Important Alert: Google and Yahoo will require DMARC starting from April 2024.
Read more

Date of analysis: 02/02/2024

DMARC Adoption in Chile: 2024 Report

Let’s delve into DMARC (Domain-based Message Authentication, Reporting, and Conformance), an email authentication protocol that boosts your email’s safety. Unlike basic authentication protocols like SPF and DKIM, DMARC goes the extra mile. It not only verifies senders but also provides valuable feedback. 

With DMARC, you can monitor email delivery and instruct servers on how to handle your emails effectively. This added layer of security is crucial in recent times, where threats like phishing and spoofing are rampant.

With the pervasive use of email in both personal and professional realms, ensuring its security is pivotal for protecting confidential data. This includes financial details, personal conversations, and business strategies. Without robust email security measures, individuals and organizations are vulnerable to various cyber threats. 

Beyond the direct impact on individuals and organizations, email security breaches can have far-reaching consequences. This can be in the form of reputational damage, financial losses, and legal liabilities. Furthermore, in sectors such as healthcare, finance, and government, compliance regulations mandate stringent measures to protect sensitive data transmitted via email.

Book a demo

Assessing the Threat Landscape

DMARC adoption Chile

Amid the rise of email-based threats worldwide, Chile finds itself similarly vulnerable. Across the globe, advancements in technology, particularly with the emergence of AI, have escalated the risk of cybercrime. This phenomenon has reverberated globally, with Chile being no exception to the growing threat landscape.

According to this Cybersecurity Analysis Report by Mordor Intelligence, Chile, with a high internet usage of 92%, saw a huge increase in cyberattacks in 2021, reaching 9.4 billion. Due to its large population and internet usage, there’s a growing need for cybersecurity solutions and services in the country.

As our economy and financial systems rely more on digital technology and are more connected, the danger of cyberattacks keeps increasing. According to a document by the IMF (International Monetary Fund),  the University of Maryland’s CISSM Cyber Attacks Database reports that the number of cyberattacks among OECD countries has shot up a lot in the past decade, especially since 2020. Chile has seen a higher proportion of cyberattacks in its financial sector compared to other countries nearby and in the OECD.

In 2018, the second largest bank in Chile – Banco de Chile, lost $10 Million to a cyber attack. A malware known as MRB Killer infected their systems and servers, leading to the breach. This was a major eye-opener, leading Chilean officials to start making amends in organizational cybersecurity postures.

In our Chile DMARC Adoption Report for 2024, we will address the following major concerns:

  • What is the current situation of DMARC adoption and enforcement in organizations in Chile?

  • How can we improve ‌domain security and email authentication infrastructure in Chile to prevent impersonation attacks?

  • Which industry sectors in Chile are the most vulnerable to email phishing?

  • How does PowerDMARC help organizations mitigate email-based threats?

To gain better insight into the current scenario we analyzed 1004 domains belonging to top businesses and organizations in Chile, from the following sectors:

  • Healthcare

  • Energy

  • Government

  • Banking

  • Education

  • Telecommunications

  • Media and Entertainment

  • Transport

What Do the Numbers Say?

An in-depth SPF and DMARC adoption analysis was conducted while examining all 1004 Chile domains, which led to the following revelations:

BIMI Logo
BIMI Logo

Graphical Analysis: Among all 1004 domains examined that belong to various organizations in Chile, 703 domains (70%) possessed correct SPF records, while 232 domains (23.1%) unfortunately had no SPF records at all. 360 domains (35.9%) had correct DMARC records, while 3 of the domains (0.3%) had DMARC records that contained errors. A vast majority of domains (641 domains making up 63.8%) had no DMARC record found. 192 domains had their DMARC policy set at none (19.1%), enabling monitoring only, while 69 domains (6.9%) had their DMARC policy ‌set at quarantine, and 99 domains (9.9%) had their DMARC policy set at maximum enforcement (i.e. p=reject).

