Organizations not adequately protected against tax phishing scams

With phisherfolk ever keen to cash in at the end of the tax year, a new study has analyzed the public DNS records for 200 domains likely to be impersonated for tax fraud and finds that 78 percent are not adequately protected. The research from email security company Valimail looked at Fortune 100 businesses, US states' departments of revenue, federal tax agencies and well-known tax preparation services. The analysis focused on the presence and validity of Domain-based Message Authentication, Reporting and Conformance (DMARC) and Sender Policy Framework (SPF) records. Across all domains analyzed, 78 percent of the organizations either lack… [Continue Reading]