Serviceteam IT Security News

The majority of airline companies are potentially leaving their customers vulnerable to email fraud, such as phishing, according to a new analysis by Proofpoint.

It found that 61% of member airlines belonging to the International Air Transport Association (IATA) do not have a published Domain-based Message Authentication, Reporting & Conformance (DMARC) record, increasing the risk of having their identity spoofed and of customers being targeted by email fraud. IATA member airlines make up 82% of total air traffic.

In addition, 93% of global airlines included in the study have not implemented the recommended level of DMARC protection, known as Reject. This blocks fraudulent emails from reaching their intended target.

DMARC is an email validation protocol that verifies that the domain of the sender has not been impersonated.

Adoption rates were found to vary significantly between regions, with 85% of airlines in China and North Asia having no published DMARC policy, followed by Asia Pacific (70%), Europe and Middle East and Africa (both 57%) and The Americas (43%).

Adenike Cosgrove, cybersecurity strategist, international at Proofpoint, commented: “The COVID-19 pandemic saw international travel halted and while many regions are still unable to travel, a number of countries worldwide are slowly ungrounding their airlines.

“While the travel sector has always been a rife target for cyber-criminals, the pandemic has offered new grounds for the targeting of travellers globally. Whether booking new flights, or seeking information on flight cancellations, one thing remains the same: many people worldwide are eagerly awaiting communication from airlines.

“Worryingly, at a time when opportunistic cyber-criminals may look to take advantage of such global uncertainty, the majority of international airlines are leaving their customers exposed to email fraud.”

In June, the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) called for greater DMARC support and adoption to prevent rampant phishing, which has been emboldened and bolstered by the global pandemic.

Source: Infosecurity Magazine

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!