Email fraud landscape, Winter 2020

The battle against phishing rages on. Estimates from the FBI peg losses due to just one type of email-based attack, the business email compromise (BEC), at $1.7 billion in 2019 alone. Other sources have noted that 83% of email attacks are brand impersonations and another 6% are impersonations of people, meaning nearly 90% of all email attacks rely on deceptive sender identity (i.e. spoofing). And meanwhile, email remains the single largest vector for initiating cyberattacks of all kinds, as many studies have shown over the years and IBM Security recently confirmed.

Key findings:

  • Nearly 1 million domains globally now have DMARC records
  • 70% growth in DMARC records in the past year, and 180% growth over two years
  • Only 13% of all DMARC records are configured with enforcement policies
  • 23% of billion-dollar companies’ domains are at enforcement
  • 1% of global email volume, at a minimum, is sent using a spoofed domain
  • The United States remains the largest source of spoofed email by volume
  • Vietnam, Russia, China, and India continue to have a high proportion of spoofs among email originating from those countries
  • Domains without DMARC enforcement are spoofed at 3.93x the rate of domains with DMARC enforcement

Get started for free
with Monitor

Start your path to DMARC enforcement with a panoramic view of the traffic being sent on your behalf.
No trial offers, credit cards, or obligations.

Explore all Valimail
has to offer

Go one step further than visibility…Take action! Reach DMARC enforcement faster. Stay compliant with evolving sender requirements. All while protecting your brand.

Phishing and BEC protection starts with your domain — verify your DMARC status with the Valimail Domain Checker.