ITwire: Top Australian Firms Vulnerable To Domain Spoofing

Stephanie Gray
September 4, 2017


Research completed by cyber security firm Agari claims that only 4% of companies on the ASX 100 are protecting the public against domain name spoofing that is used to trick consumers into believing messages come to them from a particular domain.

Vidur Apparao, the chief technology officer of Agari, a founding member of the standard called domain-based message authentication, report and conformance (DMARC), cited a study that examined phishing amid slow adoption of email authentication using DMARC for this claim.

The Australian component of the study was done in collaboration with Sydney-based infosec firm Infotrust.

He said it had been found that 96% of Australia’s leading companies had left their customers, partners and brand names vulnerable to domain name spoofing, one of the most common vectors of digital deception attack.

“It is unconscionable that only 4% of the ASX 100 organisations are protecting the public against domain name spoofing,” he said.
“Phishing and other forms of digital deception are preventable, and the first step is for our largest companies and government organisations to deploy DMARC, a highly effective open standard.”

DMARC was born in 2007 following a pilot between PayPal and Yahoo! to eliminate phishing emails. Apparao said Agari had worked with AOL, Comcast, Google, Microsoft and Yahoo! to protect the receipt of email since January 2012.

He claimed DMARC more or less eliminated domain name spoofing and associated attacks like phishing, when DMARC policies were set to quarantine or reject unauthenticated email.

Among the ASX 100, another 23% adopted a minimal DMARC policy that monitored, but did not prevent domain spoofing, Apparao said. DMARC adoption was also not high among Fortune 500 and FTSE 100 companies.

“Less than a quarter of ASX 100 companies have DMARC but are only monitoring email traffic and not yet actively rejecting or quarantining suspicious or deceptive emails,” said Dane Meah, chief executive of Infotrust. “Only 4% are either rejecting or quarantining unauthenticated emails.”

“Equivalent companies in the Fortune 500 and FTSE 100 fared better with adoption rates at one third, and active deployment (rejecting or quarantining) about double the Australian rate.”

Meah said this should be a wake-up call to Australian companies. “Cyber criminals are global operators and will look to regions where targets are most vulnerable and wealthy. As other countries get ahead of us with DMARC protections, we’re likely to become more attractive to attackers,” he added.

To read the original article click here.