Agari Q3 TrustIndex Report: Financial and Health Care Sectors Most at Risk for Email-Based Cyberattacks
San Mateo, Calif. - Nov. 13, 2013 - Agari, the leading provider of a data-driven security solution that makes email safe again, today released its third quarter edition of the Agari Email TrustIndex – the industry’s first email security “credit score.” Leveraging data from the over one trillion email messages Agari has analyzed, the Q3 TrustIndex covering the period from July through September 2013 illustrates which sectors and companies have the highest and lowest risk for dangerous emails and which sectors and companies are taking action to stop cybercriminals for good. Email remains the number one vector cybercriminals use to launch attacks to enable stealing personal and financial information from consumers and businesses alike.
Businesses more astute with email security, but threats still on the rise
This quarter, Agari expanded its analysis, which includes financial services, online gaming, logistics, social media, travel, e-commerce, and health care – the newest sector added to the index. The company found that the financial sector has the highest ThreatScore indicating it remains the most susceptible to email attacks and cyber-fraud, followed by health care. Social media remained the most trustworthy, with the highest TrustScore out of all sectors analyzed. Though each sector achieved higher TrustScores compared to previous quarters, phishing scams remain the most effective way for cybercriminals to launch aggressive attacks and exploits. In fact, Agari notes that 95 percent of all data breaches stem from phishing emails. Despite these risks, a recent survey by Ernst & Young found that nearly all companies who participated admitted they are unprepared for a cyberattack, proving the need for effective security solutions that eliminate email threats, protect customers, and proactively guard brand reputations are greater than ever.
Notable highlights from the Agari TrustIndex Report:
- Financial services remained the top sector abused by attackers. Consumers remain seven times more likely to become victim to a cyberattack from their bank versus any other industry sector. One out of every eight spam messages tracked appeared to initiate from a financial services firm.
- Health Care is the newest sector to be included in the TrustIndex and was rated as one of the poorest sectors in terms of email security. At least one of every 10 messages from these healthcare domains is spoofed.
- Logistics showed a surge in risky message traffic, with a 62 percent spike in risk. Cybercriminals remain focused on large players in this segment – the companies that send the largest volume of email such as FedEx and UPS remain obvious targets.
- Social media retained the highest score in terms of email trust in Q3, remaining the most aggressive segment in terms of multiple companies adopting the highest level of security and a great example of how concerted effort in an industry segment can pay dividends in terms of encouraging cybercriminals to look elsewhere for opportunity.
- Travel continues to be a sector where consumers should be wary, specifically when it comes to airlines. Airlines remain the second worst when it comes to email trust.
- E-commerce remains one of the most trustworthy sectors in terms of email security, with a 14 percent growth in its TrustScore. There is a difference when comparing “bricks and mortar” and online-only brands. Four of the top five riskiest companies analyzed are “bricks and mortar” with a digital play.
- Online gaming posted a double-digit decline in trustworthiness in Q3, falling to 34 percent. With ongoing subscriptions, occasional purchases of upgraded tools, and an (often) young user community, there are many ways for counterfeit emailers to succeed.
“Most attacks don’t happen because some cybercriminal used complicated methods to gain entry into a network. Most attacks occur because someone made a mistake. With phishing emails, it just takes one person to unwittingly open an attachment or click on a malicious link, and from there, cybercriminals are able to get a foothold,” said Patrick Peterson, founder and CEO of Agari. “Our goal for the TrustIndex is to incite industries across all sectors to take a stand when it comes to email security, not just because they owe the highest level of protection to their customers, but because it makes smart business sense.”
The latest copy of the Agari Email TrustIndex is available for download here.