New Research: 97% Of Indonesian Domains Are Vulnerable to Phishing and Spoofing

New research has discovered that Indonesia has an extremely low phishing and spoofing protection rate. Only 2,945, less than 3% of the total sample for Indonesian domains, are fully protected, i.e., flag, report, and remove outbound phishing emails.

The research conducted by EasyDMARC, an email authentication platform, examined 98,212 Country Code Top-Level Domains (CCTL) in Indonesia to evaluate the adoption rate of DMARC in the country. The analysis indicated that only 12,251 (12.47%) domain owners had implemented DMARC at some point, while the remaining part of the sample remained vulnerable to cyberattacks.

DMARC (Domain-based Message Authentication, Reporting, and Conformance) helps businesses protect their brand reputation, build trust with their clients, and keep their customers happy. It nudges businesses toward better domain protection and reaching peace of mind. DMARC compliance prevents spoofing, phishing, ransomware, and business email compromise (BEC) attacks.

EasyDMARC’s research showed that over half of 12,251 domains with DMARC were still on the ‘none’ policy. The ‘p=none’ configuration does nothing to protect the domain; it just informs the administrators about phishing and spoofing attempts. Of the domains with DMARC, about 2,575 had the ‘quarantine’ policy set (21.02%), while the other 2,945 had the ‘reject’ policy (24.04%). The latter is the best way to ensure no phishing attack can get through into your customers’ inboxes and endanger your company name and client trust.

Marketing Technology News: Chris Cho Joins Gannett as President of Digital Marketing Solutions

This Indonesian research was the first ever in EasyDMARC’s history of country domain analyses to have returned a result where the percentage of the domains with the ‘reject’ policy was lower than 3%. The high percentage of domains with ‘p=none’ shows some potential for DMARC adoption. However, this number is still bleak, considering the overall 12.47% of domains with DMARC.

Commenting on the research, Gerasim Hovhannisyan, EasyDMARC CEO and co-founder, says:

“While the need for cyber protection is universal, protecting country-specific top-level domains is even more important. A lack of domain authentication in these domains will result in hacks among governmental organizations and local businesses, exposing them to highly sensitive and potentially costly data breaches. Without DMARC adoption, local companies will continue to see an increase in cyber events and subsequent disruptions and losses.”

Marketing Technology News: MarTech Interview with Cosmo Mariano, Chief Customer Officer at Zift Solutions