More Than 80 Percent of State Governments and Health Departments Exposed to Email Fraud Risk

During the COVID-19 pandemic, states are on the front line as they work to ensure the safety of their constituents and communities. Unfortunately, many state governments and health departments have not implemented email authentication best practices and may be unknowingly exposing themselves to cybercriminals looking to capitalize on the pandemic and potentially trick individuals with fraudulent emails.

In an examination of U.S. state governments and health departments, Proofpoint uncovered that 44 percent of these entities do not have a published DMARC (Domain-based Message Authentication, Reporting & Conformance) record, making them potentially more susceptible to cybercriminals spoofing their identity and increasing the risk of email fraud targeting users.

Further, 92 percent of all state governments and 88 percent of state health departments have not implemented the strictest and recommended level of DMARC protection. That setting and policy is known as “Reject” and actually blocks fraudulent emails from reaching their intended target. This figure includes 10 states that do not have a standalone health department site (separate from the state’s master .gov site).

DMARC, which is an email validation protocol designed to protect domain names from being misused by cybercriminals, authenticates the sender’s identity before allowing the message to reach its intended designation. It verifies that the purported domain of the sender has not been impersonated and relies on the established DKIM (DomainKeys Identified Mail) and SPF (Sender Policy Framework) standards to ensure the email is not spoofing the trusted domain.

Read more at Proofpoint

(Visited 180 times, 1 visits today)

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Leave a Reply

Latest from Cybersecurity

Go to Top
X
X