Why Retail Brands Are a Holiday Bargain for Phishers

Posted by Estelle Derouet on

As the holiday season approaches, retailers are busy launching their flagship marketing campaigns, stockpiling shelves, and reviewing return policies. Consumers are starting to look for the best deals—and so are cyber criminals.

According to PricewaterhouseCoopers (PwC), retail companies today are more likely to report cyber crime incidents than businesses from any industry other than financial services.

Yet, according to research by Gartner, retailers only spend about four percent of their IT budget on cyber security, while financial services spend five and a half percent.

This gap is even more pronounced when looking at cybersecurity spending per employee. Banking and financial services companies spend as much as $2,500 per employee on cyber security. Retail and consumer goods, on the other hand, invest only fraction of that—about $400 per employee.

And while many retailers focus their current security efforts on strengthening perimeter defenses, they fail to protect their consumers at the most basic level against outbound phishing attacks.

Return Path analyzed email messages sent from 179 of the top global retail brands looking specifically at DMARC (Domain-based Authentication Reporting and Conformance) record adoption, the best weapon against email fraud. The results were troubling: only 17 percent of analyzed brands—less than one in five—had implemented a DMARC policy on their main sending domains. And just 30 percent of the email messages with a policy in place actually passed DMARC authentication.

Retail companies cannot rely on unassuming customers to spot a fraudulent email; 97 percent of people around the globe cannot identify a sophisticated phishing message. These companies can, however, prevent fraudulent emails from ever reaching the customer’s inbox in the first place.

In our newly released eBook, The Retail Guide to Email Fraud, we dive into:

  • The cost of cybercrime for retailers
  • Retail’s top security challenges
  • Outbound email as a threat vector
  • Email security best practices for the retail industry

Get your copy here to learn how to protect your consumers, your brand, and your bottom line this holiday season.



Popular this Month

 3 Trends Impacting Email: Persistent Fraud, Part 2

3 Trends Impacting Email: Persistent Fraud, Part 2

In part one of this three-part series, I examined the evolving landscape of...

Read More

 The Top 16 Topics of 2016

The Top 16 Topics of 2016

2017 is finally here! But before we focus on the year ahead, we wanted to...

Read More

 Think Fighting Email Fraud is Someone Else’s Job? Here’s the Real Cost of Doing Nothing.

Think Fighting Email Fraud is Someone Else’s Job? Here’s the Real Cost of Doing Nothing.

Cyberattacks against your brand can be very damaging and costly to both your...

Read More

Author Image

About Estelle Derouet

Estelle Derouet is Vice President of Marketing, Email Fraud Protection at Return Path. In her role, Estelle leads a fabulously talented team of experienced B2B marketers, tasked with driving awareness and generating demand. Prior to joining Return Path in 2010, Estelle led the EMEA and APAC marketing function at enterprise mobility provider iPass for eight years. Follow her on Twitter @ederouet.

Author Archive

Stay up to date

Enter your name and email address below to subscribe to our mailing list.

Your browser is out of date.
For a better Return Path experience, click a link below to get the latest version.