Phishing and spoofing attacks against consumers are most likely when companies do not have a published sender policy framework (SPF) or domain-based message authentication, reporting and conformance (Dmarc) policy in place.
While the majority of retailers use some level of email authentication on their domains, the report reveals many are inconsistent in their approach across all the domains they control. Only 11.3% of top US retailers and 12.2% of top EU retailer domains meet 250ok’s recommended minimum protocol for the email channel.
A 2017 study from the Anti-Phishing Working Group reported that an average of 443 brands per month were targeted for phishing attacks in the first half of 2017, up from 413 per month during the same period in the previous year. According to the 250ok report, these attacks are a threat to brand trust because 91% of all cyber-attacks begin with a phishing email.
This main finding of the report are based on the analysis of 3,300 domains operated by the top 500 EU and 1,000 US online retailers.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now