• Log in
  • About Us
  • Privacy Policy
  • Contact us
Telecoms IT - VanillaPlus
  • Home
  • News
  • Verticals
    • 4G
    • 5G
    • Big data analytics
    • Bill & Charge
    • CEM
    • Companies
    • Digital transformation
    • Fraud prevention
    • Managed services
    • Network optimisation
    • NFV Hub
    • OSS
    • People
    • Policy
    • Revenue assurance
    • Revenue management
    • Service assurance
    • Service Provisioning
    • Test & measurement
  • Digital Edition
  • Events
  • Videos
  • VP Featured
    • Webinars
    • Digital Talking Heads
    • Editorial advisory board
    • Expert opinions
    • Hot List
    • Operator View
    • Press releases
    • Reports & whitepapers
    • Special reports
    • Talking Heads
    • Troubleticket
    • Features list 2019
  • Directory
  • BlackBook
  • Subscribe
 

You are here:

  • Home
  • Companies
  • Agari and Farsight Security reveal global domains vastly vulnerable to phishing and fraud

Agari and Farsight Security reveal global domains vastly vulnerable to phishing and fraud

08 February, 2018 at 6:59 AM

Posted by: Zenobia Hegde

Agari and Farsight Security reveal global domains vastly vulnerable to phishing and fraud
Patrick Peterson of Agari

Agari and Farsight Security, Inc., the cybersecurity companies, announced the publication of a joint research report, “Email Fraud and DMARC Adoption,” which illustrates that essentially every global domain is vulnerable to phishing and domain name spoofing.

The report incorporates data from the Agari Email Threat Centre, which reveals that 90% of its customers have been targeted by domain name fraud. Additional insight from the Farsight Security DNSDB indicates that less than 1% of all domains are authenticated and protected by Domain Message Authentication Reporting & Conformance (DMARC), an email authentication standard.

“Email and phishing remain a top source of cyber-attacks and data breaches,” said Patrick Peterson, founder and executive chairman, Agari. “This groundbreaking report provides compelling evidence of the successes of DMARC adoption in protecting customers and brands, driving phishing rates near zero. However, with DMARC enforcement at only 27% of those firms who have adopted DMARC, it also shows how few enterprises have put these proven controls in place.”

According to Agari research, 92% of the Fortune 500 did not protect their domains with DMARC as of August 2017. However, 2017 saw two watershed moments: The Department of Homeland Security Binding Operational Directive 18-01 (BOD 18-01), which requires all federal domains to implement DMARC in 2018, and members of NH-ISAC (a cyber security forum for healthcare institutions) pledged to implement DMARC in 2018.

“Farsight Security’s network is ideal for studying not only the scope and the trends associated with how the Domain Name System (DNS) can be used to attack users, applications and infrastructure, but also how proposed solutions such as DMARC are deployed and their effectiveness,” said Paul Vixie, Farsight CEO. “We were very pleased to collaborate with Agari in this research. Farsight and Agari both believe that DNS record data is an essential tool to identify and secure our customers’ assets,” he added.

Farsight DNSDB is the world’s largest passive DNS database with more than 100 billion DNS records dating back to 2010 and updated in real-time. The Agari Email Threat Centre analyses more than two trillion emails per year from the domains of its customers, including six of the ten largest U.S. banks, many of the largest U.S. federal agencies, top social networks and healthcare providers, and hundreds of other organisations.

The joint research focused on the second half of 2017, the six months ending December 2017. Additional findings of the Agari – Farsight Security “Email Fraud and DMARC Adoption Report” include:

    • Low global enforcement rates – Farsight Security DNS intelligence reveals global DMARC enforcement rates are approximately 26% or lower across the universe of internet domains. Agari customers observed by its Email Threat Centre have achieved much higher protection rates: 99% in retail, 95% in technology and 89% in finance.
    • Healthcare is most targeted industry – Among Agari customers, 92% of healthcare industry domains are targeted by domain name spoofing. The majority of messages (58% threat rate) sent on behalf of the healthcare industry are malicious or unauthorised, undermining the trust in medical providers, insurance companies and pharmaceutical brands. It is not surprising that healthcare is the most targeted industry since it is also the vertical least protected by DMARC, with protected domains hovering only between 10 – 20%.
    • Government domains are under attack – The government sector is the second most attacked industry, with 87% of domains targeted. One out of ten messages (12% threat rate) sent on behalf of federal domains are malicious or unauthorised – significantly higher than the global average of 3%.
    • Attack on government domains during the week of September 11 – The report reveals a major spike in attacks on federal domains the week of September 11, 2017 – as malicious email increased from 16% to 50% – the result of a massive attack (more than 8 million messages) on a federal agency, which was prevented by DMARC.

Download the report: “Email Fraud and DMARC Adoption Report”

Comment on this article below or via Twitter: @ VanillaPlus OR @jcvplus


category: Companies, News, People, Platforms & Applications, Security

Tags: Agari, authentication, DMARC, DNS, Farsight Security, forum, Healthcare, Patrick Peterson, Paul Vixie

IoT Vanillaplus Black book Report

Black Book – The definitive content hub for the Telecoms industry,

The ultimate collection of the very best analyst reports, case studies, contract wins & panel debates.

  • Facebook
  • Twitter
  • YouTube
  • LinkedIn
  • Subscribe
Relax time
Read the new novel by J.J. Cowan on Africa’s conflict minerals trade and forced labour. 5* Reviews on Amazon.co.uk Paperback & Kindle

Check out on Amazon

X

Be the first to know!

  • The top telecom IT news stories of the minute
    in your inbox
  • Exclusive offers for entry into hundreds of
    events worldwide
  • Free access to a huge selection of the latest
    analyst reports and whitepapers
Subscribe now so you don't miss out
Don’t show me this again
Please check your email
Vanillaplus - The Global Voice of Telecoms IT
The Global Voice of Telecoms IT

VanillaPlus is the world-leading resource covering digital transformation for the communications industry. VanillaPlus brings you exclusive News, Expert Views, and Event Reviews. See Interviews from CEOs, CTOs, and COOs who are successfully transforming their business today.

Connect

Facebook Twitter YouTube LinkedIn

NEWS

  • Latest Telecoms IT news

DIGITAL EDITION

  • Latest Editions

OTHER

  • Newsletters [Archive]

KNOWLEDGE CENTRE

  • Webinars
  • Special Reports
  • Talking Heads
  • Editorial Advisory Board

COMPANY

  • About
  • Contact Us
  • Terms & Conditions
  • Privacy Policy

PARTNERS

  • IoT News

© 2014-2016 VanillaPlus - The global voice for telecoms IT. All rights reserved.