Email security

Government and healthcare sectors show weak email security, analysis finds

As reported by Security Affairs, a recent analysis of nearly 6,000 domains across 13 sectors has revealed significant weaknesses in email security, particularly within government and healthcare organizations. The study, conducted by Comparitech, evaluated the implementation of four key email authentication protocols: SPF, DMARC, DKIM, and MTA-STS.

The analysis found that over 8% of organizations had no email protection in place, and a mere 0.6% achieved full marks. Government domains fared the worst, averaging only 2.73 out of 8, with 27% having zero protections. Healthcare providers ranked second-worst with an average score of 3.43, and 19% of their domains lacked any protection. Notably, many organizations, including universities, have DMARC records in monitoring-only mode, offering no real defense against phishing. MTA-STS, crucial for encrypted email transfer, was almost universally ignored, implemented by only 3% of domains.

Technology companies performed best, but even then, only two domains across all sectors achieved perfect scores. The findings underscore a widespread vulnerability to email-based attacks like phishing across various industries and countries.

Source: Security Affairs

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds