Email Fraud in 2022: What you Need to Know | The State of Security

With how much of our personal and professional lives take place online, it becomes more important each day for us to understand our vulnerability to cyberattacks. Cybercriminals target emails, domains, and accounts in order to impersonate identities and scam consumers and businesses alike. In 2021 alone, email spoofing and phishing increased by 220% and caused $44 million in losses. It is crucial to employ defenses to protect against these attacks.

Fortunately, cybersecurity professionals are always working to mitigate the dangers of online communication and data storage. Domain-based message authentication, reporting, and conformance (DMARC) is one of the most effective protections against email attacks, when it is employed correctly. Brand Indicators for Message Identification (BIMI) adds another layer of security to business and consumer emails.

Email security company Agari recently released a report outlining trends in email fraud and identity deception in 2021, analyzing data from millions of domains and trillions of emails to look at the state of email security from multiple angles. The key findings from the report are detailed below.

When looking at prominent companies’ DMARC implementation, it is important to note that in order to actually protect against attacks, the level of enforcement is vital. In 2021, 34% of Fortune 500 companies had DMARC at full enforcement, up 10% from 2020; this is compared to 38% of FTSE100 companies and 21% of HDAX companies. Overall, two-thirds to three-fourths of major companies remain unprotected and are still at risk of being impersonated and targeted in email and phishing scams.

Companies dealing with finance, technology, and Software-as-a-Service (SaaS) were found to be the most frequently impersonated in phishing attacks. It should come as no surprise that cybercriminals are focusing their efforts on finance and technology in an effort to profit from lax cybersecurity. On the positive side, the spike in cyberattacks has prompted a wider push to strengthen DMARC enforcement across the board. 

Another significant target for cyberattacks is the healthcare industry. The Agari report indicates that almost 12 billion pieces of protected healthcare information were exposed in 2020, and the Health and Human Services Leak Portal registered 325 new data leaks just in the first half of 2021. The industry average for healthcare domains with DMARC set at the highest level of enforcement is a mere 19%, leaving more than four-fifths of healthcare industry domains at risk. 

On the whole, there are almost 13 million domains with recognizable DMARC policies, which is a 19% increase from 2020. Of those, nearly 4.8 million domains have DMARC set to the highest level of enforcement, a 24% increase from 2020. While this growth is promising of a widespread awareness of the importance of email security, it still represents only a small portion of the half-billion domains that Agari scanned for the report.

In addition to DMARC implementation and enforcement, BIMI is a significant marker of a company’s protection against email attacks. Implementing DMARC can boost email deliverability rates for domains with BIMI records, providing more authentication than just using one or the other. The Agari report shows a 96% growth in BIMI adoption since 2020, with high-profile companies like Google and Yahoo joining the nearly 19,000 brand domains with BIMI records. 

Among top companies and brands, DMARC implementation is growing, but the rate of increase is less than ideal. The majority of the most prominent and highly valued companies remain unprotected, leaving an opening for cybercriminals to impersonate them in email spoofing or phishing campaigns. It is important for these companies to prioritize cybersecurity in order to protect the data and private information of their customers, and the general public.

In contrast, the massive jump in the proportion of brands implementing BIMI is encouraging as evidence of these companies taking email security seriously. While BIMI alone is not the most a company can do to protect its customers from email spoofing and phishing, it is an important layer of authentication that can prevent cyberattacks where criminals impersonate a brand in an email to gain access to customers and their private information. 

There are many steps that a company can take in order to ensure the highest level of security possible, including measures against identity deception such as DMARC and BIMI, as well as things like penetration testing. Many companies use several of these tools at once, protecting against cyberattacks on multiple levels and through a variety of methods, thus patching as many gaps in security as possible. 

Cybersecurity is vital at every level of a company and in every aspect of life. Businesses are realizing the need to invest in infrastructure to protect against cyber threats the same way they do for health and safety threats. Major industries have been rapidly digitizing for several years, and if the protection against cyberattacks is unable to keep up with these technological advancements, then companies – their data, their employees, their customers, and their money – remain at risk. Thankfully, it seems as if growth, however gradual, is undoubtedly occurring.

About the Author: PJ Bradley is a writer on a wide variety of topics, passionate about learning and helping people above all else. Holding a bachelor’s degree from Oakland University, PJ enjoys using a lifelong desire to understand how things work to write about subjects that inspire interest. Most of PJ’s free time is spent reading and writing.

Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.