Nearly 90 Percent of Organizations Targeted by Email Fraud | eWeek

Email Fraud Attacks Continue to Grow, Proofpoint Reports

email security
Feb 14, 2018
3 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

According to security firm Proofpoint, email fraud attacks in the fourth quarter of 2017 were pervasive, with 88.8 percent of organizations targeted by at least one attack.

Proofpoint detailed the findings in its Email Fraud Threat Report, which it released on Feb. 12. As part of the report, Proofpoint analyzed more than 160 billion emails, delivered to 2,400 companies around the world.

On average, Proofpoint found that organizations were more impacted by email fraud attacks in 2017 than in 2016. In the fourth quarter of 2016, Proofpoint reported that 75 percent of organizations were impacted by email fraud; that figure grew to the 88.8 percent figure for the fourth quarter of 2017. More email identities were spoofed in the fourth quarter of 2017 as well, with 47 percent of organizations having more than five spoofed email identities. A spoofed email identity is one in which a fraudster spoofs what is a legitimate email address or user identity within an organization in an attempt to trick others.


“The vast majority of information about spoofed identities comes from social media and internet searches and is easily discoverable,” Robert Holmes, vice president of Email Security Products at Proofpoint, told eWEEK. “While we haven’t done a systematic analysis of this, we did analyze the identities spoofed for a few companies and found that 78 percent of them were on LinkedIn.”

Holmes said Proofpoint also saw that the majority of the spoofed identities had finance or accounting related job titles. He added that there are also databases of employees that are inexpensively available on the dark web. 

“But, fraudsters don’t stop there,” Holmes said. “They also research the business partners and vendors of their targeted organizations.”

DMARC

Email is easily spoofed and used by attackers for fraud when organizations don’t properly protect their domain name and email servers. One of the best ways to help protect the integrity of email domains is with the Domain-Based Message Authentication (DMARC) policy and report protocol.

The U.S. government has mandated that its agencies move toward supporting DMARC. According to Proofpoint’s analysis, 52 percent of U.S. government agencies now have DMARC support for their email domains.

“Fifty-two percent represents progress, but it should have been 100 percent,” Holmes said. “In our view, the holdup was due to competing priorities and compliance violation.”

Proofpoint has seen that many agencies are attempting to implement DMARC by themselves, which can present challenges if they lack the required expertise, Holmes said. Although DMARC can help protect against email fraud attacks by verifying that an email came from a given domain, it is not a complete solution for all forms of email attacks.

“DMARC alone should not be thought of as the silver bullet to stop email fraud as there are various techniques used by attackers in addition to domain spoofing, including lookalike domain spoofing,” he said.

With a lookalike domain, attackers use a misspelled name or some other form of typo in an attempt to trick users. Proofpoint recommends a multilayered approach to solving the full email fraud challenge. The approach includes DMARC authentication, dynamic email analysis to block display name spoofing at the gateway, and lookalike domain discovery to search for domains that have recently been registered by third parties. 

Looking forward, Holmes is not particularly optimistic about future trends for email fraud improving.

“We don’t see any end in sight for the growth of email fraud given the low barrier to entry and the potentially high gains, which could be millions of dollars for a single successful campaign,” he said. “The data from January alone suggests that email fraud will continue to grow considerably in 2018.”

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.