A comprehensive analysis of email authentication adoption across eight critical sectors, revealing Argentina’s enforcement gap and the path to becoming a Resilient Defender.
"*" indicates required fields
Trusted by businesses and governments across the globe
THREAT LANDSCAPE
In 2024, Argentina faced an increasingly hostile digital environment: a 44% year-on-year surge in phishing attacks, and 438 high-impact security incidents managed by CERT.ar, a 15% rise over 2023, with government institutions accounting for 61% of all reported incidents.
+44%
Phishing Surge in Argentina (2024–2025)
Argentina recorded a 44% year-on-year increase in phishing attacks over the 12-month period analyzed, driven by AI-powered automation allowing attackers to distribute millions of fraudulent messages at minimal cost.
Source: Kaspersky Latin America Threat Landscape, Sep 2025.
438
High-Impact Security Incidents (CERT.ar 2024)
Argentina’s national incident response team CERT.ar managed 438 cybersecurity incidents in 2024, a 15% increase over 2023’s 379 cases, with government institutions accounting for 61% of all reported incidents.
61%
Government Sector Share of 2024 Incidents
Of all 438 cybersecurity incidents recorded by CERT.ar in 2024, 61% targeted state institutions, making government the most compromised sector in Argentina, with 267 incidents reported against public-sector domains and infrastructure.
Source: CERT.ar Annual Report 2024.
+44%
Year-on-Year Phishing Surge in Argentina
Argentina’s phishing volume grew 44% year-on-year, driven by AI-powered automation that allows criminals to deploy targeted messages at scale, with government and financial institutions as the primary targets.
Source: Kaspersky Threat Landscape LatAm / CERT.ar 2024.
Ranked 71st globally on the National Cybersecurity Index, Argentina’s “Evolving” status reflects strong foundational SPF adoption but a critical gap in enforcement-level protections. The nation has the building blocks of a world-class email security posture, but the structure above them remains incomplete.
NATIONAL OVERVIEW
Aggregate posture across all 8 analyzed sectors, giving a national-level picture of Argentina’s email authentication maturity in 2026.
UNDER THE HOOD
Beneath Argentina’s strong SPF foundation lie four critical structural vulnerabilities, each representing a distinct attack surface that threatens organizations across every sector.
35.9%
Domains stuck at p=none
21.0%
No DMARC record at all
56.9%
Combined unprotected rate
Many Argentine organizations publish a DMARC record but leave it at p=none. This provides visibility into email flows but offers zero protection against active spoofing attacks. With 35.9% of all analyzed domains in monitoring-only mode, the majority of Argentina’s digital infrastructure remains open to impersonation despite technically “having DMARC.” Healthcare (52.2% p=none) and Telecom (40.0%) are the worst offenders.
Expert insight:
“While Argentina has successfully built the technical foundation for domain transparency, organizations remain vulnerable to active exploitation until they transition from monitoring to a strict ‘reject’ stance. Real security is achieved not by observing the threat, but by neutralizing it at the gateway.”
Maitham Al Lawati, CEO, PowerDMARC
PowerDMARC Solution: Hosted DMARC
Guided enforcement journey: safely escalate from p=none → p=quarantine → p=reject without disrupting legitimate mail flow
Intuitive DMARC report analyzer translates raw XML reports into clear dashboards, eliminating the visibility barrier that keeps organizations at p=none
PowerAlerts notify security teams of spoofing attempts in real time, creating urgency to enforce
4.8%
SPF Incorrect (national)
17.4%
Healthcare SPF incorrect
7.4%
Media SPF incorrect
As Argentine businesses adopt more cloud-based services, marketing automation, CRM platforms, payment gateways, and SaaS tools, they frequently hit the 10-DNS-lookup limit defined in RFC 7208. Exceeding this limit causes legitimate emails to fail authentication and land in spam or be rejected entirely, creating a deliverability crisis that erodes both security posture and sender reputation simultaneously.
