Tech Companies Make Progress in Anti-Phishing Protection: Sector’s Embrace of DMARC and SPF a Good Sign — But Implementation Challenges Remain.
The technology industry is moving more quickly than most to protect itself, but even here there is room for improvement. The majority of those that have embarked on an email authentication project have not completed their journeys. As a result, 90 percent of large tech companies remain unprotected from impersonation. They — and their customers and partners — are still at risk for phishing attacks.
For this study, Valimail examined the primary domains for 525 global technology companies with revenues over $500 million annually.
Download the report to learn more about these key findings:
- 49 percent of large global technology companies have DMARC records of some kind, indicating that they have, at minimum, begun to deploy this anti-phishing technology
- 19 domains (3.6 percent of the total) have DMARC records that are incorrectly configured
- 183 domains (35 percent of the total) have DMARC records that are correctly configured, but have not been set to a policy that will actually stop phishing via spoofed From addresses
- 55 domains (10.5 percent) had DMARC records that were correctly configured and set to a policy that will stop phishing/spoofing (aka enforcement)
- DMARC is positively correlated with revenue: The companies with DMARC enforcement had an average revenue more than twice that of the companies with no DMARC records at all ($10.2 billion vs. $5 billion)