Agari Q3 TrustIndex Report: Financial and Health Care Sectors Most at Risk for Email-Based Cyberattacks

Leveraging Big Data Analytics and Deep Threat Intelligence, Agari Analyzes Over 1 Trillion Email Messages Across Sectors to Learn Where the World's Most Dangerous Email Messages Originate


SAN MATEO, CA--(Marketwired - Nov 13, 2013) - Agari, the leading provider of a data-driven security solution that makes email safe again, today released its third quarter edition of the Agari Email TrustIndex -- the industry's first email security "credit score." Leveraging data from the over one trillion email messages Agari has analyzed, the Q3 TrustIndex covering the period from July through September 2013 illustrates which sectors and companies have the highest and lowest risk for dangerous emails and which sectors and companies are taking action to stop cybercriminals for good. Email remains the number one vector cybercriminals use to launch attacks to enable stealing personal and financial information from consumers and businesses alike.

Businesses more astute with email security, but threats still on the rise

This quarter, Agari expanded its analysis, which includes financial services, online gaming, logistics, social media, travel, e-commerce, and health care -- the newest sector added to the index. The company found that the financial sector has the highest ThreatScore indicating it remains the most susceptible to email attacks and cyber-fraud, followed by health care. Social media remained the most trustworthy, with the highest TrustScore out of all sectors analyzed. Though each sector achieved higher TrustScores compared to previous quarters, phishing scams remain the most effective way for cybercriminals to launch aggressive attacks and exploits. In fact, Agari notes that 95 percent of all data breaches stem from phishing emails. Despite these risks, a recent survey by Ernst & Young found that nearly all companies who participated admitted they are unprepared for a cyberattack, proving the need for effective security solutions that eliminate email threats, protect customers, and proactively guard brand reputations are greater than ever. 

Notable highlights from the Agari TrustIndex Report:

  • Financial services remained the top sector abused by attackers. Consumers remain seven times more likely to become victim to a cyberattack from their bank versus any other industry sector. One out of every eight spam messages tracked appeared to initiate from a financial services firm.
  • Health care is the newest sector to be included in the TrustIndex and was rated as one of the poorest sectors in terms of email security. At least one of every 10 messages from these health care domains is spoofed.
  • Logistics showed a surge in risky message traffic, with a 62 percent spike in risk. Cybercriminals remain focused on large players in this segment -- the companies that send the largest volume of email such as FedEx and UPS remain obvious targets.
  • Social media retained the highest score in terms of email trust in Q3, remaining the most aggressive segment in terms of multiple companies adopting the highest level of security and a great example of how concerted effort in an industry segment can pay dividends in terms of encouraging cybercriminals to look elsewhere for opportunity.
  • Travel continues to be a sector where consumers should be wary, specifically when it comes to airlines. Airlines remain the second worst when it comes to email trust.
  • E-commerce remains one of the most trustworthy sectors in terms of email security, with a 14 percent growth in its TrustScore. There is a difference when comparing "bricks and mortar" and online-only brands. Four of the top five riskiest companies analyzed are "bricks and mortar" with a digital play.
  • Online gaming posted a double-digit decline in trustworthiness in Q3, falling to 34 percent. With ongoing subscriptions, occasional purchases of upgraded tools, and an (often) young user community, there are many ways for counterfeit emailers to succeed. 

"Most attacks don't happen because some cybercriminal used complicated methods to gain entry into a network. Most attacks occur because someone made a mistake. With phishing emails, it just takes one person to unwittingly open an attachment or click on a malicious link, and from there, cybercriminals are able to get a foothold," said Patrick Peterson, founder and CEO of Agari. "Our goal for the TrustIndex is to incite industries across all sectors to take a stand when it comes to email security, not just because they owe the highest level of protection to their customers, but because it makes smart business sense." 

The latest copy of the Agari Email TrustIndex is available for download here.

RELATED LINKS AND CONVERSATIONS

About the Agari TrustIndex

The Agari TrustIndex contains ratings developed by Agari that reflects how fully organizations have deployed three standards (SPF, DKIM, and DMARC) across their primary active domains. While all three standards are deployed "behind the scenes" and are not directly visible to consumers in most cases, by looking at TrustIndex scores you can get a simple, easy to understand rating of how well any given organization is protecting their customers from receiving malicious email under the guise of the organization's brand and domain name. It's important to note that the Agari TrustScore reflects that level of security deployed by the organization, and is not directly related to the ThreatScore, which is an indicator of how high a level of attack is directed at an organization. A company could have a very high TrustIndex score and still have a high ThreatScore as well, as even though they've deployed effective security the bad guys are still trying to break in. 

About Agari
Agari collects terabytes of email data from sources across the Internet to provide global brands and security professionals with a cloud-based SaaS solution that eliminates email threats, protects customers and their personal data, and proactively guards brand reputation. Today, Agari protects more than 80 percent of US consumer email inboxes, has analyzed over a trillion emails and blocked over a billion malicious emails for leading brands. Founded by the thought leaders behind Cisco's IronPort solutions, Agari is headquartered in Silicon Valley and is backed by Alloy Ventures, Battery Ventures, First Round Capital, and Greylock Partners. Additional information is available at http://www.agari.com.

Contact Information:

Contact:
Eastwick
Sharon Tully
415.820.4487
agari@eastwick.com