• Amid the region’s growing retail market, cybersecurity measures are critical to protecting shoppers against phishing, ransomware, and business email compromise threats

Dubai, United Arab Emirates: As the holiday and shopping season approaches, leading cybersecurity and compliance company Proofpoint has released research that shows that the top Middle East retailers are steadily improving their email security measures, better protecting customers from the potential risk of email fraud.

These findings are based on a Domain-based Message Authentication, Reporting, and Conformance (DMARC) adoption analysis of the top retailers in the Middle East. DMARC is an email authentication protocol designed to protect domain names from misuse by cyber criminals. It authenticates the sender's identity before allowing a message to reach its destination. DMARC offers three levels of protection: monitoring, quarantine, and rejection, with rejection being the safest way to prevent suspicious messages from reaching the inbox. 

The analysis reveals that a vast majority of Middle East retailers (90%) have published a DMARC record, and 8 out of the top 20 (40%) have the strictest and recommended DMARC policy (‘reject’) in place. This is a slight improvement from last year – where findings suggested that only 30% had implemented the DMARC policy at ‘reject’ level and were proactively blocking fraudulent emails from reaching consumers.

According to a study by IMARC, the Middle East retail market size is projected to grow by 4.21% from 2024-2032, driven by a surge in population and evolving consumer preference for online shopping. Through the high traffic of retail activity, attackers are now using new tactics to exploit their human targets.

Emile Abou Saleh, Regional Director, Middle East & Africa at Proofpoint, said, "Middle East retailers realize the risks millions of consumers face daily when they shop online. Our research shows that phishing, ransomware, and business email compromise remain among the top attack vectors plaguing organizations across all industries. Amid a surge in e-commerce in the region, deploying authentication protocols, such as DMARC, will be critical to support the growth and security posture of the retail sector.”

Email remains the number one threat vector, and phishing emails can lead to unsafe websites that gather personal data, such as credentials and credit card data. Therefore, it is always best to go directly to the source of the advertised deal by typing a known website address directly into a browser. For special offer codes, Proofpoint recommends entering them at the checkout to see if they are legitimate. It also recommends using a password manager to make the online experience seamless, whilst staying safe and using a multi-factor authentication for an added layer of security. 

About DMARC: 

For many organizations, the road to easing email fraud risk is paved with DMARC (Domain-based Message Authentication, Reporting, and Conformance), an email protocol being adopted globally as the passport control of the email security world. It verifies that the purported domain of the sender has not been impersonated.  DMARC verification relies on the established DKIM (DomainKeys Identified Mail) and SPF (Sender Policy Framework) standards to ensure the email is not spoofing the domain. This authentication protects employees, customers, and partners from cyber criminals looking to impersonate a trusted domain. To find out more about DMARC, visit https://www.proofpoint.com/uk/products/email-fraud-defence.

Methodology

To assess the level of DMARC adoption among the top 20 retailers in the Middle East, Proofpoint conducted an analysis of the primary corporate domains of each organization. The analysis was carried out in November 2024.

About Proofpoint, Inc.

Proofpoint, Inc. is a leading cybersecurity and compliance company that protects organisations’ greatest assets and biggest risks: their people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber attacks. Leading organisations of all sizes, including 75 percent of the Fortune 100, rely on Proofpoint for people-centric security and compliance solutions that mitigate their most critical risks across email, the cloud, social media, and the web. More information is available at www.proofpoint.com.

Proofpoint is a registered trademark or tradename of Proofpoint, Inc. in the U.S. and/or other countries. All other trademarks contained herein are the property of their respective owners.

PROOFPOINT MEDIA CONTACT:
Sara Seggari
+971 543277093
Proofpoint@bpggroup.com