Banks’ DMARC Fail Puts #COVID19 Business Loans at Risk of Phishing

Email security failings among most of the banks designated to handle COVID-19 business stimulus loans could be putting applicants at risk of phishing, according to Proofpoint.

The security vendor claimed that only 13 out of the 64 accredited financial institutions have implemented the strongest Domain-based Message Authentication, Reporting & Conformance (DMARC) policy.

This means 80% of the banks aren’t proactively blocking fraudulent emails from reaching customers, while 61% have published no DMARC record at all.

DMARC helps to prevent certain types of spam and phishing attacks by verifying that the domain of the sender hasn’t been impersonated. However, it must be set to p=reject in order to prevent suspicious emails being sent to customer inboxes.

The need for improved anti-phishing measures is heightened at the present time as cyber-criminals lie ready to defraud victim organizations by impersonating trusted authorities like banks.

The government’s Coronavirus Business Interruption Loan Scheme (CBILS), which offers essential financial support to many companies affected by the pandemic, offers just such an opportunity.

“By not implementing simple, yet effective email authentication best practices, these accredited organizations are putting already vulnerable businesses at even greater risk, whilst COVID-19-related attacks are on the rise.” said Adenike Cosgrove, cybersecurity strategist, international at Proofpoint.

“In times of urgency and uncertainty, individuals are much more susceptible to these kinds of attacks, particularly if a fraudulent email looks like it has come from a genuine domain. Having the recommended level of DMARC protection is essential for any organization accredited for the CBILS.”

The government mandated p=reject DMARC for all departments back in 2016 but progress has been slow. Only around a quarter of gov.uk domains support the best practice security protocol, according to a 2019 report from Egress.


Join our webinar next week where we will look at the issue of phishing attacks, and methods such as DMARC to help prevent and manage their impact. Join us live at 3pm BST on Thursday 21st May register here.


What’s Hot on Infosecurity Magazine?