Consumers in the UK are at enormous risk of fraud this holiday season, and retailers are doing very little to protect both their businesses, and their customers, from potential disasters.
A new report from cybersecurity firm Proofpoint claims that we're still a long way from seeing DMARC’s strictest level become mainstream and widely adopted.
The company says that as the holiday season draws closer, especially with Black Friday and Cyber Monday being upon us, consumers will be scouring through the internet, but also through their email inboxes, for great deals. Criminals are also aware of this and will try to spoof both websites and newsletters in an attempt to obtain personal and payment info from their victims.
With DMARC, that process becomes infinitely harder.
DMARC, or Domain-based Message Authentication, Reporting & Conformance, is the best way to protect from spoofing, Proofpoint claims, especially with the strictest levels implemented, saying it allows businesses to actively block fraudulent emails from reaching their intended targets.
But businesses are slow to adopt it. Just above half (53 percent) of UK retailers have published DMARC record, which means 47 percent are “wide open to impersonation attacks”. Furthermore, just one in ten (11 percent) have implemented DMARC’s recommended and strictest level – reject.
Of the top 20 online retailers in Europe, Proofpoint claims, 60 percent have a published DMARC record, with just 20 percent having the reject policy set up. That means, the report concludes, that 80 percent are not proactively blocking fraudulent emails from reaching their customers.