PRESS RELEASE
20 December 2023 – New data from EasyDMARC has revealed the increasing threat of phishing as emails intercepted by the DMARC software grew over 7.5% from January 2022 to November 2023 proportionally.
The new research conducted by the email security provider across ten countries tracked the number of emails intercepted by its DMARC technology. First published in 2012, the DMARC standard enables the automatic flagging and removal of inbound emails impersonating senders’ domains- a crucial way to prevent phishing and spoofing attempts.
The research discovered that across 15,440 domains between January and June 2022, over 250 million of the almost 2.5 billion emails shared were flagged as imitating a legitimate domain, representing 10.21%. Just a year later, during the same period in 2023, that number rose to over 769 million emails out of a total of 4.34 billion, representing 17.73% – a 75% rise. Initial findings also suggest this figure is due to rise to around 20% by the end of 2023.
The research also highlighted the increasing number of suspicious emails per domain. In the first half of 2022, the DMARC technology flagged 16,298 emails per domain as potentially harmful. This grew almost a quarter (24%) to 20,210 in 2023.
With an average click rate of 17.8% for phishing campaigns in 2021 and the average cost of a cyber attack sitting at $4.45 million globally (rising to $9.48 million in the US), employees and business leaders alike are struggling to keep up with the pace and complexity of cyber attacks, highlighting the crucial need for simple security solutions that combat threats before they reach employee inboxes.
Gerasim Hovhannisyan, EasyDMARC CEO and co-founder said:
“Impersonating email addresses and domains continues to be an alarmingly effective tactic used by cybercriminals to bypass cyber defenses. The fact that EasyDMARC customers have seen a 70% proportional increase in potentially malicious emails highlights the urgent need for businesses to act.
“Despite the size of the challenge, however, examples such as Gmail and Yahoo’s recent expansion of email authentication protections highlight that awareness is spreading. Implementing protocols like SPF, DKIM, and DMARC to verify sender identities is one key way businesses can protect themselves. Though phishing presents a serious and ongoing danger, we can work together to tackle this growing threat with more vigilance, training, and the right tools.”
Source: www.darkreading.com