According to a recent study by cybersecurity firm Proofpoint, many of Southeast Asia's leading companies are exposing their customers, employees, and partners to email fraud.
Only 13% of the Fortune Southeast Asia 500 companies have implemented the most secure level of email authentication, DMARC reject.
DMARC reject in a nutshell;
This protocol prevents unauthorized emails from reaching users' inboxes, thereby avoiding domain spoofing and phishing attacks.
DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a widely used email validation system that checks the sender's identity.
It protects businesses against email-based threats such as phishing, which is frequently used in business email compromise (BEC) scams.
Despite its importance, Proofpoint discovered that 87% of Southeast Asia's top companies have not implemented the highest level of DMARC protection, leaving them vulnerable to potential attacks.
Key Findings from Proofpoint's Analysis
Based on Proofpoint's analysis, 28% of the region's leading companies have not implemented any form of DMARC, leaving them particularly vulnerable to email fraud.
Thailand (45%) and Vietnam (37%) have the highest percentage of companies that lack DMARC protection.
Singapore and Malaysia perform slightly better, with 85% and 83% of businesses, respectively, using some level of email authentication.
However, even in these countries, a small percentage of businesses have implemented the most stringent security measures to fully protect their email systems.
Without adequate DMARC protection, organizations risk having their emails marked as spam or rejected entirely, lowering customer trust and increasing the likelihood of successful phishing attacks.
Lastly, companies that do implement DMARC, do so without professional assistance, which can result in misconfigurations that block legitimate emails.