In an examination of the STI30, the top 30 companies listed on Singapore Exchange (SGX), Proofpoint uncovered that 50 percent of these organisations are not taking proactive steps to protect their customers, partners and employees from mail spoofing techniques used in phishing, business email compromise (BEC) and other email-based attacks.
To determine this, Proofpoint looked at the level of protection against the STI30 companies’ domain names and in particular found that half of them have not published a DMARC (Domain-based Message Authentication, Reporting & Conformance) record, making them susceptible to cybercriminals spoofing their identity and increasing the risk of email fraud targeting users.
DMARC, which is an email validation protocol designed to protect domain names from being misused by cybercriminals, authenticates the sender’s identity before allowing the message to reach its intended designation. It verifies that the purported domain of the sender has not been impersonated and relies on the established DKIM (DomainKeys Identified Mail) and SPF (Sender Policy Framework) standards to ensure the email is not spoofing the trusted domain.
Additionally, only 1 of the STI30 companies observed have implemented the recommended (strictest) deployment that block malicious emails from reaching intended targets. In other words, 97% of Singapore’s largest companies are not using established best practices for email security and authentication and are therefore more susceptible to identity deception attacks.
In an era where hybrid work is on the rise, and email communication with suppliers, resellers, employees, and customers is business-critical, this gap represents a prime opportunity for cybercriminals to launch social engineering attacks pretending to come from known brands.
Proofpoint’s 2021 Voice of the CISO Report that surveyed 1,400 CISOs from around the world revealed that 44% of surveyed CISOs in Singapore indicated that they were at risk of suffering a material cyberattack in the next 12 months, with Business Email Compromise emerging as the number one concern. Yet, organisational cyber preparedness continues to remain a major concern more than 18 months into a pandemic that has permanently reshaped the threat landscape. According to the report, only 40% of Singapore’s CISOs polled said that they have strengthened their security posture to better support remote working.
Alex Lei, Senior Vice President, APJ at Proofpoint says, “Email continues to be the number one threat vector, with over 90% of targeted cyber attacks starting with email. With firms adopting hybrid work arrangements, securing this vector has never been more important.”
He adds, “Companies that have not implemented email authentication best practices may be unknowingly exposing themselves to cybercriminals aiming to capitalise on intricate supply chains and potentially tricking critical stakeholders with fraudulent emails. We recommend implementing robust email defences and inbound threat blocking capabilities that includes deploying DMARC email authentication protocols, combined with cybersecurity awareness programs that train users to spot and report malicious emails.”
Maiwand Youssofzay, country manager for South Asia and Korea at Proofpoint added: “DMARC requires deep expertise to successfully implement as well as significant time and resources to gain knowledge of how email authentication works. We recommend organisations partner with vendors such as Proofpoint to get the visibility, tools, and services they need to implement and continually manage DMARC quickly and confidently, without the risk of blocking legitimate mail.”