Asian Pacific Businesses Face Record-High Email Attacks
As we step into 2024, the landscape of cybersecurity has dramatically shifted, especially in the realm of phishing attacks, which have surged substantially, seeing an alarming 60% increase compared to the previous year. This significant rise underscores an urgent demand for robust email authentication to fend off cybercriminals who expertly impersonate trusted entities.
Cybersecurity and compliance heavyweight, Proofpoint, has shed light on these emerging concerns, especially highlighting vulnerabilities among leading companies in the Asia Pacific region. Astonishingly, only a mere 12% of these firms have embraced the highest level of email authentication, setting the stage for potential exploitation through email-based attacks.
The core of these findings revolves around the Domain-based Message Authentication, Reporting, and Conformance (DMARC) protocol. This email security mechanism is designed to verify sender identities and thwart the infiltration of fraudulent emails. Featuring three tiers of protection—monitor, quarantine, and the utmost secure setting, reject—DMARC offers a robust line of defense by blocking unverified emails from reaching intended recipients.
“Email remains a major risk across industries. It’s promising to see many companies in the Asia Pacific taking steps to protect their customers from email fraud,” remarked George Lee, Senior Vice President of Asia Pacific and Japan at Proofpoint. “However, the growing complexity, cost, and frequency of cyberattacks make it alarming that so many remain exposed. Strong cybersecurity measures are essential to protect against these threats and safeguard customer data.”
Despite the proactive stance by some, Proofpoint’s analysis uncovers a concerning trend: DMARC adoption in Asia lags behind the US and UK, leaving businesses, and subsequently their customers, vulnerable. Australia stands as a beacon of progress in DMARC enforcement within the region, yet other nations such as Japan, South Korea, and Thailand are trailing, consequently rendering them more vulnerable to email fraud, including phishing and business email compromise (BEC).
The push for fortified email security is not solely driven by the potential for fraudulent attacks. Leading email providers such as Google, Yahoo, and Apple are spearheading efforts to mandate email authentication. As of October 2023, these tech giants have instituted a requirement for mandatory email authentication (inclusive of DMARC) for bulk senders who target Gmail, Yahoo, and iCloud users, with the aim of significantly curbing spam and fraudulent correspondence.
In addition to these technological pushes, regulatory compliance plays a pivotal role. Policies such as the Payment Card Industry Data Security Standard (PCI DSS) are driving the implementation of DMARC, especially in sectors that handle sensitive payment information. This strengthens the security infrastructure as, by March 2025, companies must adhere to DMARC protocols to shield customer credit card data, with non-compliance potentially leading to substantial penalties.
To tackle these pressing security challenges, Proofpoint advises on enhancing email security by following best practices and embracing advanced authentication protocols. Their comprehensive analysis, conducted in December 2024 and leveraging data from organizations listed on the Forbes Global 2000, reveals stark insights into the current state of email security readiness.
Proofpoint remains at the forefront of cybersecurity, dedicated to assisting organizations globally in protecting their people, data, and operations against pervasive cyber threats. Offering a wide-ranging suite of cloud-based solutions, Proofpoint’s influence is substantial, serving 85% of the Fortune 100 companies. For more detailed insights and guidance, visit their official site at www.proofpoint.com.
