More than half of SGX firms polled are vulnerable to email fraud: report

Only 8% actively block suspicious emails.

Amidst the rise of cybersecurity risks, a study from Proofpoint found that more than five in 10 SGX-listed firms polled are vulnerable to email fraud and domain spoofing.

Out of 200 firms studied, only 8% have domain-based Message Authentication, Reporting, and Conformance (DMARC) protection to effectively block suspicious emails. This is an increase from 5% in 2022.

“This lack of email authentication protocols could explain why Proofpoint’s recently released State of the Phish 2023 report found that 72% of Singaporean organisations experienced at least one successful email-based phishing attack in 2022, with nearly half (46%) reporting direct financial losses as a result,” read the statement.

Philip Sow, Manager, Systems Engineering, South East Asia and Korea at Proofpoint, identified DMARC as the “ultimate stoplight” for email traffic by enabling organisations to identify and block potentially harmful emails before they reach the inbox.

Whilst Singapore (48%) fares better than the regional average of 40% in terms of having some level of DMARC protocol, the country ranks fourth out of 10 countries 1 analysed across the region, lagging Australia (82%), Malaysia (58%), and Indonesia (51%).