Top Middle East Universities Not Proactively Blocking Fraudulent Emails: Proofpoint

Proofpoint has released new research identifying that 84% of the top 100 universities in the Middle East are lagging behind on basic cybersecurity measures, subjecting students, staff and partners to a higher risk of email-based impersonation attacks.

These findings are based on a Domain-based Message Authentication, Reporting and Conformance (DMARC) adoption analysis of the top 100 universities based in the Middle East. DMARC is an email validation protocol designed to protect domain names from being misused by cybercriminals. It authenticates the sender’s identity before allowing a message to reach its intended destination. DMARC has three levels of protection – monitor, quarantine and reject, with reject being the most secure for preventing suspicious emails from reaching the inbox.

Proofpoint’s analysis found that only 16% of the top 100 Middle East universities have implemented the strictest and recommended level of DMARC protection (‘reject’), meaning 84% are not proactively blocking fraudulent emails from reaching users. Despite this, almost two-thirds (61%) of the Middle East’s leading universities have taken the initial steps to protect students and staff from email fraud by publishing a basic DMARC record. However, 39% have no DMARC protection in place at all and are therefore subject to cybercriminals impersonating their domains to target individuals with email fraud.

“Our research has shown that many Middle East universities are still exposing people to cybercriminals on the hunt for personal and financial data by not implementing simple, yet effective email authentication best practices,” says Emile Abou Saleh, Regional Director, Middle East, Turkey and Africa for Proofpoint. “Email continues to be the vector of choice for cybercriminals and the education sector remains a key target. Schools and universities hold valuable data from thousands of students, researchers and staff, and as a result, will continue to remain very vulnerable to attacks. ”

Business email compromise (BEC) attacks should also be on organizations’ radars when it comes to email security, especially since 66% of UAE organizations reported an attempted BEC attack last year according to Proofpoint’s 2023 State of the Phish report. BEC attacks involve assuming the identity of business contacts to send fraudulent emails that aim to trick victims into believing they have received legitimate emails from reputable organizations.

“Cybercriminals regularly use the method of domain spoofing to pose as well-known organizations and companies by sending an email from a supposedly legitimate sender address. These emails are designed to trick people into clicking on links or sharing personal details which can then be used to steal money or identities,” says Emile Abou Saleh, Regional Director, Middle East, Turkey and Africa for Proofpoint. “It can be almost impossible for an ordinary Internet user to identify a fake sender from a real one. By implementing the strictest level of DMARC – “reject” – universities can actively block fraudulent emails from reaching their intended targets, protecting their students, staff, and partners from cybercriminals looking to impersonate their brand.”

Proofpoint recommends students and other individuals follow the below top tips to remain safe online:

  1. Use strong passwords:  Do not reuse the same password twice. Consider using a password manager to make your online experience seamless, whilst staying safe. Use multi-factor authentication for an added layer of security.
  2. Watch out for “lookalike” sites: Attackers create “lookalike” sites imitating familiar brands and institutions. These fraudulent sites may pose as a credible establishment, be infected with malware, or steal money or credentials.
  3. Dodge potential phishing and smishing attacks: Phishing emails lead to unsafe websites that gather personal data, like credentials and credit card data. Watch out for SMS phishing too —aka ‘smishing’ — or messages through social media.
  4. Don’t click on links: If receiving correspondence from a university over email, Proofpoint recommends students go directly to the university’s website by typing in the known web address into their browser.