Proofpoint: More than half of banks incorporated in the UK are leaving customers at risk of email fraud


London, UK – 27 June 2023Proofpoint, Inc., a leading cybersecurity and compliance company, today released new research identifying that 53% of banking institutions incorporated in the United Kingdom are lagging behind on basic cybersecurity measures, subjecting customers, staff and stakeholders to a higher risk of email-based impersonation attacks.

These findings are based on a Domain-based Message Authentication, Reporting and Conformance (DMARC) analysis of the 150 banks incorporated in the UK. DMARC[1] is an email validation protocol designed to protect domain names from being misused by cybercriminals. It authenticates the sender's identity before allowing a message to reach its intended destination. DMARC has three levels of protection – monitor, quarantine and reject,[2] with reject being the most secure for preventing suspicious emails from reaching the inbox.  

Proofpoint’s research reveals that 70% of the banking institutions incorporated in the UK have taken the initial steps to protecting customers from email fraud by publishing a basic DMARC record. However, 30% have no DMARC protection in place at all and are therefore subject to cybercriminals impersonating their domains to target customers with email fraud. 

Worryingly, only 47% of the UK banks incorporated in the UK[3] have implemented the strictest and recommended level of DMARC (reject) and are therefore taking appropriate measures to proactively block spoofed emails from reaching recipients inboxes, decreasing the risk of email fraud. 27 banks (18%) only have a monitoring policy in place for spoofed emails, thereby still allowing potentially malicious spoofed emails into the recipient’s inbox.

“Banking institutions are a prime target for cybercriminals due to the vast amounts of sensitive personal and financial data they store. With continuous digitalisation in the banking sector and increased usage of mobile apps by customers, it is crucial for these institutions to prioritise cybersecurity measures to safeguard against potential cyber threats. It is imperative for firms to remain vigilant and stay ahead of the evolving threat landscape to protect their customers’ data and money.” says Matt Cooke, Cybersecurity Strategist at Proofpoint.

The lack of protection against email fraud is unfortunately commonplace, exposing countless parties to impostor emails, also referred to as business email compromise (BEC). BECs are a form of social engineering designed to trick victims into thinking they have received a legitimate email from an organisation or institution. According to Proofpoint’s 2023 State of the Phish report, 86% of UK organisations reported an attempted BEC attack last year.

“Email authentication protocols such as DMARC are essential in fortifying defences against email fraud and safeguarding customers, staff and stakeholders from malicious attacks. While individuals play a crucial role in defending against email fraud, their actions also present one of the biggest vulnerabilities for organisations. DMARC remains the only technology capable of not just defending against but eliminating domain spoofing and the risk of impersonation. By achieving full DMARC compliance, organisations can prevent malicious emails from reaching the inboxes, thereby eliminating the risk of human interference,” emphasised Cooke.

Best practices for customers, staff, and other stakeholders:

  • Check the validity of all email communication and be aware of potentially fraudulent emails impersonating financial organisations.
  • Be cautious of any communication attempts that request log-in credentials or threaten to suspend service or an account if a link isn’t clicked. 
  • Follow best practices when it comes to password hygiene, including using strong passwords, never re-using them across multiple accounts and using multi-factor authentication where available.

This analysis was conducted in May 2023 using data from the list of 150 banks incorporated in the UK.   



About Proofpoint, Inc.


Proofpoint, Inc. is a leading cybersecurity and compliance company that protects organisations’ greatest assets and biggest risks: their people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber-attacks. Leading organizations of all sizes, including 75 percent of the Fortune 100, rely on Proofpoint for people-centric security and compliance solutions that mitigate their most critical risks across email, the cloud, social media, and the web. More information is available at

Connect with Proofpoint: Twitter | LinkedIn | Facebook | YouTube

Proofpoint is a registered trademark or tradename of Proofpoint, Inc. in the U.S. and/or other countries. All other trademarks contained herein are the property of their respective owners.

[1] What is DMARC?

[2] Monitor (allows unqualified emails to go to the recipient's inbox or other folders), Quarantine (directs unqualified emails to go to the junk or spam folder) and Reject, the highest level of protection, (blocks unqualified emails from getting to the recipient).