Global adoption of the DMARC email authentication standard has risen by almost a quarter over the past year, although EMEA still lags some way behind North America, according to a new report.
Domain-based Message Authentication, Reporting, and Conformance (DMARC) can significantly reduce instances of phishing or spoofed emails by ensuring recipients’ computers check that incoming mail and attachments are authorized by the domain's administrators and haven’t been modified in transit.
Founding member of the standard, Return Path, analyzed 1000 brands worldwide and found a year-on-year increase in adoption of 24%, up to 29%.
However, there remains a big disparity in adoption between the US and Canada at the top (42%) and EMEA (16%) and Australia and New Zealand (18%) at the bottom.
There was also a notable difference between industries leading the way such as social media (59%) and technology (51%) and the likes of healthcare (16%) and ISP/Telco (21%).
Legacy IT infrastructure, convoluted email ecosystems, and risk-aversion were all cited as reasons contributing to the continued slow adoption rates in some industries.
That said, 2.5 billion inboxes are now protected by DMARC and most major webmail providers including Yahoo and AOL support the standard. Google is switching DMARC on in June.
Although, the report added the following note of caution:
“However, it is important to note that enterprise-messaging gateways are in the early stages of rolling out DMARC, and reporting capabilities are still a big hurdle. 2016 will see an increased focus on providing enhanced reporting capabilities that threat intelligence platforms can leverage to identify malicious activity faster.”
Robert Holmes, general manager of email fraud protection at Return Path, said DMARC is increasingly becoming a silver bullet for stopping domain spoofing attacks.
“However there is no single silver bullet for all types of attacks. Return Path data shows that 30% of all email phishing threats use a company’s own domains. Once DMARC is implemented, cyber-criminals leverage the organization’s brand in other ways, like display name spoofing or use of cousin domains. There is also the challenge that some regional ISPs do not currently support DMARC,” he told Infosecurity by email.
“Defending against the other 70% requires a comprehensive understanding of the tactics fraudsters use to bypass email authentication. To truly fight targeted phishing attacks organizations need full visibility into all threats. Detection and response play an important role in the fight against phishing and today threat intelligence is the only way to know how an organization’s brand is being used in phishing emails to target customers and/or employees.”
A multi-layered approach to security and preventing phishing should always include “people, process and technology implementations,” Holmes concluded.