An alarming percentage of government agencies and leading retailers are not authenticating their outbound e-mail, leaving their brands at risk of being victimized by phishers and other scam artists, according to a study released today by the Online Trust Alliance.
According to the Online Trust Alliance—formerly the Authentication and Online Trust Alliance—56% of the top .gov sites, including Whitehouse.gov, Senate.gov, FBI.gov, Treasury.gov and Homeland Security’s DHS.gov are not authenticating.
Also, according to the Online Trust Alliance, 45% of the top 300 retailers are also not authenticating their outbound e-mail. Top names that are failing to authenticate are Sears, Victoria’s Secret, the Gap and Nordstrom, according to the Online Trust Alliance.
Any company that conducts financial transactions online with customers is a potential target for phishers, or thieves who send e-mail purporting to be from a company the recipient does business with in order to get the recipient to hand over account numbers, user names and passwords
E-mail authentication is designed, among other things, to protect brands against phishing schemes by helping e-mail inbox providers determine if incoming mail truly has been sent by the company it claims to be.
Large, well-known brands, such as international banks, were the first to authenticate because they were the first targets of phishing attempts. However, online thieves have been turning to smaller and smaller targets over the last two years, making it more important for smaller brands to authenticate their servers.
E-mail industry leaders have been urging marketers to authenticate their servers for years.
The Direct Marketing Association made authentication a condition of membership in 2005, apparently to little effect.
“It is incomprehensible that in this period of escalating online scams and diminishing consumer confidence these agencies and businesses continue to sit on the sidelines,” said Craig Spiezle, OTA chairman and founder, in a statement. “Best practices not only need to be adopted by business, but also by governmental agencies. OTA members reiterate their willingness to provide resources and assistance to these organizations.”