Sector-wise Analysis of Chile Domains

Healthcare Sector

DMARC Adoption in Chile Healthcare Sector

BIMI Logo

SPF Adoption in Chile Healthcare Sector

BIMI Logo

Key Findings:

  • 24.3% of domains had no SPF record 
  • 19.9% of the domains had their DMARC policy set at p=none
  • No DMARC record was found for 53.7% of the domains

Energy Sector

DMARC Adoption in Chile Energy Sector

BIMI Logo

SPF Adoption in Chile Energy Sector

BIMI Logo

Key Findings:

  • 27.4% of domains had no SPF record 
  • 10.8% of the domains had their DMARC policy set at p=none
  • No DMARC record was found for 77.4% of the domains

Government Sector

DMARC Adoption in Chile Government Sector

BIMI Logo

SPF Adoption in Chile Government Sector

BIMI Logo

Key Findings:

  • 27.5% of domains had no SPF record 
  • 25.8% of the domains had their DMARC policy set at p=none
  • No DMARC record was found for 49.2% of the domains

Banking Sector

DMARC Adoption in Chile Banking Sector

BIMI Logo

SPF Adoption in Chile Banking Sector

BIMI Logo

Key Findings:

  • 21.4% of domains had no SPF record 
  • 17.3% of the domains had their DMARC policy set at p=none
  • No DMARC record was found for 51% of the domains

Education Sector

DMARC Adoption in Chile Education Sector

BIMI Logo

SPF Adoption in Chile Education Sector

BIMI Logo

Key Findings:

  • 23.9% of domains had no SPF record 
  • 29.2% of the domains had their DMARC policy set at p=none
  • No DMARC record was found for 58.4% of the domains

Telecom Sector

DMARC Adoption in Chile Telecom Sector

BIMI Logo

SPF Adoption in Chile Telecom Sector

BIMI Logo

Key Findings:

  • 18.6% of domains had no SPF record 
  • 17.6% of the domains had their DMARC policy set at p=none
  • No DMARC record was found for 69.6% of the domains

Media and Entertainment Sector

DMARC Adoption in Chile Media and Entertainment Sector

BIMI Logo

SPF Adoption in Chile Media and Entertainment Sector

BIMI Logo

Key Findings:

  • 28.2% of domains had no SPF record 
  • 19.7% of the domains had their DMARC policy set at p=none
  • No DMARC record was found for 74.6% of the domains

Transport Sector

DMARC Adoption in Chile Transport Sector

BIMI Logo

SPF Adoption in Chile Transport Sector

BIMI Logo

Key Findings:

  • 15.7% of domains had no SPF record 
  • 18% of the domains had their DMARC policy set at p=none
  • No DMARC record was found for 70.2% of the domains

Comparative Analysis of SPF Adoption among Different Sectors in Chile

BIMI Logo

The SPF adoption rate was found to be the lowest in Chile’s Energy and Government sectors. The highest rate of SPF adoption was noted in the Chile Transport, Telecom, Banking, and Educational sectors.

Comparative Analysis of DMARC Adoption among Different Sectors in Chile

BIMI Logo

Chile’s Media and Entertainment, Energy, and Transport sectors noted low rates of DMARC adoption. The highest rate of DMARC adoption was noted in the Chilean Government sector. A large percentage of organizations in all sectors had no DMARC policy implemented.

Critical Errors Organizations in Chile Are Making

After examining 1004 domains spanning various sectors and industries in Chile, we discovered critical mistakes that organizations were making. These errors, if ignored, could potentially expose them to cyberattacks.

  • Incorrect SPF and DMARC Records

    Having incorrect syntax in your SPF or DMARC records defeats their purpose. Errors in these records might disrupt email delivery or cause messages to be flagged as spam. This not only affects your email marketing efforts but also harms your sender reputation. Additionally, flawed configurations leave your domain vulnerable to phishing and spoofing attacks. It’s crucial to utilize reliable tools like our SPF and DMARC record generator to create error-free records and ensure they stay updated. For instance, if you switch email vendors, remember to include them as authorized sending sources in your SPF record.

  • SPF and DMARC Record Absence

    Many Chilean domains lack SPF and DMARC records, which are vital for protecting your domain against unauthorized use, spoofing, phishing, and ransomware. By implementing these records, you enhance your domain’s security, acting as a deterrent against malicious activities, akin to securing your doors and windows with locks.

  • DMARC Policy Stuck at "None"

    While setting DMARC to “none” initially aids in monitoring email channels and activities, remaining stuck at this stage for an extended period is counterproductive. “None” offers no protection against cyberattacks. By enforcing your DMARC policy to “quarantine” or “reject,” you can mitigate domain impersonation risks. Several Chilean organizations have their DMARC policy set at “none,” limiting their domain protection. Utilizing a DMARC analyzer to transition smoothly toward enforcement can significantly reduce the risk of domain abuse.

