DMARC

2023年6月23日

三分之二的ASX 200公司對客戶、合作夥伴、員工和更高風險的電子郵件欺詐,根據構建新的分析。域的消息身份驗證的新構建的分析,報告和一致性(DMARC)顯示,67%的澳交所采用200上市公司沒有實現DMARC保護的建議和嚴格的水平,從而防止網絡罪犯欺騙組織身份和減少電子郵件欺詐的風險。而81%的ASX 200公司采用電子郵件認證協議,隻有33%的企業正確實施的建議和最高水平通過阻斷可疑的電子郵件。令人擔憂的是,19%的ASX 200沒有任何DMARC記錄並開放電子郵件欺詐和域欺騙攻擊。“過去的一年表明ASX 200,澳大利亞最知名的品牌,並被明顯的目標email-borne攻擊,”史蒂夫說摩洛人,高級主管,先進科技集團、亞太和日本,構建。“所有澳大利亞人信任他們的數據對這些品牌,無論是他們的信用卡信息,聯係方式,地址,私人醫療記錄或其他敏感信息,而這些公司有責任保持信息安全”。的構建的analysis shows Australia's ASX 200 is lagging behind its global counterparts in DMARC adoption at 81% against a backdrop of increased incidents of email-based cyber attacks. In the United States, the Fortune 1,000 index shows an 88% DMARC adoption rate, whilst in the United Kingdom, the FTSE 100 adoption rate is at 89% and in France, the CAC 40 at 85%. The analysis arrives on the heels of Proofpoint's recent State of the Phish 2023 report, which found that nine in 10 Australian organisations (90%) experienced at least one successful email-based phishing attack in 2022, with almost half (48%) reporting direct financial losses a 60% increase year over year. Proofpoint's analysis revealed the lack of protection against email fraud was commonplace across all sectors including banking, healthcare, mining and minerals, real estate, telecommunications, and utilities. Cyber attackers often target companies using email-based attacks designed to trick victims into thinking they received an email from a senior executive such as the CEO or CFO asking them to transfer funds (known as wire fraud), release sensitive or personally identifiable information, or hand over their credentials. New technologies like ChatGPT are also making it easier for threat actors around the world to craft legitimate-looking communications aimed at duping unsuspecting employees. "We know that a major cyber breach on any company in the ASX 200 can reverberate far and wide, impacting countless stakeholders, including everyday Australians," says Moros. "The combination of lax security behaviours, awareness gaps and a labour market thats seen a lot of movement in recent years has culminated in creating substantial security risks for Australian organisations and their employees." Proofpoint's recent research shows that only two-thirds (67%) of Australian organisations with a security awareness program train their entire workforce. "What's worse is only 37% conduct phishing simulations, meaning a critical component to building an effective security awareness program is being missed," Moros says. "Equipping employees with the knowledge and tools necessary to protect themselves and important company information remains paramount and must be a high priority." Follow us on: