Domain spoofing declines as protective measures grow

The battle against phishing rages on. Estimates from the FBI peg losses due to just one type of email-based attack, the business email compromise (BEC), at $1.7 billion in 2019 alone. Other sources have noted that 83% of email attacks are brand impersonations and another 6% are impersonations of people, meaning nearly 90% of all email attacks rely on deceptive sender identity (ie spoofing). And meanwhile, email remains the single largest vector for initiating cyberattacks of all kinds, as many studies have shown over the years and IBM Security recently confirmed.

In this battle, DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a front-line defense — and it’s working. Evidence from Valimail shows that the use of DMARC is growing. And, despite relatively low rates of configuring it with enforcement policies (which actually stop spoofing), it is having a noticeable, positive effect on reducing exact-domain spoofing globally.

At a glance

• Nearly 1 million domains globally now have DMARC records
• 70% growth in DMARC records in the past year, and 180% growth over two years
• Only 13% of all DMARC records are configured with enforcement policies
• Domains without DMARC enforcement are spoofed at 3.93x the rate of domains with DMARC enforcement