Proofpoint has released research that identifies that eight out of the top nine online retailers in the UAE have a Domain-based Message Authentication, Reporting & Conformance (DMARC) record in place. However, only three out of the nine (33%) retailers have the strictest and recommended levels of DMARC protection in place, which allows them to identify and block fraudulent emails. This leaves customers of 67% of the top retailers in the country exposed to email fraud.
As retailers gear for high online sales volumes during the Black Friday and Cyber Monday special offers, it is imperative for them to ensure their customers are safeguarded against potential cybersecurity threats. Emile Abou Saleh, Regional Director, Middle East, and Africa for Proofpoint, said, “Cybercriminals are on the lookout for festive seasons and high sales period to drive targeted attacks through impersonation and retailers are no exception to this. While the Black Friday and Cyber Monday high sales period is a time to grab the best deals, it could also be a potential target zone for cybercriminals to attack. Our research has found that most retailers in the UAE are not implementing effective protection and email authentication best practices to safeguard themselves and their customers.”
Cybercriminals traditionally resort to domain spoofing by posing as well-known brands and sending out emails from supposedly legitimate sender addresses to trick the customers. These emails are designed to make the customers share personal details which can then be used to commit fraud. With a DMARC policy in place, retailers can protect employees, customers, and partners from cybercriminals. The UAE-based retailers, however, rank better in comparison to global retailers across the Forbes Global 2000, which comprises 70 companies. As per another survey by Proofpoint, 30% (21 out of 70) of the Forbes Global 2000 retailers have no DMARC record and are exposed to email fraud and domain impersonation.
Moreover, while 70% of the retailers in Forbes Global 2000 have achieved some level of DMARC implementation, only 20% (14 out of 70) retailers have achieved the highest level of protection and are proactively blocking fraudulent emails from reaching customers, partners, vendors, and employees. The research comes at a time of increased demand for online shopping in the UAE, with the market size of the e-commerce industry in the UAE expected to grow from seven billion US dollars in 2020 to reach 17 billion US dollars by 2025, after the adjustments for the effect of the COVID-19 pandemic on e-commerce, according to Statista.
“Organisations across all sectors should deploy authentication protocols, such as DMARC, to bolster their email fraud defences. From a consumer standpoint, it is vital to remain vigilant and check the validity of all emails and protect customers and businesses,” added Abou Saleh.