Leading UAE and KSA hospitals may be leaving citizens at risk of email fraud

Leading UAE and KSA hospitals may be leaving citizens at risk of email fraud

Proofpoint, a leading cybersecurity and compliance company, has released new research identifying that 72% of the top hospitals in the UAE and KSA are lagging behind on basic cybersecurity measures, subjecting citizens to a higher risk of email fraud.

These findings are based on a Domain-based Message Authentication, Reporting and Conformance (DMARC) analysis of the top hospitals in the UAE and KSA. DMARCis an email validation protocol designed to protect domain names from being misused by cybercriminals. It authenticates the sender’s identity before allowing a message to reach its intended destination. DMARC has three levels of protection – monitor, quarantine and reject, with reject being the most secure for preventing suspicious emails from reaching the inbox.  

The analysis revealed that only 28% of UAE and KSA hospitals have implemented the strictest and recommended level of DMARC protection (‘reject’). This means that 72% are not proactively blocking fraudulent emails from reaching users. Furthermore, only 69% of UAE hospitals have published a basic DMARC record, meaning 31% are taking no steps to protect users from potential email fraud.

Emile Abou Saleh, Regional Director, Middle East and Africa for Proofpoint, said: “A broader security strategy will be crucial to secure the future of the healthcare sector in the UAE and KSA. The healthcare industry must pursue a security strategy that focuses on people, because threat actors will continue to convince victims to click malicious links, download unsafe files, install malware and disclose sensitive information. Moreover, their security strategy will have to adapt to new business models to protect health information wherever it is stored – whether within the hospital or beyond.”

Browse our latest issue

Intelligent CISO

View Magazine Archive