  • Missing MTA-STS and TLS-RPT

    MTA-STS ensures that SMTP emails are transmitted over encrypted channels using TLS, thwarting interception attempts like DNS spoofing. Implementing MTA-STS enhances the security of your email system. Unfortunately, many Chilean domains lack an MTA-STS setup, leaving them vulnerable to potential attacks. SMTP TLS Reports complement MTA-STS by providing visibility into undelivered emails due to TLS encryption failures.

  • Exceeding SPF Lookup Limit

    Adhering to RFC standards, SPF imposes a limit of 10 DNS lookups. Surpassing this threshold can cause SPF to fail, resulting in authentication errors and inaccurate outcomes. A considerable portion of Chilean domains have invalid SPF records, likely due to the common issue of exceeding the DNS lookup limit.

  • Multiple DMARC/SPF Records for the Same Domain

    It’s imperative to have only one SPF or DMARC record per domain. Configuring multiple records for the same domain renders SPF invalid. Many Chilean organizations make this error, but it can be rectified. Therefore, avoiding multiple record configurations for the same domain is crucial.

How Can Organizations in Chile Improve Email Security?

DMARC adoption Chile

The following steps can be taken by Chilean organizations to improve their overall email security posture:

  • Staying under the 10 DNS lookup limit for SPF

  • Having error-free SPF and DMARC records

  • Having a single SPF/DMARC record per domain

  • Implementing additional layers of security like BIMI, MTA-STS, and TLS-RPT

  • Enabling DMARC RUA and RUF reports for monitoring domains and sending sources

  • Shifting from p=none to p=reject DMARC policy for protection against email-based attacks

PowerDMARC Helps You in this Process

Ensuring the security of your emails is paramount for organizations of all sizes. At PowerDMARC, we understand the importance of safeguarding your communications from cyber threats. That’s why we offer a comprehensive suite of email and domain security solutions tailored to meet your organization’s needs.

  • Complete Email Authentication Setup

    We provide expert assistance in configuring, setting up, and managing essential email authentication protocols such as DMARC, DKIM, and SPF. Our team ensures that your records are error-free and optimized for maximum security.

  • Hosted Email Authentication Services

    PowerDMARC offers a range of hosted email authentication services, including hosted DMARC, DKIM, SPF, MTA-STS, TLS-RPT, and BIMI. Our cloud-native platform allows for seamless configuration and updates without the hassle of multiple DNS accesses.

  • Intuitive Reporting

    Stay informed about the health of your email authentication with our smart and user-friendly reporting. Our daily aggregate and forensic DMARC reports provide insights into email activity, making monitoring effortless and effective.

  • Dedicated Support

    Our team of experts provides white-glove support to help you transition smoothly to DMARC enforcement and improve compliance. We go above and beyond to ensure your email security measures are up to par.

  • Optimized SPF Records

    Keep your SPF records optimized and compliant with industry standards. We help you stay within the DNS lookup and SPF length limits, ensuring your emails reach their destination securely.

  • Reputation Monitoring

    Monitor your domain’s reputation and proactively address issues with our reputation monitoring services. We keep track of your domains and IPs across multiple DNS blocklists to prevent email rejection or flagging.

  • Real-time Alerts

    Set up customized alerts to stay informed about any email security issues. Receive notifications via email, Slack, Discord, or webhook alerts, ensuring timely action to mitigate risks.

  • Compliance Assistance

    Ensure compliance with industry regulations and standards, including mandates from Google, Yahoo, and the PCI Data Security Standards Council. Our solutions help you meet these requirements efficiently and effectively. Get started with our compliance program.

  • Managed Security Services

    Partner with PowerDMARC for managed security services tailored to your organization’s needs. Our DMARC MSP/MSSP-ready platform and dedicated service desk ensure comprehensive support for your email security efforts.

Let’s join hands to increase the rate of DMARC adoption and strengthen the email security infrastructure in businesses across Chile. Get in touch with us at [email protected] to find out how we can help protect your domain and business today!

secure email powerdmarcReady to prevent brand abuse, scams and gain full insight on your email channel?

Start 15-day trial Book a demo