67% GCC banks using DMARC protection reject higher than global average finds Proofpoint

Haifa Ketiti, Senior Systems Engineer, Middle East, Proofpoint.
Haifa Ketiti, Senior Systems Engineer, Middle East, Proofpoint.
2 years ago

Proofpoint, released research which shows majority of GCC banks (94%) have published a DMARC record (Domain-based Message Authentication, Reporting & Conformance), while 67% (34 of 51) have implemented the strictest and recommended level of DMARC protection (‘reject’). This shows that the GCC performs better than the global average, with 63% of financial organisations listed under the Fortune Global 500 having published a DMARC record, and only 39% (47 of 122) implementing the strictest and recommended level of DMARC protection, ‘reject’.

While two thirds of GCC banks have implementing the strictest DMARC levels of protection, one third of the banks may leave their customers vulnerable to email-based fraud.

DMARC is an email validation protocol designed to protect domain names from being misused by cybercriminals. It authenticates the sender’s identity before allowing the message to reach its intended designation. ‘Reject’ is the strictest and recommended level of DMARC protection, a setting and policy that blocks fraudulent emails from reaching their intended target.

Haifa Ketiti, Senior Systems Engineer, Middle East at Proofpoint, said, “Email continues to be the vector of choice for cybercriminals and the financial sector remains a key target. Cybercriminals continue to impersonate leading organisations by sending out emails from supposedly legitimate sender addresses to trick customers. Our research has shown that many GCC financial institutions are still exposing people to cybercriminals on the hunt for personal and financial data by not implementing simple, yet effective email authentication best practices.”

Ketiti added: “The GCC financial sector is poised for strong growth post-Covid, especially as the World Bank has projected that GCC economies are set to expand by 5.9% in 2022.  Therefore, building robust defences and cyber resilience by implementing DMARC, which verifies that the purported domain of the sender has not been impersonated, will be invaluable for GCC banks in the future.”

Don't Miss

Rohit Dixit, executive vice president and chief customer officer at Proofpoint

Proofpoint Unveils Comprehensive Data Loss Prevention Solution

Proofpoint has launched a proprietary, partner-friendly, end-to-end information protection framework, providing organisations

New Security Brief: Millions of Messages Distribute LockBit Black Ransomware

Proofpoint observed high-volume campaigns, involving millions of messages, facilitated by the Phorpiex