Partner Article
97% of FTSE 250 expose customers to phishing
A shocking 97% of FTSE 250 companies are not adequately protecting their customers against phishing attacks, according to a new industry report from Cyber Security Partners (CSP).
The findings reveal that only 17 companies in the FTSE 250 are using the DMARC standard to prevent email scams, which enable the theft of customer passwords, bank accounts, credit cards and other sensitive information.
Furthermore, of the 17 companies in the FTSE 250 using DMARC, it appears only six are using this security standard as a means to quarantine or reject fraudulent email, leaving the customers of 97% of FTSE 250 companies dangerously exposed to phishing attacks.
The Cyber Security Partners investigation also found that of the UK’s top 500 companies based on internet site ranking, only 59 are using the DMARC standard to reject or quarantine imitation emails, leaving customers of 88% of companies without any protection against phishing attacks.
With phishing attacks on the rise, business leaders cannot afford to ignore the increasing risk of cyber criminals posing as their company and defrauding their customers.
As demonstrated by recent high profile incidents involving TalkTalk, HSBC and VTech, cyber attacks have severe business impacts, including:
-
Revenue loss: cyber attacks cost UK businesses £18bn in lost revenue every year
-
Share price slump: cyber attacks have a negative impact on shareholder confidence - TalkTalk’s shares fell 11% after it became victim to a cyber attack in October 2015
-
Reputational damage: cyber attacks jeopardise consumer trust in brands – TalkTalk lost 101,000 customers following its cyber attack October 2015
-
Follow up attacks: businesses and their customers are often subject to repeat attacks
Stuart Robb, CEO and founder of Cyber Security Partners, comments: “Up until now, far too much emphasis has been placed on individuals to safeguard themselves online. All the while businesses have been getting away with providing an appalling level of protection for their customers. Giving advice is an easy option but it’s as a result of this lax approach that millions of UK consumers are being put at unnecessary risk of cyber attacks. We strongly believe that if businesses wish to use email as a channel for communication with consumers, it is their inherent duty to protect customers against the increasing threat of phishing.
“It’s no wonder that there are an estimated 156 million phishing emails sent every day, if this is the state of the defences of some of the UKs biggest businesses. Successful attacks have severe consequences, not only for the consumer, but also for the businesses that so freely enable them. It is staggering that companies would put themselves at such serious financial and reputational risk at the hands of cyber criminals seeking to exploit consumer trust in their brand.
“Consumer education is just one component in the fight against cyber crime and with business solutions available to prevent malicious phishing attacks, companies must take the lion-share of responsibility for ensuring customer safety online. We urgently call for businesses to review their cyber security policies and recognise their role in protecting UK consumers against cybercrime.”
This was posted in Bdaily's Members' News section by Cyber Security Partners .
Enjoy the read? Get Bdaily delivered.
Sign up to receive our popular morning National email for free.
Our Partners
From COVID-19 to the Middle East crisis
How to build credibility in B2B marketing
Is your business ready for the trade union change?
Government 'must take its foot off businesses' throats'
Upskilling key to civil engineering's future
Why apprenticeships are becoming a strategic asset
Business growth requires the right environment
OpenAI decision a wake-up call for our tech plans
Understanding the new Employment Rights Act
Why global conflict is a cyber risk for UK SMEs
Improving safety and standards in construction
From economic engine to community ecosystem