Sign in
  • Home
  • Products
    • Enforce
    • DMARC Monitor
    • Instant SPF
    • Amplify
  • Solutions
    • Anti-phishing
    • Brand protection
    • Compliance
    • Government
    • Marketing
    • Microsoft
    • Shadow IT
  • About
    • News + awards
    • Partners
    • Team
    • Careers
    • Industry leadership
    • Customer support
  • Learn
    • Resources
    • Blog
    • Customers
  • Support
Request phishing analysis
  • Products
    • Enforce
    • DMARC Monitor
    • Instant SPF
    • Amplify
  • Solutions
    • Anti-phishing
    • Brand protection
    • Compliance
    • Government
    • Marketing
    • Microsoft
    • Shadow IT
  • About
    • News + awards
    • Partners
    • Team
    • Careers
    • Industry leadership
    • Customer support
  • Learn
    • Resources
    • Blog
    • Customers
  • Get started for free
  • Support
  • Sign in
Check to see if you’re protected
☰
Check to see if you’re protected
Share this article
Related posts
  • Blog
    Research: Only 22 of the top 100 retailers are protected by DMARC
  • Blog
    DMARC authentication gets you the deliverability you deserve
  • Blog
    How vulnerable are U.S. election operations to email spoofing?
Valimail blog

Domain spoofing declines as protective measures grow (research part 3)

Author: Dylan Tweney
stock art: hand stopping a row of dominoes from falling

Valimail’s data shows a slow decline in the rate of email spoofing through exact-domain impersonation over the past several years. In the last year it’s remained roughly level at about 1% of all email volume authenticated by Valimail. This is significantly down from 2.3% in the first half of 2018, and 5% in 2017.

One thing to note is that, as Valimail’s customer base has grown, so too has the number of domains at enforcement that we manage.

To put this another way: The domains that Valimail manages have a much, much higher rate of enforcement than the global average — and indeed our customers’ enforcement success rate is far higher than that of every private sector industry.

Since domains at enforcement are less likely to be spoofed (fraudsters give up on spoofing a domain once they notice that spoofing no longer works), we have observed that the rate of fraudulent activity for a domain almost always declines towards zero within a few months after a domain gets to enforcement.

In fact, comparing the volume of fraudulent email during H2 2019, Valimail found that domains without DMARC enforcement were spoofed 3.93x more often compared with domains at DMARC enforcement.

Additionally, the domains that Valimail manages include some high-volume senders of legitimate mail, further skewing the statistics.

The result: The true global rate of fraud for unprotected domains is almost certainly higher than what is shown in this dataset, as it is drawn from a subset of Valimail-managed domains.

However, from this dataset we can get a reasonable picture of where in the world fraudulent email originates, both by overall volume and by which percentage of a country’s email is fraudulent.

Top 10 sources of spoofed email (H2 2019)

 

Country                     Suspicious email count     % suspicious
United States 38,278,235 0.2%
Germany 15,549,633 76.8%
Vietnam 11,763,184 99.8%
Russia 11,013,184 93.0%
United Kingdom 10,856,172 66.8%
China 5,807,768 98.8%
France 5,607,213 54.0%
Netherlands 5,207,620 23.4%
India 5,186,443 91.6%
Singapore 4,669,986 73.6%

This post is part 2 in a 3-part series highlighting Valimail’s latest research. Download the full report for free: Winter 2020 Email Fraud Landscape: Domain spoofing declines as protective measures grow.

Back to blog
Published March 6, 2020
  • DMARC
  • Research
Author: Dylan Tweney
Dylan Tweney is the VP of research and communications for Valimail. He is the founder of Tweney Media, a content-driven communications agency, whose clients have included Samsung, Korn Ferry International, Upwork, YL Ventures, Bloomberg Beta, and Valimail. Formerly, he was the editor-in-chief of VentureBeat and a senior editor at Wired.
Resources
Top retailers remain vulnerable to email brand spoofing
Learn more
Email security with Microsoft and Valimail
Learn more
Election email security
Learn more
Email fraud landscape, Summer 2020
Learn more
Preparing for BIMI: A Marketer’s Guide
Learn more
Latest news
Trump’s refusal to concede the election is creating an opening for cy...
Learn more
2020 General Election Results to Directly Impact Tech Industry
Learn more
Why Email Is Still an Election Day Disinformation Risk
Learn more
US elections are still vulnerable to email spoofing
Learn more
Security Gaps Persist, Report Warns, After U.S. Blames Iran In Election Sch...
Learn more
Press releases
Valimail Triples Customer Base, Becomes Top Global DMARC Provider in 2020
Learn more
Valimail: 2020 election infrastructure still vulnerable to email hackers
Learn more
Valimail Announces Selection by ASG for Anti-Phishing and BEC Protection
Learn more
Valimail DMARC Monitor and Valimail Enforce Now Available in the Microsoft ...
Learn more
Valimail Research Finds More Than 1 Million Domains Using Crucial Email Aut...
Learn more
Follow us
Contact us

P: 888.354.6179
E: info@valimail.com

Headquarters

180 Montgomery Street
20th Floor
San Francisco, CA 94104

Valimail Mountain Office

1550 Larimer Street
Suite 271
Denver, CO 80202

Request a full phishing analysis
© Valimail
  • Terms of use
  • Privacy Policy
  • Do not sell my personal information
  • Website terms of use
  • Phishing Analysis
  • Domain Checker
  • Products
  • Enforce
  • DMARC Monitor
  • Instant SPF
  • Amplify
  • Solutions
  • Anti-phishing
  • Brand protection
  • Compliance
  • Government
  • Marketing
  • Microsoft
  • Shadow IT
  • About
  • News + awards
  • Partners
  • Team
  • Careers
  • Industry leadership
  • Customer support
  • Learn
  • Resources
  • Blog
  • Customers