Summary
- Only 1.11% of UAE’s 37,926 .ae domains have implemented DMARC.
- Among DMARC adopters, only 30.48% enforce a strict “reject” policy.
- UAE’s DMARC adoption rate is lower than India (46%) and Germany (4.55%).
- Low DMARC implementation exposes UAE businesses to phishing and spoofing.
- Experts urge widespread adoption of DMARC with strict policies to improve email security.
A recent study conducted by EasyDMARC, an email authentication platform, revealed that 99% of top-level .ae domains in the United Arab Emirates (UAE) are vulnerable to phishing and other types of cyber attacks.
The research, which analyzed 37,926 domains, revealed that a mere 1.11% (420) have implemented the Domain-based Message Authentication, Reporting, and Conformance (DMARC) standard, a vital tool for protecting against phishing and spoofing attacks.
What is DMARC?
DMARC is an internationally recognized standard that helps verify the authenticity of email messages. It functions by enabling organizations to define policies for handling emails that fail authentication checks.
Consider DMARC a proven security solution protecting businesses and individuals from malicious actors who attempt to impersonate legitimate entities through malicious emails.
The Study
Among the 420 UAE domains that have implemented DMARC, only 30.48% have set their protocols to reject non-compliant email traffic, providing the highest level of protection. 40.24% have configured their policies to only monitor incoming traffic without taking action, leaving them exposed to potential threats. The remaining 29.29% have chosen to quarantine suspicious emails, offering partial security by diverting them to the junk folder.
Compared to other regions, the UAE’s DMARC adoption rate falls short. In India, 46% of domains have implemented DMARC protocols, while Germany has a 4.55% adoption rate, showing the UAE’s need to catch up in email security practices.
The low adoption rate of DMARC in the UAE, given the increasing frequency of cyberattacks in the region, is questionable. Last year alone, ransomware attacks cost the UAE an estimated $1 billion, highlighting the urgent need for improved email security measures.
Gerasim Hovhannisyan, CEO and co-founder of EasyDMARC highlighted the need for strong domain authentication, stating, “Email continues to be the backbone of business communication, yet the growing influence of AI is increasing the potential for sophisticated phishing and spoofing attacks. Without proper security measures, UAE organizations risk exposure to cyber events that could lead to substantial financial and reputational damage.”
Adopt DMARC
As the UAE positions itself as a regional hub for commerce, trade, and wealth, it has become a prime target for cybercriminals. At the same time, while email remains a base of business communication, an increase in AI-driven phishing attacks exposes businesses even further.
The solution is simple: To address this vulnerability, businesses and organizations in the UAE must adopt DMARC and configure it with strict enforcement policies.
