67% of top online retailers in UAE not blocking fraudulent emails from reaching customers: Proofpoint research

67% of top online retailers in UAE not blocking fraudulent emails from reaching customers: Proofpoint research

Proofpoint, a cybersecurity and compliance company, has released research which identifies that eight out of the top nine online retailers in the UAE have a Domain-based Message Authentication, Reporting and Conformance (DMARC) record in place.

However, only three out of the nine (33%) retailers have the strictest and recommended levels of DMARC protection in place, which allows them to identify and block fraudulent emails. This leaves customers of 67% of the top retailers in the country exposed to email frauds.

As retailers gear for high online sales volumes during the Black Friday and Cyber Monday special offers, it is imperative for them to ensure their customers are safeguarded against potential cybersecurity threats.

Emile Abou Saleh, Regional Director, Middle East and Africa (MEA) Proofpoint, said: “Cybercriminals are on the lookout for festive seasons and high sales period to drive targeted attacks through impersonation and retailers are no exception to this. While the Black Friday and Cyber Monday high sales period is a time to grab the best deals, it could also be a potential target zone for cybercriminals to attack. Our research has found that most retailers in the UAE are not implementing effective protection and email authentication best practices to safeguard themselves and their customers.”

Cybercriminals traditionally resort to domain spoofing by posing as well-known brands and send out emails from supposedly legitimate sender addresses to trick the customers. These emails are designed to make the customers share personal details which can then be used to commit frauds. With a DMARC policy in place, retailers can protect employees, customers and partners from cybercriminals.

The UAE-based retailers, however, rank better in comparison to global retailers across the Forbes Global 2,000, which comprises 70 companies. As per another survey by Proofpoint, 30% (21 out of 70) of the Forbes Global 2,000 retailers have no DMARC record and are exposed to email fraud and domain impersonation.

Moreover, while 70% of the retailers in Forbes Global 2,000 have achieved some level of DMARC implementation, only 20% (14 out of 70) retailers have achieved the highest level of protection and are proactively blocking fraudulent emails from reaching customers, partners, vendors and employees.

The research comes at a time of increased demand for online shopping in the UAE, with the market size of the e-commerce industry in the UAE expected to grow from US$7 billion in 2020 to reach US$17 billion by 2025, after the adjustments for the effect of the COVID-19 pandemic on e-commerce, according to Statista.

“Organisations across all sectors should deploy authentication protocols, such as DMARC, to bolster their email fraud defences. From a consumer standpoint, it is vital to remain vigilant and check the validity of all emails and protect customers and businesses,” added Abou Saleh.

Browse our latest issue

Intelligent CIO Middle East

View Magazine Archive