UK diners and pubgoers at risk of email fraud as lockdown restrictions are eased

Business Email Compromise and Email Account Compromise

98% of the UK’s most popular dining and pub brands are not proactively blocking fraudulent emails from reaching targets

Proofpoint, Inc., (NASDAQ: PFPT) a leading cyber security and compliance company, today released research identifying that only 1 (2%) of the UK’s top 50 most popular dining and pub brands has implemented the strictest level of DMARC (Domain-based Message Authentication, Reporting & Conformance) protection. This protocol stops cybercriminals spoofing an organisation’s identity and decreases the risk of email fraud for customers. 

Worryingly, this means the remaining 98% are not proactively blocking fraudulent emails from reaching customers, putting pubgoers and diners at risk. Of the 50 most popular brands, over two-thirds (70%) have no published DMARC record at all, leaving themselves wide open to impersonation attacks.

As customers return to pubs and dining establishments for the first time since lockdown commenced in March, the government has advised that contact details of patrons are obtained to support track and trace efforts. For a number of large chains’ online bookings this includes email addresses, meaning people may expect emails to let them know that they may have been exposed to the disease post-visit. In addition, at a time when consumers are eagerly awaiting communication from their favourite food or pub brands for deals and opening times, cybercriminals may prey on this anticipation to trick users.

Cybercriminals regularly use the method of domain spoofing to pose as government bodies, respected institutions and well-known brands, by sending an email from a supposedly legitimate sender address. These emails are designed to trick people into clicking on links or sharing personal details which can then be used to steal money or identities and it can be almost impossible for an ordinary Internet user to identify a fake sender from a real one.

“We have seen during the pandemic that cybercriminals don’t hesitate to prey on society’s anxiety around COVID-19 to target individuals and businesses. In times of fear and uncertainty, individuals are much more susceptible to these kinds of attacks, particularly if a fraudulent email looks like it has come from a genuine domain.” says Adenike Cosgrove, cybersecurity strategist, international at Proofpoint”. “We recommend that people take steps to make sure that they don’t click on anything suspicious, even if it appears to come from an official source, and instead take steps to contact establishments to make sure for themselves if they aren’t sure.”

Key highlights

  • 98% of the 50 most popular pub and dining brands in the UK are not proactively blocking fraudulent emails from reaching customers, by not having implemented the strictest and recommended level of DMARC protection
  • 35 of the 50 (70%) most popular pub and dining brands in the UK have no published DMARC record at all, leaving themselves wide open to impersonation attacks

For many organisations, the road to easing email fraud risk is paved with DMARC (Domain-based Message Authentication, Reporting and Conformance), an email protocol being adopted globally as the passport control of the email security world. It verifies that the purported domain of the sender has not been impersonated.  DMARC verification relies on the established DKIM (DomainKeys Identified Mail) and SPF (Sender Policy Framework) standards to ensure the email is not spoofing the domain. This authentication protects employees, customers, and partners from cybercriminals looking to impersonate a trusted domain.

To find out more about DMARC, visit

Methodology: To assess the level of DMARC adoption among pubs and restaurants in the UK, Proofpoint conducted an analysis of the official corporate and .com domains of 50 of the top 88 brands featured on YouGov’s list of The most popular dining brands in the UK. Note that McDelivery (41) was removed for repetition with McDonalds (3) and Jamie’s Italian (49) was removed as it no longer operates in the UK.

About Proofpoint, Inc.
Proofpoint, Inc. (NASDAQ: PFPT) is a leading next-generation security and compliance company that provides cloud-based solutions to protect the way people work today. Proofpoint solutions enable organizations to protect their users from advanced attacks delivered via email, social media and mobile apps, protect the information their users create from advanced attacks and compliance risks, and respond quickly when incidents occur. More information is available at

Connect with Proofpoint: Twitter | LinkedIn | Facebook | YouTube | Google+


Proofpoint is a trademark or registered trademark of Proofpoint, Inc. in the U.S. and other countries. All other trademarks contained herein are the property of their respective owners.