A DMARC (Domain-based Message Authentication, Reporting & Conformance) analysis of the top 50 healthcare companies by market capitalisation listed in the Australian Securities Exchange (ASX), conducted by Proofpoint, has shown:
- Only 8% of the top 50 publicly-listed companies in the ASX have implemented the strictest and recommended level of DMARC protection
- 60% of the top 50 healthcare companies of the ASX have no published record of DMARC, leaving them more open to the risk of email fraud
Many of these organisations are in regular email communication with patients, suppliers, government agencies, and other entities to provide confidential information, including pressing medical updates.
By not using DMARC protection, healthcare organisations in Australia are exposing themselves and their patients to cybercriminals looking to capitalise on the pandemic using fraudulent emails (phishing).