March 06, 2012 08:02 ET

Agari Announces Annual Sumo Awards to "Dishonor" Phishing's Biggest Contributors; Nearly 100% of Successful Banking Phish Used Compromised, Legitimate Servers From Unsuspecting Companies

PALO ALTO, CA--(Marketwire - Mar 6, 2012) - Agari announces the first Annual Sumo Awards to dishonor phishing's biggest contributors and enablers. The Sumo Awards categories identify why phish emails succeed, highlight unknowing contributors who aid criminal phishing, and suggest how businesses can take collective action and responsibility to prevent malicious attacks through email. This year's Sumo Awards focus on the successful characteristics of phishing attacks against the banking industry. Leveraging Agari's Big Data Platform, which spans more than one billion mailboxes, Agari isolated and studied the one percent of phishing attacks on U.S. banks that succeeded to understand how they beat the defenses and landed in the inbox.

By analyzing millions of successful phishing schemes that made it into the inboxes of unsuspecting banking customers, Agari reveals core vulnerabilities that apply worldwide and across industries. While traditional email security technologies thwart the majority of spam and phishing schemes, this latest data shows that criminals are changing tactics and devising new and creative ways to get around these systems. For detailed information about the Agari Sumo Awards and Agari's research into banking, download the Infographic at

The first Sumo Dishonors go to:

  • Most Successful Scheme: Infrastructure Hijacking
    Nearly 100 % of the top successful phish against banks involved infrastructure hijacking. Phishing criminals are using legitimate infrastructure -- servers and software -- owned by reputable institutions to conduct successful phishing campaigns against banks. Using compromised, legitimate servers allows the criminals to bypass a battalion of email security defenses and deliver phish to the inbox. In fact, of the top 300 successful phishing attacks to U.S. banks, all used compromised servers from legitimate companies.

  • Worst Country Award: United States
    Contrary to common perception, the largest phishing threats to U.S. banks originated from domestic servers. The United States was responsible for distributing the vast majority of attacks on U.S. banks. Of the top 100 threats to U.S. banks, 52 percent originated in the United States. Of all threats to U.S. banks, 39.2% originated from the United States, nearly 4 times higher than #2 Germany.

  • Best Supporting Actor: System Administrators
    Attacks are most often aided and abetted by system administrators who deploy unprotected infrastructure within organizations that criminals discover and exploit. An accomplice to the crime, system administrators could have thwarted approximately 25% of successful phishing attacks against banks by simply patching known hardware and software vulnerabilities, thereby eliminating the use of legitimate, company infrastructure for disseminating malicious attacks.

  • Lifetime Achievement Award: The Botnet
    Agari research revealed that only half a percent of successful banking phish were sent by Botnets, signaling the tail end of "The Botnet Era." To be successful, criminals are relying on more sophisticated schemes that can only be prevented through new anti-phishing models and technologies.

"It is critical to understand why and how phishing succeeds, yet the majority of phishing research analyzes all phish, both successful and unsuccessful phish, which creates tremendous data distortion," said Agari founder and CEO Patrick Peterson. "Agari's research is unique in examining only successful phishing attacks. Our Sumo Awards point directly to issues that can be resolved as brands and corporations act to protect their own interests and collaborate with more precise shared intelligence that benefits everyone."

"The insight that system administrators are indirectly responsible for 25% of e-mail borne threats might be surprising, but is in line with our data from the Laws of Vulnerabilities analysis on patching speed," said Wolfgang Kandek, CTO of Qualys. "Agari provides visibility into organizations' e-mail traffic, and its Software-as-a-Service model makes it easily accessible."

Agari research and the Sumo Awards highlight critical points: 1.) Criminals need legitimate servers to send messages and host phishing sites; 2.) We are our own worst enemy with most attacks on U.S. banks stemming from compromised servers at other U.S. organizations. Knowing how attacks succeed leads to understanding how to prevent them. Organizations willing to address their own threat-enabling potential vulnerabilities can act decisively to limit risk and disable phishing vectors. By cooperating and sharing intelligence with other organizations, brands, mailbox providers, and businesses gain insight and power over threats and very broad scalability to exclude them from their networks.

Today, Agari processes 1.5 billion messages daily and protects 50 percent of U.S. consumer email traffic and more than one billion mailboxes. The Agari platform becomes more pervasive, intelligent, and powerful as more join the Agari network. The expansion of Agari's network creates a repeatable, scalable way for email senders and receivers to integrate through the Agari platform to achieve the best insight to phishing targets, vulnerabilities, and criminal methods.

About Agari, Inc. (formerly Authentication Metrics, Inc.) Agari collects terabytes of email data from sources across the Internet to create a cloud-based solution to assess, visualize, and protect against email threats to brands, such as phishing and other fraud. Founded by the thought leaders behind Cisco's IronPort solutions, the Agari platform provides global brands with the tools needed to proactively protect brand reputation, eliminate email threats, protect customers and prevent the loss of sensitive data. Headquartered in Palo Alto, Calif., Agari is backed by Alloy Ventures, Battery Ventures, First Round Capital, and Greylock Partners. Additional information is available at

Contact Information