Why Email Security Is a Competitive Advantage in the Banking Sector

Why Email Security Is a Competitive Advantage in the Banking Sector

Robert Holmes

General Manager, Email Fraud Protection at Return Path

Views 678

Why Email Security Is a Competitive Advantage in the Banking Sector

03.05.2016 10:30 am

The financial industry continues to be a top phishing target for cybercriminals. During the third quarter of 2015, 34 percent of phishing attacks worldwide were directed towards financial institutions and payment services organizations.

This email fraud not only impacts revenue, but also damages consumer trust, which, according to research by SAS, executives rate nearly twice as high as monetary loss. As well they should. Customers are 42% less likely to interact with a brand after being phished or spoofed. And one third of consumers would stop dealing with a business following a cyber-security breach, even if they do not suffer a material loss, according to Deloitte. 

Securing email presents a big business opportunity 

However, despite its vulnerability, email also presents a huge opportunity for financial institutions. According to research by TSYS, email is by far the preferred way in which consumers like to hear from their banks. 

With phishing scams and data breaches making headlines literally every day, any financial organisation that proactively defends their customers from email fraud will gain an invaluable competitive advantage. 

So how do you secure one of the most vulnerable threat vectors used by cybercriminals today? Start with authenticating your email messages. 

How to combat email fraud 

There are three important email authentication protocols: SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting & Conformance). At the highest level, these mechanisms ensure legitimate messages are delivered and malicious messages (purporting to be from legitimate brands) are blocked before they reach consumer inboxes. 

Unfortunately, the vast majority of banks are not implementing robust email authentication standards. According to the latest DMARC research by Return Path of the top 1,000 brands around the globe, the banking sector has a DMARC adoption rate of just 27 percent, far below that of social media (59%), technology (51%), and logistics (41%). 

However, while individual companies aren’t moving as quickly to secure the email channel as we might like, industry leaders and mailbox providers are starting to set the email security bar very high. 

The benefits of .bank 

The recent launch of the .bank registry, for example, holds great promise for improved security for the financial industry. The .bank registry mandates the implementation of DMARC to ensure that email attacks coming from spoofed domains are blocked before they reach their intended victim.  

The types of domains that can be registered, and who can apply to the registry are among a large number of stringent security measures mandated by the registry. This stands in contrast to the widely used .com domains, which can be registered by anyone, regardless of identity, rights or intent. With .bank, consumers will have a higher degree of confidence when communicating with their financial institution. 

Email authentication is becoming a prerequisite 

Email receivers are also starting to enforce email authentication. Gmail recently announced that if a user receives a message that can’t be authenticated with either SPF or DKIM, the sender’s profile photo or avatar will be replaced with a red question mark, a warning sign that the user should not to engage with the message. This has major implications for marketers, who depend on email engagement to deliver leads and revenue. 

Eventually, all financial institutions will be required to authenticate their email if they want to continue using it as a secure channel to communicate with their customers. 

Today, of all the industries affected by the phishing epidemic, banking establishments have been hit the hardest. Fraudsters are targeting customers of financial services organisations with emails spoofing legitimate banking brands. With 97% of consumers unable to identify a phishing email, fraudsters will continue to defraud unsuspecting consumers. It is every financial organisation’s responsibility to proactively defend their customers against email fraud and protect their brand at all costs.

Latest blogs

Sandra Higgins Sysnet Global Solutions

Are You ‘Prescribing’ the Right Security Solution to Your Merchants?

When it comes to leading a healthy lifestyle, eating the right food, taking regular exercise, and maintaining a positive mindset are key. However, despite these best intentions and practices, you still might not get all the nutrients your body needs Read more »

Robert Flowers DivideBuy

It Doesn’t Have to Be the End – How Retailers Can Grow in Light of COVID-19

It’s no news that the retail industry has been flipped on its head by the COVID-19 pandemic. Due to the lockdown, most in-store operations have been shut down, and nationwide furloughs, reduced pay and steady streams of income at risk have fuelled a Read more »

n/a n/a

4 Ways to Protect Your Small Business Against Cyber Attacks

Just because you are running a small scale business doesn’t mean you are beyond the reach of hackers and attackers. Many small businesses have this thought, which is why they do not invest in their cybersecurity. Unfortunately, every year small Read more »

Kirston Winters MarkitSERV, IHS Markit

IBOR transition update: €STR grabs a foothold?

In the latest development in the IBOR transition, on the weekend of July 25th, we saw the major CCPs perform the much-anticipated Euro discounting and price alignment transition from using EONIA to EuroSTR (a.k.a. €STR) for all Euro OTC interest Read more »

Richard Gendal Brown R3

Digital Transformation Must Be Focused on Entire Industries, Not Individual Firms

The current crisis has forced businesses and entire industries to rely on digital technology more than ever before. Aside from the fact colleagues and customers have only been able to connect via phone and video conferencing for months, inefficient Read more »

Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel