iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Two-thirds of Aussie banks fail to implement the most stringent level of email authentication protection, leaving customers at risk of fraud.
A new analysis by cyber security firm Proofpoint has shown that Australian banks are falling behind when it comes to protecting their customers and employees from email-based fraud.
Proofpoint’s research shows that 66 per cent of local banks have not yet implemented the highest level of Domain-based Message Authentication, Reporting and Conformance, or DMARC, protection. Of DMARC’s three levels of protection – monitor, quarantine, and reject – reject is the highest level.
This figure compares poorly with banks in the United States, where 58 per cent of financial institutions have implemented the highest level of protection.
On the plus side, three-quarters of banks have implemented some level of DMARC protection, even if it isn’t at the highest level, but, alarmingly, that leaves one-quarter of banks with any DMARC implementation at all.
Again, this is in comparison to banks in the US, where only 3 per cent of banks lack any DMARC protection.
“Cyber criminals are increasingly posing as trusted banks to trick Australians into handing over sensitive information or transferring funds via email phishing attacks,” said Steve Moros, Proofpoint’s senior director for advanced technology group in Asia-Pacific and Japan.
“The Australian government has passed landmark legislation to ensure banks take more accountability for protecting Australians. Yet, this analysis alone highlights there are still gaps that the banks in Australia can address to prevent Australian consumers from being scammed.
“At the end of the day, hard-working Australians are primary targets of these scams. They put their trust in financial institutions to ensure their credit card information, contact details, addresses, data, and, of course, their money is safe.
“They can’t afford to have their life savings compromised by cyber criminals, especially given the rising cost of living and higher inflation pressures we are facing today. To stay ahead of the evolving threat landscape, Australian banks must adopt stronger protections for their customers, such as enforcing the strictest recommended reject level of DMARC. This will help prevent their customers from falling victim to scams resulting from domain impersonation.”
So far, in 2024, Australians have lost more than $208 million to scammers and have made more than 198,000 reports to Scamwatch.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
