Proofpoint, a leading cybersecurity and compliance company, has released research identifying that only 50% of the top 50 Oil & Gas companies that have operations in the Middle East have a Domain-based Message Authentication, Reporting and Conformance, DMARC, record in place.
This means that half of them are leaving customers at heightened risk of email fraud. The lack of a DMARC record makes companies potentially more susceptible to cybercriminals spoofing their identity and increasing the risk of email fraud targeting their customers.
Perhaps more worryingly, only 5 out of 50 oil and gas companies have reject in place, which means a whopping 90% are not proactively blocking fraudulent emails from reaching customers. Reject is the strictest and recommended level of DMARC protection, a setting and policy that actually blocks fraudulent emails from reaching their intended target.
While the region’s oil and gas industry is navigating challenging times caused by sluggish prices and the coronavirus pandemic, it is also fending off surging cyber threats. The Covid-19 pandemic has seen a spike in highly targeted attacks against the energy industry, deployed through email.
A spear-phishing campaign incorporating the malware Agent Tesla took place between March 31 and April 12, 2020. The supposed sender invited recipients to submit bid proposals for equipment and materials as part of an actual gas venture project half-owned by an Egyptian state oil company. The email was sent to more than 150 gas and oil companies, mostly located in Malaysia, the United States, South Africa and Iran.
DMARC, which is an email validation protocol designed to protect domain names from being misused by cybercriminals, authenticates the sender’s identity before allowing the message to reach its intended designation. It verifies that the purported domain of the sender has not been impersonated and relies on the established DKIM, DomainKeys Identified Mail, and SPF, Sender Policy Framework, standards to ensure the email is not spoofing the trusted domain.
Emile Abou Saleh, Regional Director, Middle East and Africa at Proofpoint commented, “At a time when opportunistic cybercriminals are exploiting global uncertainty, a majority of the oil and gas companies in the region are leaving their customers vulnerable to email fraud. By not implementing adequate email protection they are exposing themselves to phishing, impersonation attacks and other unauthorised use of corporate domains. This is despite email remaining the number one threat vector for cybercriminals.”