Agari Q4 TrustIndex Finds Etailers and Digital Startups are Winning the War on Cyberthreats; Retail, Health Care and Banks Most at Risk for Email-Based Cyberattacks

Report leverages data from more than one trillion email messages to identify where the world's most dangerous email messages originate

Agari Q4 Email TrustIndex Key Findings (Graphic: Business Wire)

SAN MATEO, Calif.--()--Agari, the leading provider of real-time data-driven security solutions that detect and prevent advanced cyberthreats targeting consumers and the enterprise, today released its fourth quarter edition of the Agari Email TrustIndex.

The Q4 TrustIndex covers the period from October through December 2013 and identifies the sectors and companies that have the highest and lowest risk for dangerous emails, and the sectors and companies that are taking action to stop cybercriminals from reaching their consumers.

“Many companies have not yet focused on consumer protection from email cyberthreats and the significant risk this presents, allowing cybercriminals to stay very busy,” said Patrick Peterson, chief executive officer of Agari. “The TrustIndex shows the industry sectors and companies that do the most – and the least – to detect and prevent cyberthreats, so consumers aren’t shouldering the burden of weak security practices. We want to help restore trust in the email channel and make sure the bad guys don’t have easy access to harm consumers.”

Threats are on the rise

The very public data breaches of 2013 have brought cybercrime into the spotlight, and email plays a significant role. Email remains the number one vector cybercriminals use to launch attacks to enable stealing personal and financial information from consumers and businesses alike. Following a data breach where consumer information is stolen, criminals often sell off that personal information (email addresses, home addresses, mobile numbers, credentials) and then use it to launch a multitude of attacks — phishing, identity theft, or creating bank accounts in someone else’s name. The critical measure in 2014 will be who takes action to secure email and protect consumers from the identity theft that commonly follows data breaches.

This quarter, Agari expanded its analysis to bring more companies into the spotlight to help leading security professionals and consumers understand the extent of cyberthreats through the email channel and the efforts brands are making or not making to offer the greatest protection.

The Q4 TrustIndex includes the following industry sectors:

Financial Services     E-Commerce     Other
  • Payments
  • Mega Banks
  • Large Banks
  • Retail Banks - Europe
  • Etailers
  • Retailers
  • Logistics
  • Airlines
  • Travel
  • Social Media
  • Health Care

*In this study, Mega Banks are retail banks with more than $5B in annual revenue; Large Banks have more than $2B in annual revenue.

Notable highlights from the Agari TrustIndex Report:

  • Health Care is the worst performer across all measures of the study and most susceptible to email attacks and cyber-fraud. Consumers are five times more likely to receive a malicious email from their health care provider than any other company analyzed in this study.
  • Retailers could all become the next “target” – the sector’s ThreatScore jumped eight times in Q4 from the previous quarter. Of the Retailers this report analyzes, 93 percent are categorized as “Sitting Ducks.”
  • Etailers are way ahead in security compared to Retailers that support both a bricks-and-mortar and e-commerce business. Companies like Amazon, Netflix, and Newegg have perfect or near-perfect TrustScores.
  • Social Media has been a consistent winner in security, with a TrustScore of 60, which is 8 percent higher than the previous quarter.
  • Financial Services was broken down into Payments, Mega Banks, and Large Banks in Q4
    • Payments: credit card companies and payment companies have the third highest TrustScore and the fourth lowest ThreatScore, suggesting that the segment’s profile characteristics could be an indicator of performance.
    • Mega Banks v. Large Banks: data shows that Mega banks are 20 percent more trustworthy through email than Large banks
  • Airlines continue to be a heavily targeted sector. In Q4, Travel’s ThreatScore climbed by more than 600 percent, indicating that cybercriminals know it is a sector with security that is easier to penetrate than other sectors.
  • Logistics is a popular criminal target because shipping companies rely heavily on email to deliver shipping and tracking notifications, and the eagerness consumers have to check in on packages. In Q4, the overall TrustScore for the sector went down and the ThreatScore also went down, affording Logistics companies a temporary reprieve for the quarter.
  • Digital startups are winning the war on cybercrime. Of the 131 companies analyzed, the majority of companies that stand out as “Security Rockstars” are digital startups with high-tech nimble workforces that have a pulse on the security opportunities that criminals look to capitalize on. Many of the “Sitting Ducks” have a common corporate profile: large, established enterprises with multiple stakeholders, complex IT systems, and a bricks-and-mortar foothold.

The latest copy of the Agari Email TrustIndex is available for download here.


About the Agari TrustIndex

The Agari TrustIndex contains ratings developed by Agari that reflects how fully organizations have deployed three standards (SPF, DKIM, and DMARC) across their primary active domains. While all three standards are deployed "behind the scenes" and are not directly visible to consumers in most cases, by looking at TrustIndex scores you can get a simple, easy to understand rating of how well any given organization is protecting their customers from receiving malicious email under the guise of the organization's brand and domain name. It's important to note that the Agari TrustScore reflects that level of security deployed by the organization, and is not directly related to the ThreatScore, which is an indicator of how high a level of attack is directed at an organization. A company could have a very high TrustIndex score and still have a high ThreatScore as well, as even though they've deployed effective security the bad guys are still trying to break in.

About Agari

Agari collects terabytes of email header data from email receivers like Gmail and Yahoo! to provide global brands with a real-time cyberthreat detection and prevention data-driven solution that eliminates email threats, protects consumers and their personal data, and proactively guards brand reputation. Today, Agari has analyzed over a trillion emails, and has blocked over a 2.5 billion malicious messages at a clip of over 200 per second. Founded by the thought leaders behind Cisco’s IronPort solutions, Agari, a recipient of the JPMorgan Chase Hall of Innovation Award, is headquartered in Silicon Valley and is backed by Alloy Ventures, Battery Ventures, First Round Capital, and Greylock Partners. Learn more at


Sharon Tully, 415-820-4487

Release Summary

Agari Q4 Email TrustIndex report leverages data from more than one trillion email messages to identify where the world's most dangerous email messages originate.


Sharon Tully, 415-820-4487