Expert insight:
“The complexity of modern tech stacks means that large Argentine firms are at constant risk of exceeding DNS lookup thresholds. Implementing SPF Flattening is no longer just a best practice; it is a strategic necessity for ensuring operational resilience and sender reputation.”
Yunes Tarada, Service Delivery Manager, PowerDMARC
PowerDMARC Solution: PowerSPF
PowerSPF automatically flattens and optimizes SPF records, keeping DNS lookup counts within the RFC 7208 limit at all times
Dynamic SPF updates ensure new cloud services are instantly included without manual DNS edits or downtime windows
Real-time alerts notify teams the moment an SPF record approaches lookup threshold limits
98.8%
No MTA-STS (national)
0%
Healthcare, Govt, Education, Media, Telecom
5.4%
Energy – only bright spot
With 98.8% of domains lacking MTA-STS, Argentina is highly susceptible to “Downgrade Attacks” where attackers force SMTP servers to drop TLS encryption and transmit data in plain text. Standard STARTTLS is opportunistic, meaning it can be bypassed silently by any attacker with access to the network path. Without MTA-STS, there is no enforcement mechanism to prevent this interception from occurring undetected.
Expert insight:
“Relying solely on opportunistic encryption (STARTTLS) creates a dangerous false sense of security; it is a passive defense that can be easily bypassed by attackers. Without MTA-STS, a malicious actor can perform a ‘downgrade attack’ to force communications into unencrypted plaintext, making it trivial to intercept sensitive data in transit. For Argentine organizations, enforcing encrypted delivery paths is no longer optional; it is a critical requirement for maintaining data confidentiality and preventing network-level eavesdropping.”
Ayan Bhuiya, Operations & Delivery Shift Lead, PowerDMARC
PowerDMARC Solution: PowerMTA-STS
Hosted MTA-STS policy deployment in minutes, no server infrastructure required, no technical overhead
Forces all inbound email transit into enforced TLS 1.2+ channels, eliminating SMTP downgrade attack vectors entirely
PowerTLS-RPT provides real-time reporting on MTA-STS policy failures and attempted interceptions
1.8%
DNSSEC enabled (national)
0%
Government & Education
98.2%
DNS infrastructure unprotected
Only 1.8% of analyzed Argentine domains are protected against DNS hijacking and cache poisoning. Without DNSSEC, attackers can redirect users to rogue websites, intercept entire email flows at the DNS layer, or impersonate any domain, completely undermining every other authentication layer that has been deployed. The Government and Education sectors report 0% DNSSEC adoption, despite holding some of the country’s most sensitive institutional data.
Expert insight:
“DNS hijacking can dismantle years of brand reputation in mere moments. DNSSEC acts as the definitive guardian of digital identity, providing the cryptographic proof necessary to ensure users reach your authentic server rather than a fraudulent clone.”
Ahona Rudra, Marketing Manager, PowerDMARC
PowerDMARC Solution: DNSSEC Checker
Instant DNSSEC validation: PowerDMARC’s DNSSEC Checker identifies misconfigurations and absent records across all monitored domains
Domain Health Analyzer provides continuous scans for DNS vulnerabilities, with clear step-by-step remediation guidance
Unified dashboard integrates DMARC monitoring + DNS integrity, giving security teams one view of the full authentication stack
SECTOR-BY-SECTOR ANALYSIS
Each sector’s metrics are validated directly against the source chart data. Policy distributions reflect the full breakdown from each sector’s DMARC chart.
Risk Level: Moderate Risk
| Metric | Value |
|---|---|
| SPF Correct | 96.7% |
| SPF Incorrect | 3.3% |
| DMARC p=reject | 28.4% |
| DMARC p=quarantine | 32.5% |
| DMARC p=none | 28.5% |
| No DMARC Record | 10.6% |
| MTA-STS Valid | 1.6% |
| DNSSEC Enabled | 2.4% |
Threat Scenario: Crypto-Asset & SWIFT Fraud
With a 98.4% MTA-STS gap, attackers deploy Downgrade Attacks to strip SMTP encryption, intercepting transaction confirmations to reroute funds. Banking leads in enforcement but remains a primary target for sophisticated interception.
