If you have health insurance or play video games, you might want to check your emails more carefully. That’s the gist of a new report from Agari, a security firm whose quarterly TrustIndex measures precautions taken by major firms to protect their customers from scammers.
In the report, the company named the brands that work hardest to protect customers’ inboxes:
The rankings were based on companies using three standard email security systems–SPF, DKIM, and DMARC–to mark legitimate emails and protect customers and users from phishing attacks. Agari markets a cloud-based platform to corporate clients and security firms designed to stop phishing attacks that appear to originate from legitimate sources like banks and health insurers.
Meanwhile, insurers face a problem: They dominate the list of brands Agari believes are vulnerable to being spoofed in phishing attacks because of a lack of email security. In their report, Agari specifically cited AIG, Ally, PNC, State Street, Centura, Humana, Kaiser Permanente, UnitedHealthcare, Universal Health Services, WellPoint, Ontrac, TNT, Uhaul, Electronic Arts, Sony, LiveJournal, Myspace, American Airlines, Avis, Enterprise, Expedia, Hotels.com, JetBlue, Virgin America, and Sears for lagging in adopting DMARC and other standards.