Agari releases findings of new quarterly email security trends report:
- 83% of top 2020 U.S. presidential campaigns are at risk for email security-initiated breaches
- Nearly 30% of advanced email attacks now launch from hijacked accounts of trusted individuals and brands, a 26% increase over the past 90 days
- Employee-reported phishing attacks jumped 25% over Q1 2019
FOSTER CITY, California, April 30, 2019 /PRNewswire/ -- The campaigns for nearly all top-tier candidates running for President of the United States in 2020 are unprotected against email attacks, fraud and data breaches typically instigated by nation-states, according to a new report published today by Agari.
Agari, the next-generation Secure Email Cloud that restores trust to the inbox, indexed presidential campaign adoption of email authentication capabilities using a standard called DMARC. The index is published for the first time in the Agari Q2 2019 Email Fraud and Identity Deception Trends report. Among 12 Democratic and Republican candidates that top current polls, 11 have failed to implement email authentication that prevents acts, like candidate impersonation and donor fraud.
It also analyzed advanced email security controls of the campaigns, finding that 10 of 12 (83 percent) have no additional protection beyond basic security included in Microsoft Office 365 or Google Suite.
Email is the primary vector through which 96 percent of data breaches occur. The damage is devastating to individuals, businesses and elected officials. The spear-phishing attack that targeted John Podesta's emails, and the subsequent WikiLeaks publication of those emails, influenced the 2016 election outcome, many believe.
Patrick Peterson, CEO, Agari, stated: "As a company founded on the sole principle of protecting digital communications so that humanity prevails over evil, we feel a strong sense of duty to do our part to ensure the 2020 U.S. presidential election cycle is contested on a fair field and not one influenced by bad actors or nation states. Every day we, at Agari, witness the devastating effects of cybercrime -- sensitive data being stolen, people being defrauded out of money, identities being compromised. And every day we work to put those demons back into the bottle. Email, by far the most common communication medium, is being weaponized by advanced sophisticated attackers who find it far too easy to send targeted messages that do real harm to people and abuse the fundamental freedoms we enjoy as U.S. citizens, like the right for our votes to decide election outcomes. Our technology shines a light into the dark corners where cyber criminals operate so that they can be caught."
Other Attack Trends
Agari's Q2 2019 report, which evaluates cybersecurity trends seen from January through March 2019, also found:
- Among phishing attacks in Q1, 34% impersonated trusted brands, 19% impersonated individuals, and 20% used lookalike domains, while compromised accounts were used in the remaining 27% of the attacks.
- 20% of business email compromise (BEC) emails included personalization, where the attacker included elements such as the name of the recipient and other customized details to make the deceptive email seem legitimate.
- Individual display name deception is the most common technique used in phishing emails targeting C-suite executives.
A vast majority of BEC attackers use free and temporary email accounts to launch their attacks. In Agari's new report, the Agari Cyber Intelligence Division (ACID) found that Roadrunner (rr.com) was the most common email provider used to launch BEC attacks during the first quarter, accounting for 15 percent of all BEC emails identified. AOL (13 percent) and Gmail (10 percent) followed.
Read more from Agari CEO Patrick Peterson in his blog.
Agari is transforming the legacy Secure Email Gateway with its next-generation Secure Email Cloud™ powered by predictive AI. Leveraging data science and real-time intelligence from trillions of emails, the Agari Identity Graph™ detects, defends, and deters costly advanced email attacks including business email compromise, spear phishing and account takeover. Winner of the 2018 Best Email Security Solution by SC Magazine, Agari restores trust to the inbox for government agencies, businesses, and consumers worldwide. Learn more at www.agari.com.
Jean Creech Avent
Senior Director, Global Corporate Communications
+44 (0) 1276 486000