Report Reveals Widespread Domain and Email Impersonation Fraud
A new report by cybersecurity firm Agari has revealed the extent of domain and email impersonation fraud. The report highlights how fraudsters are using fake domain names and email addresses to impersonate legitimate organizations and trick people into giving up sensitive information. The following are the key findings of the report.
Scope of the Problem
The report analyzed more than 4.4 billion emails and found that 1 in 7 emails had been sent from a domain that was newly created, meaning it had been set up in the past 30 days. Of these newly created domains, 71% were identified as fraudulent or suspicious. This highlights the scale of the problem and the ease with which fraudsters can create fake domains to carry out their scams.
Impact on Businesses
The report also found that the top five industries targeted by domain impersonation scams were financial services, healthcare, energy, retail, and technology. These industries are attractive targets for fraudsters because they hold valuable personal and financial information. The report estimates that the cost of these scams to businesses is around $26 billion per year.
Sophistication of Scams
The report also highlights the increasing sophistication of these scams. Fraudsters are using a range of techniques to impersonate legitimate organizations, including creating fake email accounts, using similar domain names, and creating fake websites. They are also using social engineering tactics to trick people into clicking on links or opening attachments that contain malware.
Geographic Distribution
The report also looked at the geographic distribution of domain impersonation scams. It found that the United States was the most common target, with 40% of all fraudulent domains being hosted in the US. Other common locations for fraudulent domains included Russia, China, and France.
Solutions
The report recommends a range of solutions to combat domain and email impersonation fraud. These include better domain verification practices, the use of email authentication protocols such as DMARC, and the adoption of security awareness training programs for employees.
With the increasing sophistication of these scams, it is crucial that businesses stay vigilant and adopt robust security measures such as secure verification to prevent becoming victims of fraud.