UK shoppers at risk of email fraud this Black Friday and Cyber Monday


89 percent of UK retailers are not actively blocking fraudulent emails from reaching customers

Proofpoint, Inc., (NASDAQ: PFPT) a leading cyber security and compliance company, today released research identifying that only 11 percent of UK retailers have implemented the recommended and strictest level of DMARC (Domain-based Message Authentication, Reporting & Conformance) protection, which protects them from cybercriminals spoofing their identity and decreases the risk of email fraud for customers.  Worryingly, this leaves online shoppers at 89 percent of retailers in the UK open to email fraud.

With Black Friday and Cyber Monday upon us, and Brits expected to spend some £6 Billion on the day, shoppers will be scanning both the internet and their inboxes for the hottest deals. However, cybercriminals may capitalise on the anticipation of email communication from retailers to potentially trick shoppers with fraudulent emails.

Cybercriminals regularly use the method of domain spoofing to pose as well-known brands, by sending an email from a supposedly legitimate sender address. These emails are designed to trick people into clicking on links or sharing personal details which can then be used to steal money or identities and it can be almost impossible for an ordinary Internet user to identify a fake sender from a real one. Having a DMARC policy in place, protects employees, customers, and partners from cybercriminals looking to impersonate a trusted domain. By implementing the strictest level of DMARC – “Reject” – organisations are able to actively block fraudulent emails from reaching their intended targets.

Our research has shown that UK retailers may be exposing themselves and their customers to cybercriminals on the hunt for personal and financial data, by not implementing simple, yet effective email authentication best practices,” says Matt Cooke, cybersecurity strategist, Proofpoint. “Email continues to be the vector of choice for cybercriminals and the retail industry remains a key target”.

Key findings from the research include:

  • A slim majority of UK retailers analysed have taken steps to protect their customers from email fraud, with 53% publishing DMARC record. This means 47% of UK retailers have no published DMARC record at all, leaving themselves wide open to impersonation attacks.
  • However, only 11 percent have implemented the recommended and strictest level of DMARC protection (reject), which actually blocks fraudulent emails from reaching their intended targets, meaning 89 percent are leaving customers open to email fraud.
  • Proofpoint also analysed the DMARC status of the top 20 online retailers across Europe. 12 out of the 20 (60%) retailers analysed have a published DMARC record. Despite this, only 4 out of 20 (20%) have a reject policy in place, meaning 80% are not proactively blocking fraudulent emails from reaching their customers.

Organisations in all sectors should look to deploy authentication protocols, such as DMARC to shore up their email fraud defences. Cybercriminals will always leverage key events to drive targeted attacks using social engineering techniques such as impersonation and retailers are no exception to this. Ahead of Black Friday, consumers must be vigilant in checking the validity of all emails, especially on a day when guards are down, and attentions are focused on grabbing seasonal bargains”, says Matt Cooke, cybersecurity strategist, Proofpoint.

Proofpoint recommends consumers follow the below top tips to remain safe online while shopping for seasonal bargains:

  1. Use strong passwords:  Do not reuse the same password twice. Consider using a password manager to make your online experience seamless, whilst staying safe. Use multi-factor authentication for an added layer of security.
  2. Avoid Unprotected WiFi: Free/open-access WiFi is not secure: cybercriminals can intercept data transferred over unprotected WiFi, including credit card numbers, passwords, account information, and more.
  3. Watch out for “lookalike” sites: Attackers create “lookalike” sites imitating familiar brands. These fraudulent sites may sell counterfeit (or non-existent) goods, be infected with malware, or steal money or credentials.
  4. Dodge Potential Phishing and Smishing Attacks: Phishing emails lead to unsafe websites that gather personal data, like credentials and credit card data. Watch out for SMS phishing too —aka ‘smishing’ — or messages through social media.
  5. Don’t click on links: Go directly to the source of the advertised deal by typing a known website address directly into your browser. For special offer codes, enter them at the checkout to see if they are legitimate.
  6. Verify Before You Buy: Fraudulent ads, websites, and mobile apps can be hard to spot. When downloading a new app or visiting an unfamiliar site, take time to read online reviews and any customer complaints.


About DMARC:

For many organisations, the road to easing email fraud risk is paved with DMARC (Domain-based Message Authentication, Reporting and Conformance), an email protocol being adopted globally as the passport control of the email security world. It verifies that the purported domain of the sender has not been impersonated.  DMARC verification relies on the established DKIM (DomainKeys Identified Mail) and SPF (Sender Policy Framework) standards to ensure the email is not spoofing the domain. This authentication protects employees, customers, and partners from cybercriminals looking to impersonate a trusted domain.

To find out more about DMARC, visit

Methodology: To assess the level of DMARC adoption among retailers in the UK, Proofpoint conducted an analysis of the primary corporate domains of the 159 members of the British Retail Consortium as listed on The analysis of the top 20 Europe-wide online retailers was carried out based on the Top 100 e-commerce retailers in Europe by Retail-Index. All analyses were carried out in November 2020.

About Proofpoint, Inc.

Proofpoint, Inc. (NASDAQ: PFPT) is a leading cybersecurity company that protects organisations’ greatest assets and biggest risks: their people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyberattacks. Leading organisations of all sizes, including more than half of the Fortune 1000, rely on Proofpoint’s people-centric security and compliance solutions to mitigate their most critical risks across email, the cloud, social media, and the web. More information is available at

Connect with Proofpoint: Twitter LinkedIn | Facebook YouTube

Proofpoint is a registered trademark or tradename of Proofpoint, Inc. in the U.S. and/or other countries. All other trademarks contained herein are the property of their respective owners.