Before adding and sharing your Fraud Alert please check to see if a similar alert has already been posted, thank you:

Most ecommerce sites fail to protect consumers from phishing attacks

Post a Fraud Alert:

A  study conducted by the the email analytics company 250ok  has revealed that 90% of the root domains operated by online retailers in the EU and US are putting their consumers at risk of phishing attacks.

Phishing and spoofing attacks against consumers are most likely when companies do not have a published sender policy framework (SPF) or domain-based message authentication, reporting and conformance (Dmarc) policy in place.

While the majority of retailers use some level of email authentication on their domains, the report reveals many are inconsistent in their approach across all the domains they control. Only 11.3% of top US retailers and 12.2% of top EU retailer domains meet 250ok’s recommended minimum protocol for the email channel.

A 2017 study from the Anti-Phishing Working Group reported that an average of 443 brands per month were targeted for phishing attacks in the first half of 2017, up from 413 per month during the same period in the previous year. According to the 250ok report, these attacks are a threat to brand trust because 91% of all cyber-attacks begin with a phishing email.

This main finding of the report are based on the analysis of 3,300 domains operated by the top 500 EU and 1,000 US online retailers.

Article source: