. DMARC virtually eliminates domain name spoofing and its associated attacks including phishing when DMARC policies are set to quarantine or reject unauthenticated email.
Agari analyzed the DMARC policies of the corporate domains of the Fortune 500, FTSE 100 and ASX 100 using the Agari DMARC Lookup Tool. Key findings from “Agari Global DMARC Adoption Report: Open Season for Phishers” include:
- Corporations are Failing to Rapidly Adopt DMARC – Only 39 (eight percent) of the companies in the Fortune 500 are enforcing DMARC with a quarantine or reject policy. An additional 124 (24 percent) have adopted a minimal DMARC policy that monitors, but does not prevent domain name spoofing, while 337 companies (67 percent) have not adopted DMARC at all. DMARC adoption rates are similarly weak among companies in the United Kingdom’s FTSE and Australia’s ASX 100.
- DMARC Dramatically Decreases Digital Deception – Agari demonstrates how DMARC prevented delivery of more than 100 million fraudulent email messages in 24 hours.
- Early Adopters Have Realized the Benefits of DMARC – Within the Fortune 500, only the business services, financial, technical and transportation sectors have a majority DMARC adoption rate. Generally, these are the sectors that have seen digital deception compromise email, credit cards and bank accounts, among other valuable accounts. The financial sector, in particular, has taken a proactive approach to protecting itself from these types of attacks, with organizations including Financial Services Information Sharing and Analysis Center (FS-ISAC) and BITS, the technology policy division of the Financial Services Roundtable (FSR).
“DMARC is an essential tool that helps prevent spam, phishing and data loss,” said Shehzad Mirza, Director of Operations of Global Cyber Alliance. “GCA urges organizations of all sizes to embrace this technology standard to eliminate direct domain spoofing.”
Download the full report: “Agari Global DMARC Adoption Report: Open Season for Phishers” .
Agari, a leading cybersecurity company, is trusted by leading Fortune 1000 companies to protect their enterprise, partners and customers from advanced email phishing attacks. The Agari Email Trust Platform is the industry’s only solution that ‘understands’ the true sender of emails, leveraging the company’s proprietary, global email telemetry network and patent-pending, predictive Agari Trust Analytics to identify and stop phishing attacks. The platform powers Agari Enterprise Protect, which help organizations protect themselves from advanced spear phishing attacks, and Agari Customer Protect, which protects consumers from email attacks that spoof enterprise brands. Agari, a recipient of the JPMorgan Chase Hall of Innovation Award and recognized as a Gartner Cool Vendor in Security, is backed by Alloy Ventures, Battery Ventures, First Round Capital, Greylock Partners, Norwest Venture Partners and Scale Venture Partners. Learn more at https://www.agari.com and follow us on Twitter @AgariInc.
# # #