SendGrid Publishes Industry’s First Inbox Protection Rate to Increase Cybersecurity and Privacy Transparency Around the Holidays
Protects User Inboxes with 99.97% Success Rate While Processing Over
45 Billion Emails Each Month
Three 9’s Rating Sets the Bar for the Industry and Signals its
Commitment to Reducing Phishing Emails
DENVER–(BUSINESS WIRE)–SendGrid, Inc. (NYSE: SEND), a leading
digital communication platform that drives engagement and growth, is
the first email service provider (ESP) to announce its Inbox Protection
Rate publicly in an effort to increase cybersecurity and privacy
transparency and to elevate the cause of inbox protection. SendGrid’s
Inbox Protection Rate measures the success of its compliance efforts to
prevent malicious email from reaching SendGrid’s approximately 2 billion
email recipients. As of December 12, 2018, SendGrid achieved a 99.97%
legitimate email rate across all of its outbound mail flow.
Protecting the inbox has become increasingly important as phishing
emails remain one of the dominant methods that cyber criminals use to
access users’ most guarded credentials. Many major data breaches begin
with fraudulent email; cyber criminals will exploit a poor mail
configuration to send fake emails purporting to be the targeted sender.
FireEye’s recent Email
Threat Report asserted that less than a third (32%) of email traffic
seen in the first half of 2018 was considered ‘clean’ and actually
delivered to an inbox. The report also found that 1 in every 101 emails
had malicious intent.
Rising Holiday Email Volumes
Email security and awareness is especially critical around the holidays
when retail and eCommerce brands are sending markedly higher email
volumes. SendGrid processed 2.8 billion emails on Black Friday 2018 and
2.9 billion emails on Cyber Monday 2018 on behalf of its customers,
marking its two largest sending days ever. As email volumes rise,
cyberattacks are expected to jump by nearly 60% this holiday season,
compared to other months throughout the year, according to Carbon
Black’s new Holiday
Threat Report.
“More companies are choosing to outsource their email sending to third
party ESPs like SendGrid to handle their transactional and marketing
email services at scale. On a rolling 90-day basis, SendGrid touches one
half of the world’s unique email users estimated at 2 billion people,”
said Scott Gerlach, Chief Information Security Officer at SendGrid.
“Because we operate at such high scale, SendGrid is committed to and
responsible for maintaining a clean, phish-free mail flow
by investing heavily in our people, process and technology. We have made
a commitment to our customers and the email ecosystem to further email
security transparency and educate the market on phishing attacks.”
Maintaining legitimate mail flow requires both a technical understanding
of the highly sophisticated filtering schemas employed by the receiving
domains and mailbox providers, and a human talent for diagnosing
non-delivery events and remediating them either through technical
changes or modifications of marketing tactics. SendGrid protects its
customers from email phishing by:
-
Automated machine learning and artificial intelligence defenses
spanning several key areas that include the stages of a customer’s
lifecycle with SendGrid, user behaviors while using SendGrid, and the
actual content that is processed by SendGrid on behalf of its users. -
Neural network to mitigate the ability of phishers to sign up for
SendGrid’s service. -
Proprietary machine learning systems that are trained to differentiate
the characteristics between legitimate and fraudulent emails to
prevent phish from leaving SendGrid. -
Intelligent traffic cop that watches the mail flow from new accounts
to ensure anomalous or large deployments are slowed or stopped, when
necessary. The algorithm and process used to build this traffic cop
were patented
in 2017 by SendGrid’s lead data scientist, Dr. Aaron Beach, and former
SendGrid co-founder, Tim Jenkins.
“By setting benchmarks for the effectiveness of our security and
protection efforts, we can better understand how spammers and cyber
criminals evolve their attacks to further protect our customers and, in
turn, their customers,” said Len Shneyder, VP of Industry Relations at
SendGrid. “Compliance is not a destination, compliance is an ongoing
function that not only safeguards SendGrid’s more than 78,000 paying
customers but the billions of recipients that have subscribed to receive
emails from these businesses. The onus is on us as ESPs to prevent abuse
of our email infrastructure, mitigate the cascading damages it can cause
and educate our customers.”
Definition of Phishing
Phish is defined as email messages used to fraudulently obtain
confidential information such as credit card numbers, passwords, or
other personal data.
Inbox Protection Rate Methodology
The Inbox Protection Rate is a measure of email that transits SendGrid’s
servers deemed to be legitimate, non-phishing email sent by legitimate
businesses. The Inbox Protection Rate is not a measure of spam or how
that email is received since spam is subjective however, there is
nothing subjective about phish. In addition to analyzing outbound
messages SendGrid analyzed email bounces indicative of phishing and
other forms of delivery issues.
Sent phish is determined by manual reviews of suspended accounts for
phishing content. Each account found to contain phishing content is
terminated and tagged as phish. SendGrid then counts the sum of messages
delivered via tagged accounts as phish, and incorporates the phish into
its automated defenses to improve their efficiency, robustness and
detection rate.
To learn more about SendGrid’s Inbox Protection Rate, visit our blog.
For additional information about email phish and other email scams,
visit SendGrid’s
Phishing, Doxxing, Botnets, and Other Email Scams guide.
About SendGrid
SendGrid is a leading digital communication platform, enabling
businesses to engage with their customers via email reliably,
effectively and at scale. A leader in email deliverability, SendGrid has
processed over 45 billion emails each month for internet and
mobile-based customers as well as more traditional enterprises.
Source: SendGrid, Inc.
Contacts
SendGrid, Inc.
David Friedman, 303-868-9641
david.friedman@sendgrid.com