Click here to close now.


Agile Computing Authors: Yeshim Deniz, Pat Romanski, SmartBear Blog, Elizabeth White, Liz McMillan

News Feed Item

Agari Q2 Email TrustIndex Shows Brands Remain Under Persistent Email Cyberattack; Banks Are 15 Times More Likely to Be Spoofed Than Other Industries

Agari, the leading provider of real-time, data-driven security solutions that detect and prevent advanced email cyberthreats, today released its 2014 Q2 edition of the Email TrustIndex.

The Q2 Email TrustIndex covers the period from April through June 2014 and provides email “threat” ratings, or the volume of cyberthreats targeted towards any given company’s consumers via email, and email “trust” ratings, or how well companies are protecting consumers from email cyberthreats. To compile the Index, Agari analyzes 6.5 billion emails per day across 11 industries to identify which companies are being targeted and which companies are taking action to prevent attacks from reaching consumers.

The Travel sector saw threat volume increase by 800% in Q2, signifying a major target for hackers. Mega Banks were found to have the highest ThreatScore in Q2, where consumers are 15 times more likely to receive a malicious email pretending to be from a major bank than they are from an airline. Health Care is still in critical condition with the lowest TrustScore of all industries. Out of the 14 health care companies analyzed, 13 classified as "easy targets" for cybercriminals.

“Quarter after quarter we are witnessing industries struggle with email security. We see countless high-profile breaches in the news where email is a stepping stone in the attack or is leveraged post-attack to steal credentials, begging the question, ‘Why are these industries not protecting themselves and their customers?’” said Patrick Peterson, Founder and CEO of Agari. “We issue these quarterly reports to encourage people to take email security more seriously. For a long time, brands couldn’t do anything to stop brand hijacking, but now they can deploy DMARC to stop brand abuse through email and protect their consumers.”

Email is the Weakest Link

The disparity in email security between the best- and the worst-performing industries is significant: of the industries surveyed, three-quarters have yet to completely implement DMARC (Domain-based Message Authentication, Reporting, & Conformance), an open standard enabled on 70% of the world’s inboxes. DMARC is the only security solution that enables Internet-scale email protection and prevents fraudulent brand abuse for email-borne cyberattacks. Social companies have a 64% DMARC implementation rate – five times what has occurred among airlines.

Despite the importance, ubiquity and staying power of email, there are still flaws. According to the Identity Theft Resource Center, as of July there have been 395 data breaches in the U.S. alone; a 21 percent increase from the same time in 2013. In Q2 2014, Agari witnessed a rise in the number and threat-level of malicious email attacks from many of the security incidents making headlines. Cryptolocker, GameOver Zeus and the recent hacking of 1 billion passwords by a Russian gang all involve security gaps from email.

Additional Key Findings in Q2:

  • Financial Services was broken down into Payments, Mega Banks (US and Europe), and Large Banks in Q2.
    • Large Banks are the least trustworthy financial institution. Every large bank evaluated was classified as an “easy target.”
  • E-tailers are excelling in email security, with online-only pioneers, such as Netflix and Newegg, leading the pack, whereas the majority of retailers are lagging in implementing best practices.
  • Social Media sites are "security rockstars" with Facebook, Google+, LinkedIn and Twitter having near-perfect TrustScores.

About the Agari TrustIndex

The Agari TrustIndex contains ratings developed by Agari that reflects how fully organizations have deployed three standards (SPF, DKIM, and DMARC) across their primary active domains. While all three standards are deployed "behind the scenes" and are not directly visible to consumers in most cases, by looking at TrustIndex scores you can get a simple, easy to understand rating of how well any given organization is protecting their customers from receiving malicious email under the guise of the organization's brand and domain name. It's important to note that the Agari TrustScore reflects that level of security deployed by the organization, and is not directly related to the ThreatScore, which is an indicator of how high a level of attack is directed at an organization. A company could have a very high TrustIndex score and still have a high ThreatScore as well, as even though they've deployed effective security the bad guys are still trying to break in.

The latest copy of the Agari Email TrustIndex is available for download here.


