American Shoppers at Risk of Email Fraud this Black Friday and Cyber Monday
SUNNYVALE, Calif., Nov. 20, 2023 (GLOBE NEWSWIRE) -- With days to go until the start of the Black Friday and Cyber Monday shopping period, Proofpoint, a leading cybersecurity and compliance company, today released new research revealing more than half (52%) of the top 50 online retailers in the United States are not taking appropriate measures to protect consumers from potential email fraud and cybercrime.
Experts are anticipating a record-breaking holiday shopping season this year, with forecasted retail sales estimated between $957.3 billion and $966.6 billion. A recent survey from the National Retail Federation (NRF) found consumers plan to spend $875 on core holiday items including gifts, decorations, food and other holiday-related purchases this year.
Proofpoint’s analysis of the top 50 retailers according to the NRF and their adoption of DMARC1, a widely-used authentication protocol that helps guarantee the identity of email communications and protects website domain names from being spoofed and misused, has found:
“The influx of emails from brands offering great deals during the Black Friday and Cyber Monday shopping period makes it an opportune time for cyber criminals to capitalize on the spike in email traffic and target shoppers with creative and convincing lures and scams,” said Robert Holmes, group vice president and general manager of Proofpoint’s Sender Security and Authentication business. “As consumers search the internet and check their inboxes for the latest shopping bargains, it's important to remain vigilant and practice safe online shopping. Remember that even on Black Friday and Cyber Monday, if it seems to be too good to be true, it probably is!”
Email is a widely used marketing tool and a popular channel for cyber criminals to leverage to conduct large-scale phishing campaigns to steal personal information or credit card details that can then be used to engage in identity and financial fraud. DMARC is widely viewed as best-practice in preventing suspicious emails from reaching the inbox, yet more than one in ten leading online retailers aren’t protected, allowing malicious actors to impersonate their brand by delivering malicious emails to consumers’ inboxes.
DMARC (Domain-based Message Authentication, Reporting and Conformance) authenticates an email sender’s identity before allowing a message to reach its intended destination, ensuring the sender is who it says it is to prevent cybercriminals from impersonating a trusted company or brand.
Against this backdrop, Google and Yahoo! recently announced that beginning in February 2024, email DMARC authentication will be required to send messages from their platforms, signaling that critical steps are being taken to prevent spam and scams. These security requirements will apply especially to accounts that send large volumes of emails per day, such as retailers, which will need to have the DMARC authentication protocol deployed. Failure to comply will significantly impact the deliverability of legitimate messages to customers with Gmail and Yahoo! accounts.
“Our 2023 State of the Phish Report revealed that more than a third of Americans think an email is safe if it merely includes familiar branding,” added Holmes. “We encourage shoppers to take extra care this holiday season, avoid clicking on suspicious links in emails and ensure they transact on verified websites. We also encourage consumers to make sure they are doing their due diligence when shopping—not just during Black Friday and Cyber Monday, but whenever they’re spending money and providing personal and financial information online.”
Proofpoint’s tips to stay safe when shopping for seasonal bargains this holiday season:
To find out more about DMARC, visit https://www.proofpoint.com/us/products/email-fraud-defense.
Methodology: This analysis was conducted in October 2023 using data from the National Retail Federation's Top 100 Retailers 2023 List.
About Proofpoint, Inc.
Proofpoint, Inc. is a leading cybersecurity and compliance company that protects organizations’ greatest assets and biggest risks: their people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber attacks. Leading organizations of all sizes, including 85 percent of the Fortune 100, rely on Proofpoint for people-centric security and compliance solutions that mitigate their most critical risks across email, the cloud, social media, and the web. More information is available at www.proofpoint.com.
Proofpoint is a registered trademark or tradename of Proofpoint, Inc. in the U.S. and/or other countries. All other trademarks contained herein are the property of their respective owners.
PROOFPOINT MEDIA CONTACT: