top of page

One-in-Five Phishing Emails are Sent from Compromised Email Accounts

Fraudsters find more success with getting phishing campaigns delivered as well as with open and click rates when sending from an existing, known and trusted email address. This may be why a recent report found that 20 percent of phishing email attacks against employees are sent from email addresses a fraudster has taken over. Most phishing attacks, however, are brand impersonation attacks, with Microsoft being the most impersonated.

For their Email Fraud & Identity Deception Trends report, Agari surveyed more than 300 US and UK businesses with 23,053 reported phishing incidents in the fourth quarter of 2018. Analysis found that 20 percent of these phishing emails came from compromised email accounts, while 67 percent impersonated a trusted brand with deception or a look-a-like domain.

Microsoft was the most impersonated brand, mimicked in nearly 45 percent of impersonation phishing emails. Amazon (17 percent) and the IRS (9 percent) were the next most impersonated brands. Financial institutions Bank of America and Wells Fargo, along with private couriers UPS and FedEx and digital streaming service Netflix were also in the top 10 most impersonated brands for phishing emails.

The brand and financial risks of suffering a phishing attack can be devastating, but even when the attacks are contained it can be costly. The Agari survey also found that phishing incidences take nearly six hours to resolve on average and cost $253 per incident. Approximately 88 percent of organizations are using phishing simulation services.

For more information:


bottom of page