About Agari

Agari builds new, Internet scale, data driven security solutions that eliminate email as a channel for cyberattacks and enable businesses and consumers to interact safely. The Agari cloud-based SaaS solution aggregates data from 2.5 billion mailboxes to help global brands eliminate email threats, protect customers and their personal data, and proactively guard brand reputation. Today, Agari analyzes over 6 billion messages per day, identifies over 2 million malicious URLs per month, and blocks over 200 million malicious emails per month. Founded by the thought leaders behind Cisco’s IronPort solutions, Agari, a recipient of the JPMorgan Chase Hall of Innovation Award and recognized as a Gartner Cool Vendor in Security, is headquartered in Silicon Valley. Learn more at

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
NHK, Japan Broadcasting will feature upcoming @ThingsExpo Silicon Valley in a special IoT documentary which will be filmed on the expo floor November 3 to 5, 2015 in Santa Clara. NHK is the sole public TV network in Japan equivalent to BBC in UK and the largest in Asia with many award winning science and technology programs. Japanese TV is producing a documentary about IoT and Smart technology covering @ThingsExpo Silicon Valley. The program will be aired during the highest viewership season of the year that it will have a high impact in the industry through this documentary in Japan. The film...
Apps and devices shouldn't stop working when there's limited or no network connectivity. Learn how to bring data stored in a cloud database to the edge of the network (and back again) whenever an Internet connection is available. In his session at 17th Cloud Expo, Bradley Holt, Developer Advocate at IBM Cloud Data Services, will demonstrate techniques for replicating cloud databases with devices in order to build offline-first mobile or Internet of Things (IoT) apps that can provide a better, faster user experience, both offline and online. The focus of this talk will be on IBM Cloudant, Apa...
WebRTC is about the data channel as much as about video and audio conferencing. However, basically all commercial WebRTC applications have been built with a focus on audio and video. The handling of “data” has been limited to text chat and file download – all other data sharing seems to end with screensharing. What is holding back a more intensive use of peer-to-peer data? In her session at @ThingsExpo, Dr Silvia Pfeiffer, WebRTC Applications Team Lead at National ICT Australia, will look at different existing uses of peer-to-peer data sharing and how it can become useful in a live session to...
SYS-CON Events announced today that Luxoft Holding, Inc., a leading provider of software development services and innovative IT solutions, has been named “Bronze Sponsor” of SYS-CON's @ThingsExpo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Luxoft’s software development services consist of core and mission-critical custom software development and support, product engineering and testing, and technology consulting.
The enterprise is being consumerized, and the consumer is being enterprised. Moore's Law does not matter anymore, the future belongs to business virtualization powered by invisible service architecture, powered by hyperscale and hyperconvergence, and facilitated by vertical streaming and horizontal scaling and consolidation. Both buyers and sellers want instant results, and from paperwork to paperless to mindless is the ultimate goal for any seamless transaction. The sweetest sweet spot in innovation is automation. The most painful pain point for any business is the mismatch between supplies a...
As a company adopts a DevOps approach to software development, what are key things that both the Dev and Ops side of the business must keep in mind to ensure effective continuous delivery? In his session at DevOps Summit, Mark Hydar, Head of DevOps, Ericsson TV Platforms, will share best practices and provide helpful tips for Ops teams to adopt an open line of communication with the development side of the house to ensure success between the two sides.
There are so many tools and techniques for data analytics that even for a data scientist the choices, possible systems, and even the types of data can be daunting. In his session at @ThingsExpo, Chris Harrold, Global CTO for Big Data Solutions for EMC Corporation, will show how to perform a simple, but meaningful analysis of social sentiment data using freely available tools that take only minutes to download and install. Participants will get the download information, scripts, and complete end-to-end walkthrough of the analysis from start to finish. Participants will also be given the pract...
As more and more data is generated from a variety of connected devices, the need to get insights from this data and predict future behavior and trends is increasingly essential for businesses. Real-time stream processing is needed in a variety of different industries such as Manufacturing, Oil and Gas, Automobile, Finance, Online Retail, Smart Grids, and Healthcare. Azure Stream Analytics is a fully managed distributed stream computation service that provides low latency, scalable processing of streaming data in the cloud with an enterprise grade SLA. It features built-in integration with Azur...
WebRTC: together these advances have created a perfect storm of technologies that are disrupting and transforming classic communications models and ecosystems. In his session at WebRTC Summit, Cary Bran, VP of Innovation and New Ventures at Plantronics and PLT Labs, will provide an overview of this technological shift, including associated business and consumer communications impacts, and opportunities it may enable, complement or entirely transform.
