1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Many universities could be at risk of easy phishing attacks

    From TechnologyDaily@1337:1/100 to All on Mon Dec 18 12:15:05 2023
    Many universities could be at risk of easy phishing attacks

    Date:
    Mon, 18 Dec 2023 12:07:41 +0000

    Description:
    UK universities' email security standards are below-grade, leaving domains exposed to phishing attacks.

    FULL STORY ======================================================================

    Barely any of the UKs top universities are protected against being abused in phishing and spoofing attack, new research has claimed.

    A report from email security provider EasyDMARC reviewed the security
    policies of all of the main email domains used by the top 100 UK
    universities, finding less than a fifth (19%) of the .ac.uk domains having correctly implemented and configured security policies to flag, report, and remove outbound phishing emails.

    While almost all domains (88%) have implemented the DMARC standard for automatic flagging and removal of receiving fraudulent emails (Domain-based Message Authentication, Reporting, and Conformance), the tools are mostly under-utilized, the report further claimed. In it for the money

    Of the university domains implementing DMARC (88), 59 had their policies set to monitor outgoing emails impersonating legitimate domains. Another 25 were quarantining such emails, while 20 institutions (19% in total) set their
    DMARC to automatically reject site emails impersonating their domains.

    The reports conclusion is that many DMARC implementations among UK top 100 .ac.uk domains are leaving users exposed to phishing emails. This creates a substantial risk of ransomware attacks, fraud, and data breaches, it was said in the report.

    Gerasim Hovhannisyan, EasyDMARC CEO and co-founder, found the findings concerning, stating: With many organizations moving to cloud-based email ecosystems, its likely that many educational institutions are finding it difficult to find a way to implement DMARC that can operate seamlessly alongside their SaaS solution stack, he said. For vendors and service providers to educational institutions, these findings should be a wake-up
    call regarding the massive security gap that needs to be filled with cloud-native DMARC solutions.

    Due to its ease of use, low cost, and omnipresence in the business realm, email remains the number one attack vector for most cybercriminals. While common sense and endpoint protection eliminate most of the risk, security policies still play a vital role. More from TechRadar Pro What is phishing
    and how dangerous is it? Here's a list of the best firewalls today These are the best endpoint protection services right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/many-universities-could-be-at-risk-of-e asy-phishing-attacks


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)