U.S. Markets open in 6 hrs 22 mins

Email Attacks Impersonating Individuals Hit 22%, reports email security firm Agari

Agari's much-anticipated quarterly email security trends report out today

FOSTER CITY, Calif., Oct. 31, 2019 /PRNewswire/ -- Agari, the next-generation Secure Email Cloud that restores trust to the inbox, released today the findings of its Q4 Email Fraud and Identity Deception Trends report that reveals the next email fraud and scams coming around the corner that CISOs need to know.

Example of a socially-engineered email, attempting a payroll diversion scam

The top finding shows that fraudsters deployed phishing campaigns using identity deception techniques that impersonate trusted brands or individuals, at record frequency. Identity deception-based attacks accounted for 62 percent of all advanced email attacks from July through September 2019. These percentages are up in the aggregate and the composition of these deceptions is in flux. Two identity deception attacks are favored among email fraudsters: Phishing campaigns impersonating brands, which dropped six percent quarter-over-quarter, and phishing campaigns impersonating individuals, which rose to 22 percent, compared to just 12 percent in the previous quarter. 

"Malicious emails impersonating well-known brands are generally associated with credentials-harvesting schemes," said Patrick R. Peterson, founder and CEO, Agari. "And those spoofing trusted individuals are typically linked to more sophisticated, social engineering-based business email compromise attacks."

A two percent decline in attacks launched from hijacked email accounts occurred this quarter, perhaps due to cybercriminal organizations spending the early part of this year in full intelligence-gathering mode, gearing up for more lucrative, business email compromise (BEC) attacks to come. 

The recent rise in email attacks spoofing trusted individuals augers a period of heightened risk from BEC and other highly-sophisticated email scams in the months ahead. 

Other findings include:

  • Payroll diversions now account for 1 in 4 BEC cons, up 5% during the last three months
  • DMARC adoption soars 49% in past year, but 84% of Fortune 500 still remain at risk of brand abuse and phishing attacks of customers
  • Employee-reported phishing incidents jumped 6% over the past 90 days; at the same time, the false-positive rate increased, too, to 7%.

Find out more types of attacks that are coming around the corner. Download the full report.

About Agari
Agari is transforming the legacy Secure Email Gateway with its next-generation Secure Email Cloud™ powered by predictive AI. Leveraging data science and real-time intelligence from trillions of emails, the Agari Identity Graph™ detects, defends, and deters costly advanced email attacks including business email compromise, spear phishing and account takeover. Winner of the 2018 Best Email Security Solution by SC Magazine, Agari restores trust to the inbox for government agencies, businesses, and consumers worldwide. Learn more at www.agari.com.


Jean Creech Avent
Senior Director, Global Corporate Communications
+1 843 986 8229

Agari is the next-generation Secure Email Cloud that restores trust to the inbox. (PRNewsfoto/Agari)

View original content to download multimedia:http://www.prnewswire.com/news-releases/email-attacks-impersonating-individuals-hit-22-reports-email-security-firm-agari-300948756.html