According to Proofpoint research, while more than half (57%) of the top 150 Saudi organizations have published a DMARC record (Domain-based Message Authentication, Reporting, and Conformance), only 21% have implemented the strictest and recommended level of DMARC protection (‘reject,’ putting their customers at risk of email fraud.
Perhaps more worryingly, only 5 out of 50 (10%) oil and gas companies have ‘reject’ in place, which means a whopping 90% are not proactively blocking fraudulent emails from reaching customers. Reject is the strictest and recommended level of DMARC protection, a setting and policy that actually blocks fraudulent emails from reaching their intended target.
In the MEA region, 26 out of 61 airlines have a DMARC policy published, meaning 57 percent have no DMARC protection in place at all. However, only 4 out of 61 (7 percent) have the full recommended implementation of DMARC to protect customers from fraudulent emails spoofing their domain.