A leading cyber security and compliance company, today released research identifying that 13 of the top 20 online retailers in the UAE (65 percent), have no published DMARC (Domain-based Message Authentication, Reporting & Conformance) record.
This makes them susceptible to cybercriminals spoofing their identity and increases the risk of email fraud for their customers.
Despite this, only 15 percent of leading retailers – or 3 out of the top 20 – have implemented the strictest and recommended level of DMARC protection, which actively blocks fraudulent emails from reaching their intended target.
Worryingly, 85 percent of leading online retailers are not proactively blocking fraudulent emails, leaving their customers in the UAE vulnerable to email fraud.
Cybercriminals regularly use the method of domain spoofing to pose as well-known brands, by sending an email from a supposedly legitimate sender address.
These emails are designed to trick people into clicking on links or sharing personal details which can then be used to steal money or identities and it can be almost impossible for an ordinary Internet user to identify a fake sender from a real one. Having a DMARC policy in place, protects employees, customers, and partners from cybercriminals looking to impersonate a trusted domain.
In 2020, online shopping has grabbed an ever-increasing market share, given the changing dynamics of retail in the COVID-19 era. According to Kearney Middle East, the e-commerce sector in the GCC is expected to reach $50bn by 2025, and the current pandemic has been the main driver for this growth. With Black Friday (November 27) and Cyber Monday (November 30) approaching, online retail traffic is expected to surge to an annual high, as consumers scour the Internet and scan their inboxes for the hottest deals.
Emile Abou Saleh, Regional Director, Middle East and Africa for Proofpoint, said: “Retailers should prioritise protecting themselves and their customers by implementing simple, yet effective email authentication best practices. Ahead of Black Friday and Cyber Monday, consumers must remain vigilant and check the validity of all emails, especially at a time when their attention is more likely to be focused on grabbing the best deals. With greater numbers of people now online, organisations in all sectors should deploy authentication protocols, such as DMARC, to bolster their email fraud defences and protect customers and businesses.”
Cybercrime is a real threat facing millions of online shoppers this festive season. Cybercriminals typically leverage key events to drive targeted attacks using social engineering techniques such as impersonation. Email remains the vector of choice for cybercriminals and the retail industry a key target. As shoppers anticipate deals over emails from retailers during this time, cybercriminals send fraudulent emails, and steal personal or financial data.