Email fraud landscape, Winter 2020

Domain spoofing declines as protective measures grow

The battle against phishing rages on. Estimates from the FBI peg losses due to just one type of email-based attack, the business email compromise (BEC), at $1.7 billion in 2019 alone. Other sources have noted that 83% of email attacks are brand impersonations and another 6% are impersonations of people, meaning nearly 90% of all email attacks rely on deceptive sender identity (i.e. spoofing). And meanwhile, email remains the single largest vector for initiating cyberattacks of all kinds, as many studies have shown over the years and IBM Security recently confirmed.

Key findings:

  • Nearly 1 million domains globally now have DMARC records
  • 70% growth in DMARC records in the past year, and 180% growth over two years
  • Only 13% of all DMARC records are configured with enforcement policies
  • 23% of billion-dollar companies’ domains are at enforcement
  • 1% of global email volume, at a minimum, is sent using a spoofed domain
  • The United States remains the largest source of spoofed email by volume
  • Vietnam, Russia, China, and India continue to have a high proportion of spoofs among email originating from those countries
  • Domains without DMARC enforcement are spoofed at 3.93x the rate of domains with DMARC enforcement