Email from social media brands is some of the safest on the Internet, while electronic posts from financial services brands is some of the riskiest, says a report released this week by an email security provider.
"Consumers may be worried about their privacy settings, but in terms of protecting consumers via email, social media is the clear leader," said the report from Agari, which analyzed more than a trillion emails during the second quarter of this year.
Agari uses that analysis to create a Trust Index for email in financial services, e-commerce, social media, travel, logistics and gaming industries.
The index is based on a Trust Score — a reflection of the adoption and deployment of security measures in an industry to protect its customers from malicious email — and a Threat Score — which provides a measure of relative risk based on malicious activity and attempted attacks.
Social media led all industry sectors during the June quarter with a Trust Score of 73.1, out of a possible 100.
Ranking companies and industries based on the ThreatScore, and TrustScore benchmarks gives consumers and leading brands visibility into how aggressively a sector is being threatened and which companies are taking action to secure email and protect consumer data and trust, the report explained.
"Social media has been far more aggressive about protecting their customers and far more responsive to keep up with the technologies available to protect their customers," Agari founder and CEO Patrick Peterson said in an interview.
Among those technologies is DMARC (Domain-based Message Authentication, Reporting and Conformance), which Agari's report said can virtually eliminate brand abuse through fraudulent email attacks and drastically reduces the risks of consumer loss, reputation damage and financial liability.
"A lot more people should be using DMARC because it allows administrators and organizations to be able to reject mail if it doesn't match certain parameters no matter where it says it's coming from," said Paul Ferguson, vice president for threat intelligence at Internet Identity.
Nevertheless, Ferguson was skeptical of the glowing grades given social media by Agari. "We see daily campaigns with emails harboring malicious content that's masquerading as DHL, Fedex, Dun & Bradsteet or social media like Facebook and Linkedin," he said.
In fact, social media may contribute to the problem by fueling a growing culture of interrupt-alerts that demand attention without forethought. "It allows bad guys to blend in with that noise," Ferguson explained.
Other sectors analyzed by Agari didn't fare as well as social media. "The most significant, but not at all surprising, discovery comes from financial services where there has been a huge spike in malicious activity, more than doubling from the prior quarter," the report said.
Sign up for Computerworld eNewsletters.