Phishing stays one of the vital helpful instruments in a cybercriminal’s arsenal as new analysis from Valimail has revealed that at the least 3.4bn faux emails are sent out worldwide every day.
The agency’s newest quarterly report, Email Fraud Landscape for Spring 2019, exhibits that e-mail impersonation accounting for 1.2 p.c of all e-mail sent throughout Q1 2019. While that is decrease than the 1.6 p.c price that Valimail famous in Q2 2018, it nonetheless represents an enormous quantity of pretend messages.
The agency used proprietary information from its evaluation of billions of e-mail message authentication requests together with publicly accessible DMARC and SPF information to compile its report.
CEO and co-founder of Valimail Alexander García-Tobar supplied additional perception on the findings of the report, saying:
“It stays clear that faux emails from hackers, phishers and different cyber criminals represent the most important supply of cyberattacks. As extra corporations acknowledge and reply to e-mail vulnerabilities, we count on to see organizations proceed to deploy authentication applied sciences to guard in opposition to untrusted and fraudulent senders. The reality is that too many attackers are utilizing impersonation to get by way of current e-mail defenses. A sturdy strategy to sender identification and authentication is required to make e-mail extra reliable, as soon as and for all.”
Combating phishing with DMARC
Valimail’s report just isn’t all unhealthy information because the variety of domains deploying DMARC to deal with the faux e-mail drawback continues to develop with greater than 740,000 DMARC-enabled domains worldwide at this time.
The adoption of standards-based e-mail authentication is accelerating in lots of industries although in some classes, such because the Fortune 500, US tech giants and the US federal authorities, DMARC utilization is effectively over 50 p.c.
While adoption could also be up, Valimail discovered that enforcement nonetheless lags behind. Of the domains deploying DMARC, solely round 20 p.c have really configured it to a coverage of quarantine or reject which helps defend the area from impersonation.
The agency additionally discovered that fewer than 10 p.c of all corporations have DMARC information with enforcement insurance policies and solely the US authorities and US tech giants have greater charges of safety at 72 p.c and 24 p.c of domains respectively.