Seventy-two per cent of the largest organisations in the Middle East are exposed to email fraud via domain spoofing, said Proofpoint, a leading next-generation cybersecurity and compliance company, in a new report.

Email continues to be the vector of choice for cybercriminals, Proofpoint added in its analysis of the 57 Global 2000 companies located in the Middle East

Proofpoint research shows that infosecurity professionals reported a higher frequency of all types of social engineering attacks year over year – with 83 percent of global respondents experiencing phishing attacks in 2018, demonstrating a 9 percent year-over-year increase and 64 percent experiencing spear phishing attacks.

For many organisations, the road to easing email fraud risk is paved with DMARC (Domain-based Message Authentication, Reporting and Conformance), an email protocol being adopted globally as the passport control of the email security world.

It verifies that the purported domain of the sender has not been impersonated.  DMARC verification relies on the established DKIM (Domain Keys Identified Mail) and SPF (Sender Policy Framework) standards to ensure the email is not spoofing the domain. This authentication protects employees, customers, and partners from cybercriminals looking to impersonate a trusted domain.

Key findings of the analysis include:

•    In total, only 28 percent of the 57 Global 2000 companies located within the Middle East have published DMARC records to begin protecting their employees, customers and partners from some forms of email fraud. However, only 20 percent of those have published a strict “reject” policy (the most effective policy for defending against domain-spoofing). In the United Arab Emirates, 27 per cent of the Global 2000 companies surveyed had a DMARC record in place.

•    Globally, the adoption level is the highest in the United States with 54 per cent, followed by the Nordic region (Denmark, Sweden, Finland and Norway), the Benelux (Belgium, Netherlands, Luxembourg) and Australia, all at 49 per cent and the UK at 47 per cent.

“Email fraud continues to provide great returns for cybercriminals and our latest research confirm that it is not going away,” said Emile Abou Saleh, regional director of Middle East and Africa for Proofpoint.

“As these threats grow in scope and sophistication, it is critical that organisations shore up their defences against email fraud by adopting technology like DMARC to protect their brand against impersonation.

“Additionally, as cybercriminals take advantage of the human factor to execute their campaigns, companies need to ensure they deploy effective security awareness training to educate employees about best practices as well as establish a people-centric strategy to defend against threat actors’ unwavering focus on compromising end users,” he added. – TradeArabia News Service