Many Companies Don’t Use DMARC to Fight Phishing

Companies are vulnerable to domain spoofing and phishing attacks that impersonate their corporate email domains—often because they don’t have DMARC policies.

Related: Why Enterprises Struggle to Stop Phishing Attacks

DMARC adoption statistics

  • DMARC records are lacking: 67 percent of Fortune 500 companies (337) do not have a DMARC record on their corporate domain. Of the remaining third, 124 companies have only a Monitor policy.
  • DMARC deployments are set wrong: 92 percent of the DMARC deployments at the Fortune 500 companies surveyed are set to Monitor—instead of Quarantine or Reject—unauthenticated messages.
  • Few policies work to prevent digital deception: Only 10 percent of the Fortune 500 companies have deployed a DMARC policy to prevent digital deception. 3 percent have a Quarantine policy, and 5 percent have a Reject policy.
  • Sectors with highest DMARC adoption rate:
    • Business services: 60 percent
    • Financial services: 57 percent
    • Technology: 55 percent
    • Transportation: 53 percent
  • Sectors with no DMARC adoption:
    • Chemicals: 93 percent
    • Engineering and construction: 92 percent
    • Aerospace: 92 percent
    • Household products: 92 percent
    • Energy: 91 percent
  • FTSE Index adoption rates: 67 percent of companies on the Financial Times Exchange 100 Index (FTSE 100)—which includes the top 100 companies on the London Stock Exchange—don’t have a DMARC record in their corporate domain.
  • FTSE sectors with the highest DMARC adoption rate:
    • Pharmaceuticals: 100 percent
    • Financial services: 40 percent
    • Energy and utilities: 37 percent
    • Retail: 33 percent

Read next: 2021’s Most Successful Phishing Ploys (So Far)

Karen A. Frenkel
Karen A. Frenkel
Karen A. Frenkel is a contributor to CIO Insight. She covers cybersecurity topics such as digital transformation, vulnerabilities, phishing, malware, and information governance.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles