Professional Documents
Culture Documents
Agari TrustIndex
Agari TrustIndex
Executive Summary
2014 was a big year for threats in the email forgery world.
The major banks of Europe and the United States saw critical levels of phishing and spam attacks against
their customers from January through September 2014 as hackers turned their attention first to banks in
the U.S. and then to banks in Europe.
In Q1 and Q2, malicious email attacks against the largest U.S. banks spiked at levels higher than in any
other industry, but just as these attacks tapered off in Q3, email spoofing attacks against the customers of
Europes largest banks increased nearly fivefold. These spikes indicate the unpredictability and brute force
of email forgers as they decide which industries to target and when.
Furthermore, the payments industry (including credit card and digital wallet companies) saw a 23-fold
increase in malicious e-mail attacks against its customers between the second and fourth quarters of last
year. The number of forged emails purporting to be from legitimate travel-industry websites more than
doubled between Q2 and Q3.
Driven by the increasingly active threats landscape, progress on the security side has been steady but slow.
The use of the three major anti-forgery standards (SPF, DKIM and DMARC) crept upward. At the beginning
of 2014, seven companies earned perfect TrustScores, including 100 percent implementation of DMARC
best practices. By the end of the year, 13 had achieved a perfect mark. Its good news for those companies
(and their customers), but bad news the adoption of these standards is not more wide spread.
These and other findings come from the Agari TrustIndex, an exclusive research study based on analysis of
more than 6.5 billion emails each day throughout 2014.
Agari TrustIndex
FPO
scored zero
in our trust rankings.
Agari TrustIndex
nobody is safe
from attacks
high risk
of malicious email attacks.
17
33
An email from a
large American bank
is 2x more likely to be
fraudulent than an email
purportedly from a social
media company.
36
Mega Banks
(Europe)
Mega Bank
Large Banks
37
Logistics
42
Airlines
Airlines and large
American banks had the
worst levels of DMARC
implementation by the
end of 2014, meaning it
is relatively risky to open
an email that comes from
most airlines or most
major U.S. banks.
An email from an
American megabank
is 1.5x more likely to
fraudulent than an email
purportedly from a social
media company.
46
Travel
Companies with
51+ have some
level of DMARC
Payments
47
50
Retail
Social
63
67
Etailer
TrustScore
The TrustScore measures a companys implementation
of three important email security protocols: SPF, DKIM
and DMARC. Companies scoring greater than 50 have
at least some level of DMARC implementation.
KEY FINDING #1
Banks
Email attackers consistently aimed their sights at banks and other financial
institutions more than at any other type of company in 2014, yet every
category of bank surveyed had a low average TrustScore.
European Megabanks, whose customers are some of malicious e-mailers most
common targets, fared especially poorly, with the second-lowest TrustScore
(33) of the 11 industries surveyed for this report.
Large American banks (smaller than megabanks but nevertheless large
financial houses serving millions of customers malicious e-mailers TK) had the
third-lowest TrustScore (36), and American megabanks scored only 46, out of
a possible 100 points.
Agari TrustIndex
The Exceptions
One health insurance company was an exception. Aetna scored
a 100 TrustScore in Q3 and stayed there in Q4, remarkable for a
company in any sector.
Two banks were exceptions: Chase and Capital One, two American
megabanks. They both earned a 100 TrustScore through the entire
year.
KEY FINDING #2
Agari TrustIndex
17.32
European megabanks
2.12
0.66
European megabanks
30.49
ThreatScore
The ThreatScore measures the amount of spam and
other malicious email sent to consumers fraudulently
using a companys domain. Agari analyzes millions of
messages per company per quarter.
KEY FINDING #3
Customers of more
than 2/3 of all
companies surveyed
are at high risk of
malicious email
attacks.
Megabanks: Chase, Capital One Etailer: Newegg, Netflix Social: Facebook, Twitter, Instagram,
Pinterest Misc: Docusign Logistics: UPS, Fedex Healthcare: Aetna Payments: Western Union
Agari TrustIndex
Unsurprisingly, Internet giants in the social and etailer sectors seem to have
an especially strong grasp of e-mails inherent vulnerability, and theyve taken
more steps than others to prevent e-mail attacks against their customers.
The U.S. megabank industry was the only financial sector to rank among the
top three industries for DMARC implementation in 2014, reaching an average
DMARC rating score of 20 (out of what max TK) in Q4.
Agari TrustIndex
Under
Construction
Etailers
Easy
Targets
Security
Rockstars
Under
Construction
Easy
Targets
Classmates
deviantArt
Amazon
Ancestry.com
Fanatics
Google+
Flickr
Last.fm
Groupon
Etsy
Gilt Groupe
Market America
Flixster
Myspace
Netflix
Overstock
Newegg.com
Shutterfly
Peapod
VistaPrint
Rakuten.com
StumbleUpon
Tagged
29%
29%
43%
Wayfair
27%
Payments
33%
40%
Retail
Security
Rockstars
Under
Construction
Easy
Targets
American
GreenDot
Braintree
Security
Rockstars
Apple
Under
Construction
Target
Easy
Targets
Best Buy
Express
Discover
CDW
PayPal
Dwolla
Costco
Visa
MasterCard
Dell
Western Union
Moneygram
GAP
Square
Grainger
Stripe
Macys
Wealthfront
Office Depot
WePay
Officemax
Zuora
Sears
87%
Staples
Sony
7%
7%
Walmart
7%
Agari TrustIndex
7%
87%
10
Under
Construction
Travel
Easy
Targets
Capital One
JPMorgan Chase
US Bank
Bank of
America
SunTrust
Wells Fargo
Ally Bank
BB&T Bank
BNY Mellon
CitiBank
HSBC Bank
PNC Bank
State Street
TD Bank
21%
21%
57%
Security
Rockstars
Under
Construction
Kayak
Priceline
Travelzoo
BookingBuddy
CheapOair
Expedia
Hilton
Hotels.com
Hotwire
Marriott
Orbitz
Travelocity
TripAdvisor
7%
21%
71%
Airlines
Easy
Targets
FedEx
UPS
US Postal Service
DHL
OnTrac
Pods
TNT Express
Uhaul
25%
13%
63%
Agari TrustIndex
Easy
Targets
Booking.com
Logistics
Security
Rockstars
Under
Construction
Security
Rockstars
Under
Construction
Easy
Targets
Delta Airlines
None
AirTran
American
Airlines
Jet Blue
SkyWest
United Airlines
US Airways
Virgin America
13%
0%
88%
11
Under
Construction
Security
Rockstars
Under
Construction
Easy
Targets
None
None
Booking.com
Kayak
Priceline
Travelzoo
Barclays
Deutsche Bank
Lloyds
Royal Bank of
Scotland
Santander
Svenska Bank
Tesco
Virgin Money
0%
0%
100%
0%
0%
100%
Health Care
Security
Rockstars
Under
Construction
Easy
Targets
None
Aetna
0%
7%
93%
Agari TrustIndex
12
To derive the
ThreatScore:
Agari TrustIndex
13
DMARC
DKIM
DKIM is a more complete email
authentication standard, offering
improved sender verification. Using
DKIM, companies inserting encrypted
signatures into their email messages.
Receivers then unlock these
signatures by looking up decryption
keys kept on the legitimate companys
domain name server (DNS). DKIM
provides a reliable, domain-level
identifier that can survive email
forwarding (unlike SPF).
Agari TrustIndex
14
Agari TrustIndex
15