Most ecommerce sites fail to protect consumers from phishing attacks
Phishing and spoofing attacks against consumers are most likely when companies do not have a published sender policy framework (SPF) or domain-based message authentication, reporting and conformance (Dmarc) policy in place.
While the majority of retailers use some level of email authentication on their domains, the report reveals many are inconsistent in their approach across all the domains they control. Only 11.3% of top US retailers and 12.2% of top EU retailer domains meet 250ok’s recommended minimum protocol for the email channel.
A 2017 study from the Anti-Phishing Working Group reported that an average of 443 brands per month were targeted for phishing attacks in the first half of 2017, up from 413 per month during the same period in the previous year. According to the 250ok report, these attacks are a threat to brand trust because 91% of all cyber-attacks begin with a phishing email.
This main finding of the report are based on the analysis of 3,300 domains operated by the top 500 EU and 1,000 US online retailers.
The Paypers is the Netherlands-based leading independent source of news and intelligence for professional in the global payment community.
The Paypers provides a wide range of news and analysis products aimed at keeping the ecommerce, fintech, and payment professionals informed about the latest developments in the industry.
Current themes
No part of this site can be reproduced without explicit permission of The Paypers (v2.7).
Privacy Policy / Cookie Statement
Copyright