A full 87.6% of the root domains operated by top e-retailers in the United States and the European Union are putting their brands and consumers at risk for phishing attacks by not implementing email security policies, like DMARC or the Sender Policy Framework (SPF), which detects sender-spoofing attempts.
According to analysis from 250ok of 3,300 domains of the top 1,000 US internet retailers and top 500 EU internet retailers by revenue, the majority of retailers do use some level of email authentication on their domains. However, many are inconsistent in their approach across all the domains they control. Only 11.3% of top US retailer and 12.2% of top EU retailer domains meet 250ok’s recommended minimum protocol for the email channel. That consists of publishing SPF records for all domains, ensuring that SPF records are valid and without errors, and publishing a DMARC policy for all domains.
To read the entire article, please click here.