Significant Increase in DMARC Adoption Among .org Email Domains, Yet Majority Remain Unprotected

A recent study conducted by EasyDMARC has revealed a substantial rise in the adoption of the DMARC (Domain-based Message Authentication, Reporting, and Conformance) security standard among .org email domains over the past year. The research, analyzing a dataset of 9,935,024 verified .org domains, indicated that DMARC usage among charities has more than doubled, increasing from 3.98% to 7.78% between March 2023 and March 2024.

Despite this growth, the study highlighted that less than one in ten charity domains currently have basic protections in place against phishing and spoofing, leaving many organizations vulnerable to email-based cyber threats. DMARC plays a crucial role in detecting and preventing email spoofing, a common tactic used in phishing attacks, by ensuring that unauthenticated emails are either not delivered or directed to the junk folder.

The research emphasized the importance of effective DMARC implementation in reducing the risk of email-based attacks and enhancing email security measures. While there has been progress in adopting more stringent DMARC policies, with the percentage of organizations employing rejection or quarantine policies increasing from 45% to over 50%, the study revealed that over half of domains with DMARC configurations lack essential monitoring and reporting tags.

Gerasim Hovhannisyan, CEO and Co-Founder of EasyDMARC, highlighted the significant growth in DMARC adoption among non-profits, underscoring the necessity for organizations to implement DMARC to ensure email delivery compliance with new Google and Yahoo policies. Despite the positive trend in adopting more secure policies, Hovhannisyan noted that there is still work to be done, as 92% of .org domains remain unprotected, emphasizing the ongoing need for vigilance and proactive measures to strengthen defenses against phishing and spoofing attacks.

Source – Security Brief