With the transition to online banking, virtual financial services and cryptocurrency, it’s no surprise that the financial services sector is a top target for cybercriminals.
Without having domains secured with a DMARC enforcement policy, criminals can pose as a bank or investment firm and send phishing emails to customers with a goal of gaining access to accounts, stealing personal information, redirecting payments, and installing ransomware.
When a financial institution has its domains exploited by phishing, not only are there financial losses from misdirected funds and clean-up costs, but with the media attention and tarnished brand reputation there is a loss of trust with your customers. DMARC allows domain owners to view who is sending email on their behalf, confirm the legitimate sources and disqualify the rest.
According to IBM, “financially-motivated cyber criminals make up the greatest portion of active cyber threat actors targeting financial entities, and the allure of financial companies to a cybercriminal is clear: potentially significant and rapid payouts—in the millions—for a successful attack.” And for four years running, the finance and insurance industries have experienced the highest number of attacks.
With financial institutions continuing to be a top target for phishing exploits, we examined the DMARC status of the world’s top 100 banks based on assets as reported.
dmarcian is here to help financial institutions deploy DMARC authentication to fight business email compromise, phishing and spoofing with our DMARC Management Platform, educational resources, and expert support.
