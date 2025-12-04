LONDON, DELAWARE, UNITED KINGDOM, December 4, 2025 /EINPresswire.com/ -- Despite increased awareness and government guidance on email‑authentication standards, organisations in the UK continue to face serious phishing and spoofing threats. High‑profile incidents earlier this year demonstrate that even large institutions and critical sectors remain vulnerable.

Recent UK Phishing Cases Illustrating the Risk

- In mid‑2025, a phishing campaign impersonating HM Revenue and Customs (HMRC) compromised around 100,000 UK taxpayer accounts, resulting in approximately £47 million of fraudulent tax‑rebate claims.

- In July‑August 2025, a sophisticated scam posing as the Home Office targeted UK organisations with sponsor licences — attempting to steal access to the Sponsorship Management System (SMS) via spoofed official communications.

These attacks show that phishing remains a top threat even in regulated markets — and that adoption without enforcement leaves organisations exposed.

What We Found — Global DMARC Adoption Report 2025 by EasyDMARC

At Black Hat Europe 2025, EasyDMARC will present the Global DMARC Adoption Report. The report covers more than 1.8 million domains worldwide, including samples from both the Inc. 5000 and Fortune 500. Key findings:

- DMARC adoption rose from 27.3 % in 2023 to 47.6 % in 2025.

- However, over 80 % of domains still have no DMARC record or use a non‑enforcing policy (p=none).

- More than 70 % of DMARC‑enabled domains lack reporting (RUA) tags, leaving organisations without visibility into who sends on their behalf.

Why It Matters

The recent UK phishing incidents underline that adoption alone isn’t sufficient. Without active enforcement (quarantine or reject) and visibility through reporting, domains remain vulnerable to impersonation, spoofing, and fraudulent use. The industry must move from passive compliance to active protection — and DMARC enforcement is an essential step.

Independent Research Supports These Findings

The report aligns with insights from Omdia’s On the Radar: EasyDMARC research, which highlights the growing importance of email authentication and the need for organisations to move beyond basic adoption toward active enforcement and monitoring to prevent spoofing and phishing attacks.

Rik Turner, Chief Analyst for Cybersecurity at Omdia, commented:

“EasyDMARC aims to drive DMARC enforcement across the global community of email domain owners. It supports both direct and indirect businesses in enforcing sustainable email authentication, security, and deliverability, which Omdia considers a critical capability in the ever-evolving age of AI.”

