[November 01, 2018] |
|
Agari Reports: Microsoft and Amazon Are Most Impersonated Brands in Advanced Email Attacks
Nearly two-thirds of all advanced email attacks used emails
impersonating Microsoft (News - Alert) or Amazon, according to new research by Agari,
the only cloud-native solution that uses predictive AI to stop advanced
email attacks. Agari's newly-published quarterly report "Email
Fraud & Identity Deception Trends: Insights from the Agari Identity Graph"
identifies how advanced email attacks are targeting unsuspecting
businesses and consumers-with display name deception as the most common
attack vector.
Microsoft was impersonated in 36 percent of all (brand) display name
impersonation attacks in the third quarter. Amazon was the second most
commonly impersonated company, used in 27 percent of these attacks.
Amazon and Microsoft run the largest public cloud computing platforms,
which are widely used by companies undergoing digital transformation
projects.
The pattern was different for high-value targets, such as C-suite
executives-Microsoft was impersonated in 71 percent of these attacks.
Dropbox (News - Alert) is a distant second at seven percent, followed by United Parcel
Service (UPS) at six percent.
These attacks often take the form of service updates, security alerts
and password resets. The ubiquity of Microsoft Office in corporate
environments and the rapid adoption of cloud-based Office 365 makes
Microsoft an attractive impersonation target, while file-sharing
services such as Dropbox are frequently imitated to distribute malware
because users are more likely to trust its installation.
"While organizations are digitally transforming their operations with
cloud messaging, advanced email attacks, such as phishing and business
email compromise have become more effective than ever," said Armen
Najarian, CMO, Agari. "The damage from these attacks has ballooned into
billions of dollars annually- however the real cost is the erosion of
trust in digital business."
According to the FBI, business
email compromise (BEC) has become a$12 billion scam. Advanced email
attacks, such as BEC, leverage identity deception techniques, including
domain name spoofing, look-alike domains and display name deception to
take advantage of end-user trust. Legacy email security solutions, such
as secure email gateways (SEGs), are unable to detect advanced email
attacks because they do not include malicious URLs or malware
attachments-the attacks Agari identified in its Q4 2018 report evaded
detection by other email security solutions.
Agari's new report reveals that 62 percent of advanced email attacks
leverage display name deception: 54 percent impersonate trusted brands
and eight percent impersonate individuals. On the other end of the
spectrum-yet alarmingly-three percent of identity deception-based
attacks are sent from compromised email accounts commandeered through
account takeover (ATO) attacks.
The intersection of display name deception and ATO attacks is revealed
by the fact that Microsoft and Amazon are the most impersonated brands
in digital deception-based attacks. The risk is that a successfully
compromised Office 365 or AWS account may be used to launch subsequent
attacks that are even harder to detect.
Email Authentication Adoption on the Rise
Domain-based Message Authentication, Reporting and Conformance (DMARC)
is an open email authentication standard that prevents domain name
spoofing from being used in phishing or spam. Agari's Q4 2018 "Email
Fraud & Identity Deception Trends" includes the broadest
analysis of DMARC adoption ever conducted-more than 280 million
registered public domains.
"Trust is the lifeblood of all communication, whether it's
interpersonal, business, government, or otherwise," said Najarian.
"Email marketing remains the most popular and profitable channel, yet
brands remain at risk of having their customers deceived by
impostors-wreaking havoc on their brand equity and reputation."
In 2017, Agari research determined that only one-third of the Fortune
500 had adopted DMARC, with less than ten percent enforcing a quarantine
or reject policy. Agari's new research now reveals that more than
half-51 percent-have adopted DMARC, although still only 13 percent are
enforcing a quarantine or reject policy.
Additionally, in an examination of more than 280 million domains, Agari
witnessed an increase in DMARC adoption from 3.5 million domains in July
2018 to 5.3 million domains in October 2018, representing a 51% percent
increase in one quarter.
This increased adoption coincided with the approaching (and now final)
deadline for the Department of Homeland Security Binding Operational
Directive (BOD) 18-01, which mandates all federal executive branch
domains must adopt DMARC and implement a reject policy. The United
States federal government now leads all industry verticals with an 84
percent DMARC adoption rate-more than three-quarters of federal domains
(76 percent) have implemented a reject policy.
To learn more, download Agari's Q4 2018 "Email
Fraud & Identity Deception Trends: Insights from the Agari Identity Graph"
About Email Fraud & Identity Deception Trends Report
The Agari "Email Fraud & Identity Deception Trends" report is a
quarterly analysis of statistics and attack samples captured within the
Agari Identity Graph. The Agari Identity Graph ingests more than two
trillion emails per year, which it uses to train its machine learning
models. Agari continually aggregates anonymized DMARC reporting data
across its customer domains in multiple industry sectors, which it uses
to compare and contrast with public sources using Agari
DMARC lookup tools.
About Agari
Agari is the leading predictive AI solution to protect the cloud inbox
from advanced email and phishing attacks. Winner of Best Email Security
Solution by SC Magazine in 2018, the Agari Email Trust Platform™
prevents ransomware, ATO, phishing, BEC and other identity deception
attacks, restoring trust to digital channels for businesses,
governments, and consumers worldwide. Learn more at www.agari.com.
View source version on businesswire.com: https://www.businesswire.com/news/home/20181101005317/en/
[ Back To Homepage ]
|