Australian banks lag behind their US counterparts in scam protection
Two-thirds of Australian banks fail to implement the strictest level of email authentication protection, putting customers at risk of fraud.
New analysis by cybersecurity firm Proofpoint has shown Australian banks are lagging behind when it comes to protecting their customers and employees against email fraud.
Proofpoint’s study shows that 66% of local banks have not yet implemented the highest level of Domain-based Message Authentication, Reporting and Conformance (DMARC) protection. Of the three levels of DMARC protection – monitoring, quarantine, and rejection – rejection is the highest level.
This figure does not compare to that of banks in the United States, where 58 percent of financial institutions have implemented the highest level of protection.
On the positive side, three quarters of banks have some level of DMARC protection in place, although it is not at the highest level, but, alarmingly, this leaves a quarter of banks with some sort of implementation. work of DMARC.
Again, this compares to banks in the United States, where only 3 percent of banks have no DMARC protection.
“Cybercriminals are increasingly posing as trusted banks to trick Australians into handing them sensitive information or transferring funds through email phishing attacks,” said Steve Moros, senior director of the Banking Group. Proofpoint advanced technologies for Asia Pacific and Japan.
“The Australian Government has passed landmark legislation to ensure banks take more responsibility for protecting Australians. Yet this analysis alone highlights that there are still gaps that Australian banks can fill to prevent Australian consumers from being scammed.
“Ultimately, hardworking Australians are the main targets of these scams. They trust financial institutions to keep their credit card information, contact details, addresses, data and, of course, their money safe.
“They cannot afford to have their savings compromised by cybercriminals, especially given the rising costs of living and higher inflationary pressures we face today. To stay ahead of the evolving threat landscape, Australian banks must adopt stronger protections for their customers, such as enforcing DMARC’s strictest recommended rejection level. This will help prevent their customers from falling victim to scams resulting from domain impersonation.
So far in 2024, Australians have lost more than $208 million to fraudsters and have made more than 198,000 reports to Scamwatch.