Sign in
  • Home
  • Platform
  • Solutions
    • Anti-phishing
    • Brand protection
    • Compliance
    • Shadow IT
    • Office 365 migration
    • Government
  • Customers
    • Customer support
  • Blog
  • About
    • Resources
    • News + awards
    • Upcoming events
    • Partners
    • Team
    • Careers
    • Industry leadership
  • Support
Request domain analysis
  • Platform
  • Solutions
    • Anti-phishing
    • Brand protection
    • Compliance
    • Shadow IT
    • Office 365 migration
    • Government
  • Customers
    • Customer support
  • Blog
  • About
    • Resources
    • News + awards
    • Upcoming events
    • Partners
    • Team
    • Careers
    • Industry leadership
  • Request domain analysis
  • Support
  • Sign in
Check to see if you’re protected
☰
Check to see if you’re protected
Share this article
Related posts
  • Blog
    Research: Email remains a weak link in U.S. election infrastructure
  • Blog
    How DMARC works with subdomains and the sp tag
  • Blog
    How DMARC handles domains and subdomains in email addresses
Valimail blog

Mitigating the number one attack vector in the world

Author: Valimail
interview with AGT

Valimail is pleased to be featured as a Distinguished Vendor in the 2020 Security Annual from TAG Cyber — for the second year in a row.

Valimail CEO Alexander García-Tobar spoke with TAG Cyber’s Edward Amoroso for an in-depth interview, included in the 2020 Security Annual, on the subject of “Mitigating Email Security Threats.”

“The Valimail email authentication solution is innovative and exciting,” said Amoroso.

The 2020 Security Annual is part of a series from TAG Cyber that has been published each September since 2016. The massive report offers expert guidance, analysis, and education on fifty different aspects of the cyber security ecosystem.

In this interview, García-Tobar talks with Amoroso at length about the risk that phishing poses and how Valimail’s platform addresses it.

An excerpt from that interview:

EA Is it an exaggeration to say that phishing has become the number one attack approach in the world?

AGT It’s no exaggeration. There’s a preponderance of research reports that all agree that phishing accounts for more than 90% of all cyberattacks and breaches. These include Verizon’s Data Breach Investigations Report, as well as research reports from Barracuda, Proofpoint, Cofense (formerly PhishMe), and others. While zero-days, Trojans, and sneaky network-based intrusions get most of the media coverage, most attacks are initiated by phishing emails. Even ransomware, which spreads through organizations using vulnerabilities in local area network protocols, relies on phishing to gain its first foothold. If you can eliminate phishing, then you cut off the initial vector of infection for the vast majority of attacks, thus forcing attackers to use more difficult methods.

EA How does the Valimail platform reduce email risk?

AGT Valimail is an industry leader in the protection of email from cyber threats. With deep capability in supporting standards such as DMARC, for example, the company supports high assurance for email, collaboration, and workflow activity. We recently caught up with Alexander Garcia-Tobar of Valimail to gain insights into the email security ecosystem and how the company continues to develop and innovate platform capabilities to better support enterprise customers.

Modern phishing attacks have moved beyond the obvious vectors, such as malicious attachments and links to malicious websites, and are now exploiting a fundamental weakness in the way email works by deploying sophisticated impersonation campaigns. These fake emails appear to the recipient as someone you’d trust such as your boss or your bank. And in most cases, they don’t contain any obvious malware that existing security solutions are looking for.

According to a recent study from Barracuda, 83% of all spear phishing emails are impersonations, which means that sender identity is the choke point for stopping the vast majority of phish.

The lack of a comprehensive identity-based solution is why there’s been such an explosion in business email compromise (BEC) over the past few years. In fact, the FBI now asserts that BEC is responsible for the vast majority of cybercrime losses — over $3.6 billion in 2018 alone.

Valimail eliminates this vector by validating senders’ identities through open standards and a variety of other techniques, so that untrusted and unauthenticated senders simply do not get into the inbox. Our unique focus on “who” sent the email versus “what” is in the email stops attacks that existing security solutions miss, which reduces the risk of BEC and other types of impersonation-driven email fraud.


You can read the interview in full right here (click to view the .pdf file, or right-click to download it).

Or click to read the full 2020 Cyber Annual from TAG Cyber.

Back to blog
Published October 4, 2019
  • BEC
  • sender identity
  • TAG Cyber
Author: Valimail
Valimail is a pioneering, identity-based, anti-phishing company that has been ensuring the global trustworthiness of digital communications since 2015. Valimail delivers the only complete, cloud-native platform for validating and authenticating sender identity to stop phishing, protect and amplify brands, and ensure compliance. Valimail has won more than a dozen prestigious cybersecurity technology awards and authenticates billions of messages a month for some of the world's biggest companies and organizations, including Uber, Splunk, Yelp, Fannie Mae, and the U.S. Federal Aviation Administration. For more information visit www.valimail.com.
Resources
Election security
Learn more
Executive summary: The guaranteed path to DMARC enforcement
Learn more
The guaranteed path to DMARC enforcement
Learn more
Sender identity: The missing piece in email security
Learn more
BEC explodes as attackers exploit email’s identity crisis
Learn more
Latest news
Louisiana spurns attempted ransomware attack, governor says
Learn more
Ransomware Attack Hits Louisiana State Servers
Learn more
3 Cybersecurity Threats Facing Campaigns in 2020
Learn more
Pemex claims victory over cyberattack; $4.9 million ransom reportedly deman...
Learn more
Government services in Nunavut caught in ransomware cyberattack
Learn more
Press releases
Valimail’s Seth Blank named chair of M3AAWG’s election security working gro...
Learn more
Valimail applauds accelerating support for next-generation email standards ...
Learn more
Valimail Opens Denver Innovation and Engineering Hub
Learn more
Despite Accelerating Adoption of DMARC, Less Than 10% of Enterprise Domains...
Learn more
Valimail Identity Summit Tackles Growing Crisis of Impersonation in Phishin...
Learn more
Follow us
Contact us

P: 888.354.6179
E: info@valimail.com

Headquarters

180 Montgomery Street
20th Floor
San Francisco, CA 94104

Valimail Mountain Office

3601 Walnut St
5th Floor
Denver, CO 80205

Request a full domain analysis
© Valimail
  • Terms of use
  • Privacy Policy
  • Website terms of use
  • Domain Analysis
  • Domain Checker
  • Platform
  • Solutions
  • Anti-phishing
  • Brand protection
  • Compliance
  • Shadow IT
  • Office 365 migration
  • Government
  • Customers
  • Customer support
  • Blog
  • About
  • Resources
  • News + awards
  • Upcoming events
  • Partners
  • Team
  • Careers
  • Industry leadership