Airline DMARC Policies Lag, Opening Flyers to Email Fraud

Airline DMARC Policies Lag, Opening Flyers to Email Fraud

Up to 61 percent out of the IATA (International Air Transport Association) airline members do not have a published DMARC record.

Up to 61 percent out of the IATA (International Air Transport Association) airline members do not have a published DMARC record.

More than half of global airlines do not have DMARC policies in place, opening their customers up to email fraud attacks, a new report found.

DMARC (Domain-based Message Authentication, Reporting & Conformance) is considered the industry standard for email authentication to prevent attackers from sending mails with counterfeit addresses. It does so by authenticating the sender’s identity before allowing the message to reach its intended designation – and verifying that the purported domain of the sender has not been impersonated.

In a study of 296 member airlines of the International Air Transport Association (IATA), researchers with Proofpoint found that 61 percent have no published DMARC record in place, meaning they have no visibility into unauthorized use of their domains – and therefore into fraudulent emails claiming to be from them.

“Overall, major global carriers are failing to implement adequate email protection – leaving themselves open to phishingimpersonation attacks and other unauthorized use of corporate domains. This is despite email remaining the number one threat vector for cybercriminals,” according to Adenike Cosgrove with Proofpoint in a Tuesday report.

vulnerabilities web security airlines dmarc security

Bootstrap 5 Complete Course with Examples

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Building a simple Applications with Vue 3

Deno Crash Course: Explore Deno and Create a full REST API with Deno

How to Build a Real-time Chat App with Deno and WebSockets

Convert HTML to Markdown Online

HTML entity encoder decoder Online

Best Custom Web & Mobile App Development Company

Top Web & Mobile Application Development Company in India & USA. We specialize in Golang, Ruby on Rails, Symfony, Laravel PHP, Python, Angular, Mobile Apps, Blockchain, & Chatbots

Grindr's Bug Bounty Pledge Doesn't Translate to Security

At [email protected], Luta Security CEO Katie Moussouris stressed that bug bounty programs aren't a 'silver bullet' for security teams.

7 Web Application Security Best Practices

Here is a list of seven key elements that should be considered in your web app security strategy. Web Application Security has been one of the most significant parts when it comes to web app development.

9 Secure Code Review Best Practices For Your Web Application

Due to rising customer demands and rapid, feature-driven development, security often takes the backseat and vulnerabilities are introduced…

OkCupid Security Flaw Threatens Intimate Dater Details

Attackers could have exploited various flaws in OkCupid's mobile app and webpage to steal victims' sensitive data and even send messages out from their profiles.