Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Email Security

Nearly 1 Million Domains Use DMARC, but Only 13% Prevent Email Spoofing

Nearly one million domains use DMARC, but only 13% of them are configured to actually prevent email spoofing, according to a report published this week by anti-phishing solutions provider Valimail.

Nearly one million domains use DMARC, but only 13% of them are configured to actually prevent email spoofing, according to a report published this week by anti-phishing solutions provider Valimail.

DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication, policy, and reporting protocol designed to detect and prevent email spoofing. Organizations can set the DMARC policy to “none” in order to only monitor unauthenticated emails, “quarantine” to send them to the spam or junk folder, or “reject” to completely block their delivery.

Valimail says a total of 933,000 domains had published DMARC records in January 2020, up from 784,000 domains in July 2019. The adoption of DMARC increased by 70% compared to the previous year and by 180% compared to two years ago.

However, only 13% of the 933,000 domains are configured with the quarantine or reject enforcement policies.

“Worse, that percentage has generally declined over time, although it has remained level in the past twelve months. The inescapable conclusion: interest in DMARC is growing, but DMARC expertise is not keeping pace,” Valimail wrote in its report.

The company says a majority of the nearly one million domains with DMARC records belong to small organizations or individuals. Valimail’s analysis found that nearly 52% of the primary domains of billion-dollar publicly traded companies have DMARC records, but only 23% actually prevent email spoofing.

Global banks and financial services companies have an enforcement rate of 33%, followed by Fortune 500 companies at 28%, tech firms at 24%, and media companies at 22%.

Advertisement. Scroll to continue reading.

U.S. federal government domains have the highest enforcement rate at 93%, which can be attributed to the DHS’s Binding Operational Directive (BOD) 18-01, which instructed federal agencies to enforce DMARC. However, there still are many government domains that don’t have DMARC records.

DMARC status by sector

The United States continues to be the largest source of spoofed email by volume, and over 90% of emails coming from Russia, China, India and Vietnam are suspicious.

Valimail reported last month that the use of DMARC by presidential candidates in the United States had improved, but seven of the 15 then-candidates had still failed to protect their domains from spoofing.

Related: Threat From Spoofed Emails Grows, While DMARC Implementation Lags

Related: Many Federal Agencies Fail to Meet DMARC Implementation Deadline

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Compliance

Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...