One of the easiest ways to get hacked is through a phishing email. Phishing emails contain either a malicious attachment or include an embedded link to a malicious website.

Of course, many people are getting wise to phishing emails and aren’t so easily fooled. But what if you receive a phishing email from the last place you’d ever expected to receive one from? Would you still have your guard up?

A recent study by news agency Axios discovered that only 6% of news organizations deploy DMARC on their email newsletters. DMARC (Domain-based Message Authentication, Reporting and Conformance) is a sophisticated but widely-available technology that ensures emails are authentic.

phishing awareness

The study found that of 98 news sites tested, only one had fully operational DMARC. “The list of sites not protected by DMARC includes influential news sources, from the New York Times and USA Today to Fox and NBC networks to Voice of America and major international outlets.”

Without DMARC deployed, hackers can compromise email newsletters to send out fake news and potentially compromise an election. Or worse. They could use the compromised newsletters to send phishing emails to all the recipients.

Hackers are getting more sophisticated. They target emails they know have a high likelihood of getting the recipients to lower their guard. Until news organization start deploying existing technologies like DMARC to protect their readers, it’s incumbent upon the readers to protect themselves. Fortunately, there are easy-to-deploy, inexpensive, cloud-based email protection solutions like PhishProtection.

To learn more about how PhishProtection can protect you from news organization phishing attacks and many other vulnerabilities,