The Valimail Q2 2018 Email Fraud Landscape shows that fake email continues to be a serious problem, with an estimated 6.4 billion fake emails sent every day.
That total includes only exact-domain sender spoofing, in which senders put a fake email address in the From: field of their messages. This is one of the most difficult to detect and damaging types of fake emails. For example, the FBI recently reported that business email compromise (BEC) costs have reached $12 billion over the past several years.
Valimail’s study underscores the scope of the fake email problem. Far from being merely a social engineering issue, fake email is a direct result of technical issues with the way email is implemented: It lacks a built-in authentication mechanism, making it all too easy to spoof senders.
However, the fake email crisis is also amenable to a technical solution, starting with the email authentication standards DMARC, SPF, and DKIM.
Other findings from the report:
- The United States continues to lead the world as a source of fake email
- The rate of DMARC implementation continues to grow in every industry
- DMARC enforcement remains a major challenge, with a failure rate of 75-80 percent in every industry
- The rate of SPF usage continues to grow in every industry, despite a high rate of implementation problems.
Read more: Help Net Security