Agari Phishing Solution
In contrast to many organizations that offer anti-phishing protection, the Agari phishing solution does not train enterprise employees how to recognize phishing emails, instead the purpose of the Agari phishing solution is to prevent phishing, spear phishing and other malicious emails from being delivered to end users’ inboxes.
According to Agari, 91% of all cyberattacks start with a single phishing email with all spear phishing attacks use identity deception tactics to fool end users into installing malware or disclosing sensitive information such as login credentials. Research by Agari has shown that end users open 30% of malicious emails and click on malicious email attachments 13% of the time. However, spear phishing attacks – targeted phishing attacks – that spoof brands and include personal information of the targeted individual have an 80% click rate.
Typically, it takes just 3 minutes and 45 seconds between the start of an attack and the first enterprise employee clicking on a malicious attachment or URL in an email. Just one click can result in theft of sensitive data or infection with malware.
Traditional anti-spam solutions analyze the content of emails and check attachments for malware. The Agari phishing solution uses a different approach to email security, focusing on email metadata rather than email content. The solution uses machine learning, data science, and insight gained from an email telemetry network that analyzes more than 10 billion emails per day.
Since the solutions determines the level of trust of the sender rather than analyzing message content it tackles the problem of malicious actors impersonating brands and trusted individuals.
The Agari phishing solution can protect enterprise employees and customers from impersonation attacks such as spear phishing, business email compromise scams, ransomware and malware attacks that other solutions often miss. The solution can work in tandem with existing email security solutions to provide an additional layer of security.
Key Features of the Agari Phishing Solution
At the heart of the Agari phishing solution is Agari’s Email Trust Platform™, which is capable of understanding the true sender of emails. The Email Trust Platform™ uses Agari’s proprietary email telemetry network and predictive Agari Trust Analytics to determine whether the sender of an email can be trusted.
The Agari phishing solution consists of two components: Customer Protect™ and Enterprise Protect™
Customer Protect™ prevents email-based phishing attacks that spoof enterprise brands, protecting organizations’ email channels to reduce brand damage. The solution works by creating a trusted email channel for your business and third parties authorized to send emails on the company’s behalf – Marketo’s Salesforce, for example.
The solution is based on DMARC, which gathers telemetry from 70% of global inboxes and 85% of inboxes in the United States. Agari take the DMARC open standard further by using Contextual Correlation to provide insight into threats on domains not owned by organizations. Customer Protect™ provides companies with actionable intelligence on instances of brand abuse. Armed with that information, companies can send alerts to customers and take down malicious phishing sites to disrupt cybercrime operations.
Spam filtering solutions can block phishing emails, although they are often ineffective against spear phishing. Agari Enterprise Protect™ is a SaaS for businesses that blocks advanced spear phishing attacks, working with existing on-premise or cloud based email security solutions. The solution alerts organizations to the trust landscape of all incoming emails, distinguishing emails sent by trusted individuals from those that are not. Traditional anti-spam technologies analyze the content of emails, which fails to stop spear phishing attacks that impersonate brands and trusted individuals. Agari Enterprise Protect™ stops those emails from being delivered to inboxes.
The solution authenticates emails and their senders is effective at blocking business email compromise (BEC) scams, ransomware and malware campaigns and low volume, highly targeted spear phishing emails.
The solution works by gathering data on all inbound emails and global senders and extracting and analyzing the metadata rather than email content. The Agari phishing solution correlates the data with three of the world’s largest email providers – Google, Microsoft and Yahoo – identifying and categorizing emails and stopping malicious emails from reaching end users’ inboxes.
Agari was launched in 2011 by the former head of security technologies at Cisco’s IronPort, Patrick Peterson. While at IronPort, Peterson investigated spammers, email spam, spyware, web exploits and data theft, and used his knowledge to develop Cisco technologies further to eliminate email as an attack vector for cybercriminals.
Agari partnered with Google, Yahoo! and PayPal on a pilot project that led to the development of the DMARC open standard for email authentication before developing an innovative Software-as-a-Service (SaaS) platform for email security. The SaaS is the only email security solution capable of detecting spear phishing emails and preventing them from being delivered to end users. The company developed its Customer Protect™ solution to tackle brand abuse and later added Enterprise Protect™ to block advanced spear phishing attacks.
The Agari phishing solution now processes more than 7 billion email messages each day, blocking more than 2 million malicious emails and identifying and blocking more than 2 million malicious URLs each month.
The Agari phishing solution has now been adopted by many Fortune 1000 companies including six of the top ten leading banks and five major social media networks. Agari has also partnered with many government agencies to secure their email channels and protect employees from spear phishing attacks.
In 2013, Agari won a JPMorgan Chase Hall of Innovation Award followed by a Gartner Cool Vendor Award and an AlwaysOn Global 250 award in 2014. The firm attained Gold status in the 2015 Golden Bridge Awards in the Email Security Innovations category for its Customer Protect™ solution with the firm included in the Online Trust Alliance’s Online Trust Honor Roll in 2017.