Barely any of the UK’s top universities are protected against being abused in phishing and spoofing attack, new research has claimed.
A report from email security provider EasyDMARC reviewed the security policies of all of the main email domains used by the top 100 UK universities, finding less than a fifth (19%) of the .ac.uk domains having correctly implemented and configured security policies to flag, report, and remove outbound phishing emails.
While almost all domains (88%) have implemented the DMARC standard for automatic flagging and removal of receiving fraudulent emails (Domain-based Message Authentication, Reporting, and Conformance), the tools are mostly under-utilized, the report further claimed.