WebRTC services have already permeated corporate communications in the form of videoconferencing solutions. However, WebRTC has the potential of going beyond and catalyzing a new class of services providing more than calls with capabilities such as mass-scale real-time media broadcasting, enriched and augmented video, person-to-machine and machine-to-machine communications. In his session at @ThingsExpo, Luis Lopez, CEO of Kurento, will introduce the technologies required for implementing these ideas and some early experiments performed in the Kurento open source software community in areas ...
Who are you? How do you introduce yourself? Do you use a name, or do you greet a friend by the last four digits of his social security number? Assuming you don’t, why are we content to associate our identity with 10 random digits assigned by our phone company? Identity is an issue that affects everyone, but as individuals we don’t spend a lot of time thinking about it. In his session at @ThingsExpo, Ben Klang, Founder & President of Mojo Lingo, will discuss the impact of technology on identity. Should we federate, or not? How should identity be secured? Who owns the identity? How is identity ...
Developing software for the Internet of Things (IoT) comes with its own set of challenges. Security, privacy, and unified standards are a few key issues. In addition, each IoT product is comprised of at least three separate application components: the software embedded in the device, the backend big-data service, and the mobile application for the end user's controls. Each component is developed by a different team, using different technologies and practices, and deployed to a different stack/target - this makes the integration of these separate pipelines and the coordination of software upd...
WebRTC has had a real tough three or four years, and so have those working with it. Only a few short years ago, the development world were excited about WebRTC and proclaiming how awesome it was. You might have played with the technology a couple of years ago, only to find the extra infrastructure requirements were painful to implement and poorly documented. This probably left a bitter taste in your mouth, especially when things went wrong.
WebRTC converts the entire network into a ubiquitous communications cloud thereby connecting anytime, anywhere through any point. In his session at WebRTC Summit,, Mark Castleman, EIR at Bell Labs and Head of Future X Labs, will discuss how the transformational nature of communications is achieved through the democratizing force of WebRTC. WebRTC is doing for voice what HTML did for web content.
The broad selection of hardware, the rapid evolution of operating systems and the time-to-market for mobile apps has been so rapid that new challenges for developers and engineers arise every day. Security, testing, hosting, and other metrics have to be considered through the process. In his session at Big Data Expo, Walter Maguire, Chief Field Technologist, HP Big Data Group, at Hewlett-Packard, will discuss the challenges faced by developers and a composite Big Data applications builder, focusing on how to help solve the problems that developers are continuously battling.
Nowadays, a large number of sensors and devices are connected to the network. Leading-edge IoT technologies integrate various types of sensor data to create a new value for several business decision scenarios. The transparent cloud is a model of a new IoT emergence service platform. Many service providers store and access various types of sensor data in order to create and find out new business values by integrating such data.
SYS-CON Events announced today that IBM Cloud Data Services has been named “Bronze Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. IBM Cloud Data Services offers a portfolio of integrated, best-of-breed cloud data services for developers focused on mobile computing and analytics use cases.
In his session at @ThingsExpo, Tony Shan, Chief Architect at CTS, will explore the synergy of Big Data and IoT. First he will take a closer look at the Internet of Things and Big Data individually, in terms of what, which, why, where, when, who, how and how much. Then he will explore the relationship between IoT and Big Data. Specifically, he will drill down to how the 4Vs aspects intersect with IoT: Volume, Variety, Velocity and Value. In turn, Tony will analyze how the key components of IoT influence Big Data: Device, Connectivity, Context, and Intelligence. He will dive deep to the matrix...
When it comes to IoT in the enterprise, namely the commercial building and hospitality markets, a benefit not getting the attention it deserves is energy efficiency, and IoT’s direct impact on a cleaner, greener environment when installed in smart buildings. Until now clean technology was offered piecemeal and led with point solutions that require significant systems integration to orchestrate and deploy. There didn't exist a 'top down' approach that can manage and monitor the way a Smart Building actually breathes - immediately flagging overheating in a closet or over cooling in unoccupied ho...
SYS-CON Events announced today that Cloud Raxak has been named “Media & Session Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Raxak Protect automates security compliance across private and public clouds. Using the SaaS tool or managed service, developers can deploy cloud apps quickly, cost-effectively, and without error.