cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Black Friday: Online retailers exposed to email fraud and domain impersonation

Proofpoint has released new research that found one in four of the top online retailers in Australia today are wide open to email fraud and domain impersonation, with days to go until the start of the shopping spree of Black Friday and Cyber Monday.

user iconReporter
Tue, 23 Nov 2021
Black Friday: Online retailers exposed to email fraud and domain impersonation
expand image

The study looked at the DMARC (domain-based message authentication reporting and conformance) records of the top 100 shopping websites ranked by Power Retail. It found that 27 companies have no DMARC protocol, leaving their customers, employees, partners and vendors exposed to receiving emails from scammers posing as trusted retailers. To date, only 16 top online retailers have achieved the highest level of DMARC protection, allowing these companies to block fraudulent emails from reaching inboxes.

DMARC is an open email authentication protocol designed to protect domain names from being misused by cyber criminals.

It authenticates the sender's identity before allowing the message to reach its intended recipient. Organisations using a DMARC protocol can implement three levels of policy for unqualified emails attempting to spoof their domains:

  • monitor (allows unqualified emails to go to the recipient's inbox or other folders);
  • quarantine (directs unqualified emails to go to the junk or spam folder); and
  • reject, the highest level of protection (blocks unqualified emails from getting to the recipient).

The full findings of Proofpoint's DMARC analysis shows:

  • 27 per cent of the top 100 AU retailers have no DMARC record and are wide open to email fraud and domain impersonation (1 in 4);
  • 73 per cent have achieved some level of DMARC implementation; and
  • 16 per cent have achieved the highest level of protection and are proactively blocking fraudulent emails from reaching customers, employees, partners and vendors.

Email is the primary channel for direct marketing used by online retailers, not only during Black Friday and Cyber Monday but throughout the entire year, according to Steve Moros, senior director, advanced technology group, APJ at Proofpoint.

It is also the number one threat vector for cyber criminals, as it allows them to reach potential victims at scale. It's relatively cheap and effective with 90 per cent of successful attacks being via email.

When you consider the top three risks to enterprises are all people-centric and 85 per cent of breaches are human activated, this makes the retail sector particularly prone to having their brands impersonated.

Moros added that given their elevated brand exposure, online retailers should consider implementing the highest level of DMARC protocols so that they can protect their stakeholders and themselves against the consequences of impostor emails, also referred to as business email compromise.

"DMARC is not an obscure protocol either. It's one of the most well-known email authentication standards, and it's even mandated by the ACSC for all public sector organisations, which makes it top of mind for chief information security officers."

"Two years ago, more than half of the top 100 online retailers in Australia were lacking a DMARC record, so there's been positive progress in the industry. However, there are still too many retailers that are only monitoring and quarantining unqualified emails. It's best to block these all together so that stakeholders are less exposed to the risk of engaging with impostor senders," Moros said.

[Related: How PAM Plays a Pivotal Part in Your Essential Eight Program]

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.