Why Email Security Is a Competitive Advantage in the Banking Sector

Why Email Security Is a Competitive Advantage in the Banking Sector

Robert Holmes

General Manager, Email Fraud Protection at Return Path

Views 608

Why Email Security Is a Competitive Advantage in the Banking Sector

03.05.2016 10:30 am

The financial industry continues to be a top phishing target for cybercriminals. During the third quarter of 2015, 34 percent of phishing attacks worldwide were directed towards financial institutions and payment services organizations.

This email fraud not only impacts revenue, but also damages consumer trust, which, according to research by SAS, executives rate nearly twice as high as monetary loss. As well they should. Customers are 42% less likely to interact with a brand after being phished or spoofed. And one third of consumers would stop dealing with a business following a cyber-security breach, even if they do not suffer a material loss, according to Deloitte. 

Securing email presents a big business opportunity 

However, despite its vulnerability, email also presents a huge opportunity for financial institutions. According to research by TSYS, email is by far the preferred way in which consumers like to hear from their banks. 

With phishing scams and data breaches making headlines literally every day, any financial organisation that proactively defends their customers from email fraud will gain an invaluable competitive advantage. 

So how do you secure one of the most vulnerable threat vectors used by cybercriminals today? Start with authenticating your email messages. 

How to combat email fraud 

There are three important email authentication protocols: SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting & Conformance). At the highest level, these mechanisms ensure legitimate messages are delivered and malicious messages (purporting to be from legitimate brands) are blocked before they reach consumer inboxes. 

Unfortunately, the vast majority of banks are not implementing robust email authentication standards. According to the latest DMARC research by Return Path of the top 1,000 brands around the globe, the banking sector has a DMARC adoption rate of just 27 percent, far below that of social media (59%), technology (51%), and logistics (41%). 

However, while individual companies aren’t moving as quickly to secure the email channel as we might like, industry leaders and mailbox providers are starting to set the email security bar very high. 

The benefits of .bank 

The recent launch of the .bank registry, for example, holds great promise for improved security for the financial industry. The .bank registry mandates the implementation of DMARC to ensure that email attacks coming from spoofed domains are blocked before they reach their intended victim.  

The types of domains that can be registered, and who can apply to the registry are among a large number of stringent security measures mandated by the registry. This stands in contrast to the widely used .com domains, which can be registered by anyone, regardless of identity, rights or intent. With .bank, consumers will have a higher degree of confidence when communicating with their financial institution. 

Email authentication is becoming a prerequisite 

Email receivers are also starting to enforce email authentication. Gmail recently announced that if a user receives a message that can’t be authenticated with either SPF or DKIM, the sender’s profile photo or avatar will be replaced with a red question mark, a warning sign that the user should not to engage with the message. This has major implications for marketers, who depend on email engagement to deliver leads and revenue. 

Eventually, all financial institutions will be required to authenticate their email if they want to continue using it as a secure channel to communicate with their customers. 

Today, of all the industries affected by the phishing epidemic, banking establishments have been hit the hardest. Fraudsters are targeting customers of financial services organisations with emails spoofing legitimate banking brands. With 97% of consumers unable to identify a phishing email, fraudsters will continue to defraud unsuspecting consumers. It is every financial organisation’s responsibility to proactively defend their customers against email fraud and protect their brand at all costs.

Latest blogs

John Burgos Mindgate Solutions

Overcoming anxiety around mobile payments & digital payments - In the South Asia Pacific

Innovation and technology usually go hand in hand.  Therefore, for innovation to be fully realized, the technology that enables the innovation must be adopted as well.  During the last 5 years, we have had innovations from Google, Apple, Read more »

Stuart Robertson iDelta

Finance Sector PLCs Hold the Key to Economic Recovery

We have started to see the devastating impact the Coronavirus will have on our economy.  The travel, leisure and hospitality industry redundancies are rapidly mounting up with restaurant and bar owners facing no option but to shut up Read more »

Hirander Misra GMEX Group

Are UK Banks profiting from the current coronavirus crisis and failing SMEs?

A UK business could be eligible for a Coronavirus Business Interruption Loan Scheme (CBILS), as set out by the UK Government. However, it appears that despite the Government’s best intentions, this scheme is not working in practice and some urgent Read more »

Otabek Nuritdinov Safenetpay

A strong fintech needs more than just access to funding

  Investors, both private and institutional, are excited about investing in fintechs that are in the payments services business. What are the issues that really should matter to you, as a client? In 2019, institutional investors Read more »

Martijn Bos Holland FinTech

Get your head up in the clouds, it’s good for business

How Digital Transformation is reshaping competition in financial services The message is clear and it’s coming at us from all sides: digitalize now. No business unit seems to be immune to the onslaught of cloud-based, AI-driven, real-time, Read more »

Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel