Email Security in Retail: A Rising Imperative
As the festive shopping season approaches, significant advancements in email security for e-commerce platforms in the Middle East become increasingly apparent.
A recent study by Proofpoint, Inc., a prominent cybersecurity entity, reveals that 89% of leading online retail sites in the UAE and an impressive 95% in Saudi Arabia have adopted DMARC (Domain-based Message Authentication, Reporting, and Conformance) records.
This illustrates a resolute commitment to enhancing email authentication measures, particularly in light of elevated shopping activity.
- UAE: 89% of top retail websites implement DMARC.
- KSA: 95% demonstrate similar practices.
- 42% of UAE retailers and 53% of Saudi counterparts enforce a reject policy, enhancing security.
While these figures underscore an admirable trajectory towards fortified digital communication, a disconcerting number of retail domains continue to lack comprehensive DMARC enforcement.
This shortfall leaves them vulnerable to the pernicious threats posed by unauthenticated messages, which can easily masquerade as legitimate communications. Establishing robust domain authentication remains paramount in preserving the integrity of customer interactions.
The influence of artificial intelligence (AI) is further complicating the retail landscape, introducing fresh vulnerabilities that necessitate meticulous security protocols.
A prevailing trend sees a majority of retailers in the region integrating AI technologies within various operational facets, significantly enhancing customer engagement and personalisation.
However, this rapid evolution also provides cybercriminals with novel avenues to replicate trusted brands on a large scale.
Kenan Abu Ltaif, Regional Lead for Middle East and Turkey at Proofpoint, emphasised, “While retailers in the UAE have made commendable strides in bolstering their email authentication practices, the lack of domains enforcing the recommended reject policy signals residual vulnerabilities.
As consumers increasingly rely on email communications during peak shopping seasons like White Friday, robust authentication measures are crucial in mitigating fraudulent attempts that impersonate reputable brands.
Retailers that adopt a reject policy for DMARC not only safeguard their clientele but also fortify their own brand’s credibility amidst an evolving threat landscape.”
To further enhance security, Proofpoint advises retailers to reassess their domain authentication strategies and to enforce DMARC with a reject policy.
Consumers, too, can take proactive steps by directly visiting verified websites, scrutinising offers at checkout, utilising unique and robust passwords, and activating multi-factor authentication.
Understanding DMARC
DMARC serves as a bulwark against email fraud risk for countless organisations. As a global standard, it acts as a form of passport control in the realm of email security, validating that the sender’s domain has not been impersonated.
Utilising established standards such as DKIM (DomainKeys Identified Mail) and SPF (Sender Policy Framework), DMARC ensures emails are not spoofed, thus protecting employees, customers, and partners from cyber threats.
Methodology
The analysis conducted by Proofpoint, assessing DMARC adoption among leading e-commerce and retail domains within the UAE and KSA, took place in November 2025.
Source link: Menafn.com.
