Pub-Goers at Risk of Cyber-Attacks as Lockdown Eases

Written by

UK pubs and restaurants are exposing their customers to the risk of phishing attacks as consumers head back to the bar after a long period of lockdown, according to Proofpoint.

The security vendor analyzed the and .com domains of 50 of the top 88 most popular dining brands in the country, to check whether they’ve implemented the strongest level of DMARC (Domain-based Message Authentication, Reporting & Conformance) protection.

It found that 98% had not – in fact 70% had no published DMARC record at all, leaving their customers wide open to phishing.

Just 2% of pub and dining brands had the strongest policy (“p=reject”) in place.

While not a silver bullet, DMARC can help to limit the impact of spam and phishing, but malicious emails will only be prevented from reaching customers’ inboxes if p=reject is set. The weakest setting is p=none, which will allow brands to monitor activity but means phishing emails are still sent to users. The next level up, p=quarantine, will mean suspicious messages are sent to the receiver’s junk folder.

Pub- and restaurant-goers are particularly exposed at present as establishments are requiring many users to book online before they arrive, and/or to provide their details for contact tracing purposes.

This means customers will be primed to expect communications from these brands, something cyber-criminals could leverage to their advantage.

The Prime Minister announced the re-opening of these businesses from July 4 after several months under lockdown.

“We have seen during the pandemic that cyber-criminals don’t hesitate to prey on society’s anxiety around COVID-19 to target individuals and businesses. In times of fear and uncertainty, individuals are much more susceptible to these kinds of attacks, particularly if a fraudulent email looks like it has come from a genuine domain,” said Adenike Cosgrove, cybersecurity strategist, international, at Proofpoint.

“We recommend that people take steps to make sure that they don’t click on anything suspicious, even if it appears to come from an official source, and instead take steps to contact establishments if they aren’t sure.”

What’s hot on Infosecurity Magazine?