Billions of emails purporting to come from brands found fraudulent
Nearly 21 billion emails sent during the six months between October 2014 and March 2015 proclaiming to be from reputable global brands were found to be fraudulent, according to Return Path’s analysis of more than 235 billion messages.
The largest number of fraudulent emails were from the financial services industry and gaming accounting for 11% and 7.6% respectively. The rate for retailers and airlines was significantly less at 4% of messages.
The brands included in Return Path’s study use the DMARC standard to identify and prevent the delivery of suspicious messages so any whose origin could not be authenticated by the standard were classified as suspicious.
Of the 47 billion email messages analyzed during December, 13% could not be authenticated, and this was the peak period within the six months for suspicious email activity. Suspicious email proportions during Q1 2015 remained around 10%, reaching 11% in March.
“As more brands employ email fraud protection technology to detect and stop phishing attacks from reaching consumers, they are discovering massive volumes of messages that seem to come from their sending domains, but which actually come from cyber criminals,” said Robert Holmes, Return Path’s general manager of Email Fraud Protection.
“Authentication-based solutions like DMARC represent the best available approach to identify and block suspicious email. Brands that properly authenticate email sent from their domains are directing mailbox providers to reject millions of potentially fraudulent messages every day, making email safer for all users.”