Less than 1% of UK charities are protected against email fraud

Fewer than 1% of UK charities are adequately protected against the risks of being targeted by fraudulent emails and phishing attacks, according to a new report

Chloe Green | 26th Jun 17

Fewer than 1% of UK charities are adequately protected against the risks of being targeted by fraudulent emails and phishing attacks, according to the findings of a new report published by platform-as-a-service provider Red Sift.

The organisation analysed more than 78,000 email domains of UK charities to establish how many of them implement email authentication protocols to protect their organisations and their donors from cyber-attacks. Overall, under 1% of them have implemented email authentication with DMARC – Domain-based Message Authentication, Reporting & Conformance.

The Top 100 Charities showed a slight increase in adoption (5%), however, none were blocking unauthorised email. The finding follows the recent publication of a UK Government report which found that fraudulent emails (72%) and phishing attacks (27%) were amongst the most common types of breaches suffered by UK businesses, further highlighting the huge risks posed to the £70bn UK charity sector and the 67% of the UK population who engage with it.

Rahul Powar, Red Sift CEO, commented: “Fraudulent emails and phishing attacks pose a serious risk to businesses and the data that they hold. As such it is very concerning that UK charities, that make huge social and economic contributions despite often working with limited resources, are so exposed to these potentially hugely damaging attacks.”


OnDMARC free for charities

To help UK charities protect themselves against email-based cyberattacks, Red Sift is making its email cyber security product, OnDMARC, free to all registered UK charitable organisations. The solution enables users to quickly and easily deploy DMARC, a robust security protocol for protecting email, blocking phishing attacks, increasing deliverability of authorised emails and protecting their brand.

DMARC protection ensures that only trustworthy sources can send email on behalf of your business; it also discourages cyber criminals from targeting a business that has DMARC protection.

“DMARC is a powerful tool to help combat some of the most difficult to detect types of email fraud,” said Philip Reitinger, President and CEO of the Global Cyber Alliance, a non-profit dedicated to reducing systemic cyber risk.

“Red Sift’s initiative to help charities protect themselves through their DMARC solution is admirable. We applaud their efforts and join them in encouraging all organisations to take action against email fraud with the power of DMARC.”

The OnDMARC solution requires no cybersecurity expertise from users, and makes the setup and maintenance of a DMARC policy quick and simple. It uses AI to classify reports that are sent to the domain owner, identifying unauthorised email traffic and actively blocking phishing attempts, while increasing the deliverability of authorised emails. The report, which details Red Sift’s findings and shows how organisations can deploy and use the DMARC protocol to protect their email, is available to download here.

Any charity wanting to register for the free service should visit the OnDMARC solution website where they will be upgraded to the charities program.