Top Middle East retailers are steadily improving their email security measures, better protecting customers from the potential risk of email fraud.
This is according to leading cybersecurity and compliance company Proofpoint, which has released research ahead of the holiday and shopping season.
These findings are based on a Domain-based Message Authentication, Reporting and Conformance (DMARC) adoption analysis of the top retailers in the Middle East. DMARC is an email authentication protocol designed to protect domain names from misuse by cyber criminals. It authenticates the sender's identity before allowing a message to reach its destination. DMARC offers three levels of protection: monitoring, quarantine, and rejection, with rejection being the safest way to prevent suspicious messages from reaching the inbox.
DMARC record
The analysis reveals that a vast majority of Middle East retailers (90%) have published a DMARC record, and 8 out of the top 20 (40%) have the strictest and recommended DMARC policy (‘reject’) in place. This is a slight improvement from last year – where findings suggested that only 30% had implemented the DMARC policy at ‘reject’ level and were proactively blocking fraudulent emails from reaching consumers.
According to a study by IMARC, the Middle East retail market size is projected to grow by 4.21% from 2024-2032, driven by a surge in population and evolving consumer preference for online shopping. Through the high traffic of retail activity, attackers are now using new tactics to exploit their human targets.
Emile Abou Saleh, Regional Director, Middle East & Africa at Proofpoint, said, "Middle East retailers realise the risks millions of consumers face daily when they shop online. Our research shows that phishing, ransomware, and business email compromise remain among the top attack vectors plaguing organisations across all industries. Amid a surge in e-commerce in the region, deploying authentication protocols, such as DMARC, will be critical to support the growth and security posture of the retail sector.”
Email number one threat vector
Email remains the number one threat vector, and phishing emails can lead to unsafe websites that gather personal data, such as credentials and credit card data. Therefore, it is always best to go directly to the source of the advertised deal by typing a known website address directly into a browser.
For special offer codes, Proofpoint recommends entering them at the checkout to see if they are legitimate. It also recommends using a password manager to make the online experience seamless, whilst staying safe and using a multi-factor authentication for an added layer of security.