Only 12.5% of Top US Retailers Protect Customers from Email Fraud

A study conducted by cloud-based email security company Red Sift has found that only 12.5% of America's top 100 retailers have taken steps to prevent fraudulent emails from landing in their customers' inboxes.

The worrying finding emerged after Red Sift researchers looked into the DMARC status of companies featured in STORES Magazine’s Top 100 Retailers for 2019, along with their subsidiaries. 

DMARC (Domain-based Message Authentication, Reporting & Conformance) is a globally ratified protocol that ensures emails are authenticated before they reach users’ mailboxes and confirms that they have been sent from legitimate sources. 

If DMARC settings are configured to "reject," potential phishing emails can be stopped at the gateway. Alternatively, a company can choose the DMARC setting "quarantine" to redirect unauthenticated emails to the junk folder.

Red Sift researchers found that of the 120 unique sites they examined, only six had their DMARC set to "quarantine," and just nine had it set to "reject." A staggering 41 had no DMARC protection in place at all, while 64 "had DMARC in place, but online in monitoring mode," a Red Sift spokesperson told Infosecurity Magazine. 

The retailers who opted for "reject"—the strongest form of protection—were Walmart, Verizon Wireless, Kohl’s, Gap, Wegmans, Tractor Supply Co., Burlington Coat Factory, IKEA, and Williams-Sonoma. 

"Quarantine" was the configured DMARC setting for Amazon, Apple, Dress Barn, Lane Bryant, Wayfair, and Belk.

Red Sift co-founder & CEO Rahul Powar told Infosecurity Magazine that the study's most surprising finding was "the sheer volume of unprotected retailers, give ..

Support the originator by clicking the read the rest link below.