More than four-fifths (81%) of UK retailers are putting their customers at risk of email fraud by not implementing the recommended level of domain-based message authentication, reporting and conformance (DMARC) protection.
This is according to a new study by Proofpoint, which warned of a likely surge in fraudulent emails targeting online shoppers ahead of this year’s Black Friday and Cyber Monday.
DMARC is an email authentication, policy and reporting protocol designed to improve and monitor protection of the domain from fraudulent emails. Yet worryingly, ahead of the Black Friday and Christmas shopping periods, Proofpoint said just 19% of UK retailers have adopted the recommended level of DMARC protection (reject), which blocks fraudulent emails from reaching their intended targets.
The research also showed that under half (45%) of UK retailers have implemented the minimum level of DMARC protection, which prevents malicious actors from spoofing their domain. This is significantly lower than the proportion of global retailers (70%) included in the Forbes Global 2000 who have implemented this level of DMARC protection. Additionally, more than a third (36%) of UK retailers have no published DMARC record at all, leaving themselves wide open to impersonation attacks.
Email has become an increasingly important means by which retailers contact customers about offers amid the shift to e-commerce during COVID-19, and fraudsters have heavily exploited this trend.
Adenike Cosgrove, cybersecurity strategist, International, Proofpoint, commented: “Organizations in all sectors should look to deploy authentication protocols, such as DMARC, to shore up their email fraud defenses. Cyber-criminals will always leverage key events to drive targeted attacks using social engineering techniques such as impersonation and will capitalize on a time when guards are down and attentions are focused on grabbing seasonal bargains. Ahead of Black Friday, shoppers must be vigilant in checking the validity of all emails, and retailers must do better to ensure their customers remain safe online.”
Yesterday, Kaspersky released new research, which found online payment fraud surged by 208% between September and October 2021, further highlighting the threats facing online shoppers.
With thanks to the Cyber Defence Alliance and Info-Security magazine. The full story is here: https://www.infosecurity-magazine.com/news/retailers-customers-email-fraud/
Get Your Free 2021 Holiday Security Awareness Resource Kit
It’s the busiest time of year for everyone, especially cybercriminals. They know surges in online shopping, holiday travel, and time constraints can make it easier to catch users off their guard with relevant schemes. That’s why we put together this resource kit to help your users make smarter security decisions every day.
- Free training video for your users on “Stay Safe for the Holidays”, available in 10 languages.
- Free training course for your users on “Staying Safe for the Holidays”.
- Resources to share with your users including tip sheets, digital signage, and a video with helpful tips.
- Newsletters about holiday shopping and travel safety for your users.
- Access to resources for you to help with security planning for the upcoming year.
- Printable and digital assets that you can use to promote cybersecurity awareness in your organization throughout the holiday season.
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://www.knowbe4.com/holiday-resource-kit-partner?partnerid=001a000001lWEoJAAW