Most leading organizations across Asia Pacific remain vulnerable to email fraud, with only 12% implementing the recommended level of email authentication protection, according to new research from Proofpoint.
The cybersecurity firm analyzed Domain-based Message Authentication, Reporting and Conformance (DMARC) records of Forbes Global 2000 companies in the region, finding significant gaps in protection against domain spoofing attacks.
This vulnerability comes as phishing attacks surged nearly 60% year-over-year in 2024, underscoring the need for robust email authentication protocols to prevent cybercriminals from impersonating legitimate organizations.
Australia leads the region with 71% of its top companies implementing DMARC at the highest “reject” level, followed by India (50%) and Singapore (46.2%). However, adoption rates remain alarmingly low in other markets, with just 7.4% of Japanese firms, 4.2% of Chinese companies, and no South Korean businesses setting DMARC to the recommended reject level.
“Email remains the most common and critical threat vector across industries,” said George Lee, Senior Vice President of Asia Pacific and Japan at Proofpoint. “The rising frequency, sophistication, and cost of cyberattacks make it especially concerning that many remain highly vulnerable.”
The findings gain urgency as major email providers like Google, Yahoo, and Apple have mandated email authentication requirements for bulk senders. Additionally, the Payment Card Industry Data Security Standard will require DMARC implementation by March 31, 2025, for organizations storing consumer payment information.
Proofpoint recommends organizations implement DMARC at the reject level, educate employees about email threats, and strengthen password management practices.
