Important Alert: Google and Yahoo will require DMARC starting from April 2024.
Read more

Date of analysis: 13/02/2024

DMARC Adoption in Qatar: 2024 Report

DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email authentication protocol designed to improve your email’s security. DMARC has played a pivotal role in minimizing email threats like phishing and spoofing for years! So much so, that leading email service providers like Google and Yahoo are now enforcing it.

DMARC is more than just your everyday email authentication protocol like SPF and DKIM. While the latter are important prerequisites in authenticating the sender, DMARC paves the way for a feedback mechanism. With DMARC, you can configure reports on email deliverability and authentication to be sent back to you. Moreover, you can also instruct the receiving servers on how to treat emails failing authentication checks

Book a demo Download PDF

Assessing the Threat Landscape

DMARC-qatar

With a surge in email-based threats in modern times, Qatar is no exception. Irrespective of the country or place, global technological advancements with the introduction of AI have increased the risk of cybercrime. This has had a worldwide impact, not sparing Qatar from the line of fire. 

According to this article by Economy Middle East, in the first quarter of 2023, Qatar recorded an 88% rise in phishing scams. This is in comparison to the value recorded in the first quarter of 2022. While the second quarter saw a 64% increase!

Kaspersky’s Spam and Phishing Report listed phishing due to social engineering scams as one of the top four email scams in Qatar. 

Qatar hasn’t been sitting idle in the face of rising cyber threats either! The country has implemented various measures to enhance its cybersecurity. In 2021, the National Cybersecurity Agency was established in Qatar, to aid in the detection and prevention of cyber threats. 

However, it is still important for individuals and organizations to take proactive measures to protect themselves. Increasing ‌adoption rates of authentication protocols like DMARC can be a great starting point!

In our Qatar DMARC Adoption Report for 2024, we will address the following major concerns:

  • What is the current situation of DMARC adoption and enforcement in organizations in Qatar?

  • How can we improve ‌domain security and email authentication infrastructure in Qatar to prevent impersonation attacks?

  • Which industry sectors in Qatar are the most vulnerable to email phishing?

  • How does PowerDMARC help organizations mitigate email-based threats?

To gain better insight into the current scenario we analyzed 961 domains belonging to top businesses and organizations in Qatar, from the following sectors:

  • Healthcare

  • Energy

  • Government

  • Banking

What Do the Numbers Say?

An in-depth SPF and DMARC adoption analysis was conducted while examining all 458 Qatar domains, which led to the following revelations:

Graphical Analysis: Among all 458 domains examined that belong to various organizations in Qatar, 294 domains (44.5%) possessed correct SPF records, while 191 domains (41.7%) unfortunately had no SPF records at all. 161 domains (35.15%) had correct DMARC records, while 5 of the domains (1.1%) had DMARC records that contained errors. A vast majority of domains (292 domains making up 63.75%) had no DMARC record found. 54 domains had their DMARC policy set at none (33.5%), enabling monitoring only, while 65 domains (40.4%) had their DMARC policy level set at quarantine, and 42 domains (26.1%) had their DMARC policy set at maximum enforcement (i.e. p=reject).

Sector-wise Analysis of Qatar Domains

Healthcare Sector

Key Findings

  • 39.5% of domains had no SPF record 
  • 7% of the domains had their DMARC policy set at p=none
  • No DMARC record was found for 67.4% of the domains

Energy Sector

Key Findings

  • 38.6% of domains had no SPF record 
  • 13.6% of the domains had their DMARC policy set at p=none
  • No DMARC record was found for 61.4% of the domains

Government Sector

Key Findings

  • 31.8% of domains had no SPF record 
  • 10.2% of the domains had their DMARC policy set at p=none
  • No DMARC record was found for 58% of the domains

Banking Sector

Key Findings

  • 38% of domains had no SPF record 
  • 7.6% of the domains had their DMARC policy set at p=none
  • No DMARC record was found for 54.4% of the domains

Education Sector

Key Findings

  • 51.3% of domains had no SPF record 
  • 20% of the domains had their DMARC policy set at p=none
  • No DMARC record was found for 61.3% of the domains

Telecom Sector

Key Findings

  • 54.8% of domains had no SPF record 
  • 9.7% of the domains had their DMARC policy set at p=none
  • No DMARC record was found for 77.4% of the domains

Media and Entertainment Sector

Key Findings

  • 43.9% of domains had no SPF record 
  • 9.8% of the domains had their DMARC policy set at p=none
  • No DMARC record was found for 80.5% of the domains

Transport Sector

Key Findings

  • 44.2% of domains had no SPF record 
  • 13.5% of the domains had their DMARC policy set at p=none
  • No DMARC record was found for 69.2% of the domains

Comparative Analysis of SPF Adoption among Different Sectors in Qatar

The SPF adoption rate was found to be low in Qatar’s Education and Telecom sectors. The highest rate of SPF adoption was noted in the Qatar Government, Banking, and Energy sectors.

Comparative Analysis of DMARC Adoption among Different Sectors in Qatar

Qatar Media and Entertainment, Telecom, and Transport sectors noted low rates of DMARC adoption. The highest rate of DMARC adoption was noted among Banks in Qatar. A large percentage of organizations in all sectors had no DMARC policy implemented.

Critical Errors Organizations in Qatar are Making

On analyzing 458 domains belonging to various sectors and industries in Qatar, we found that there were some critical errors that organizations in Qatar are making. These errors, if overlooked, could potentially leave them vulnerable to cyberattacks.

How Can Organizations in Qatar Improve Email Security?

PowerDMARC Helps You in this Process

It’s essential to set up DMARC, DKIM, and SPF on all gateways within a company to ensure email security. Consistently following these email sender best practices across all your domains and channels helps identify and block unauthorized or harmful email sources effectively. 

PowerDMARC provides a full suite of email security services and hosted solutions that can assist you with your goals

Let’s join hands to increase the rate of DMARC adoption and strengthen the email security infrastructure in businesses across Qatar. Get in touch with us at [email protected] to find out how we can help protect your domain and business today!