With how much of our personal and professional lives take place online, it becomes more important each day for us to understand our vulnerability to cyberattacks. Cybercriminals target emails, domains, and accounts in order to impersonate identities and scam consumers and businesses alike. In 2021 alone, email spoofing and phishing increased by 220% and caused $44 million in losses. It is crucial to employ defenses to protect against these attacks.

Fortunately, cybersecurity professionals are always working to mitigate the dangers of online communication and data storage. Domain-based message authentication, reporting, and conformance (DMARC) is one of the most effective protections against email attacks, when it is employed correctly. Brand Indicators for Message Identification (BIMI) adds another layer of security to business and consumer emails.

Email security company Agari recently released a report outlining trends in email fraud and identity deception in 2021, analyzing data from millions of domains and trillions of emails to look at the state of email security from multiple angles. The key findings from the report are detailed below.

When looking at prominent companies’ DMARC implementation, it is important to note that in order to actually protect against attacks, the level of enforcement is vital. In 2021, 34% of Fortune 500 companies had DMARC at full enforcement, up 10% from 2020; this is compared to 38% of FTSE100 companies and 21% of HDAX companies. Overall, two-thirds to three-fourths of major companies remain unprotected and are still at risk of being impersonated and targeted in email and phishing scams.

Companies dealing with finance, technology, and Software-as-a-Service (SaaS) were found to be the most frequently impersonated in phishing attacks. It should come as no surprise that cybercriminals are focusing their efforts on finance and technology in an effort to profit from lax cybersecurity. On the positive side, the (Read more...)