PowerDMARC Solution for Banking
Risk Level: Critical Risk
| Metric | Value |
|---|---|
| SPF Correct | 82.6% |
| SPF Incorrect | 17.4% |
| DMARC p=reject | 8.7% – Critically Low |
| DMARC p=quarantine | 13.0% |
| DMARC p=none | 52.2% |
| No DMARC Record | 26.1% |
| MTA-STS Valid | 0% |
| DNSSEC Enabled | 4.3% |
Threat Scenario: Patient Data Extortion
The 52.2% p=none rate, the highest of any sector, provides visibility but zero protection. Attackers spoof hospital domains to deliver ransomware that locks patient records. With ANMAT standards taking full effect, compliance pressure is intensifying.
PowerDMARC Solution for Healthcare
Risk Level: Moderate Risk
| Metric | Value |
|---|---|
| SPF Correct | 97.8% |
| SPF Incorrect | 2.2% |
| DMARC p=reject | 26.1% |
| DMARC p=quarantine | 32.6% |
| DMARC p=none | 28.3% |
| No DMARC Record | 13.0% |
| MTA-STS Valid | 0% |
| DNSSEC Enabled | 0% |
Threat Scenario: Policy Disinformation
The 32.6% quarantine rate means spoofed government alerts often land in junk folders, where they can still be accessed and trusted by citizens during a crisis. With 0% DNSSEC and 0% MTA-STS, DNS infrastructure and transport channels are fully exposed.
PowerDMARC Solution for Government
Risk Level: Moderate Risk
| Metric | Value |
|---|---|
| SPF Correct | 100.0%; Best in Class |
| DMARC p=reject | 9.0% |
| DMARC p=quarantine | 36.4% |
| DMARC p=none | 36.4% |
| No DMARC Record | 18.2% |
| MTA-STS Valid | 0% |
| DNSSEC Enabled | 0% |
Threat Scenario: IP Harvesting
Despite perfect 100% SPF adoption, only 9% of Education domains enforce DMARC at reject. Attackers exploit the 91% enforcement gap to spoof faculty emails and steal research data, student credentials, and intellectual property from Argentine universities.
PowerDMARC Solution for Education
Risk Level: Moderate Risk
| Metric | Value |
|---|---|
| SPF Correct | 98.2% |
| SPF Incorrect | 1.8% |
| DMARC p=reject | 28.6% |
| DMARC p=quarantine | 33.9% |
| DMARC p=none | 19.6% |
| No DMARC Record | 16.1% |
| Incorrect DMARC | 1.8% |
| MTA-STS Valid | 5.4%; Sector Leader |
| DNSSEC Enabled | 3.6% |
Threat Scenario: Supply Chain Poisoning
With 94.6% lacking MTA-STS, attackers can intercept unencrypted operational emails to suppliers, aiming to bridge into physical grid control systems. Energy leads MTA-STS nationally, yet 5.4% is still critically insufficient for infrastructure of this sensitivity.
PowerDMARC Solution for Energy
Risk Level: Critical Risk
| Metric | Value |
|---|---|
| SPF Correct | 92.6% |
| SPF Incorrect | 7.4% |
| DMARC p=reject | 2.7%; Critically Low |
| DMARC p=quarantine | 8.8% |
| DMARC p=none | 49.3% |
| No DMARC Record | 35.8% |
| Incorrect DMARC | 3.4% |
| MTA-STS Valid | 0% |
| DNSSEC Enabled | 0.7% |
Threat Scenario: Fake News Distribution
The 2.7% p=reject rate and 35.8% complete lack of DMARC give attackers near-unobstructed access to spoof media outlet domains. AI-assisted tools generate believable misinformation at scale using the identity of trusted Argentine news brands.
PowerDMARC Solution for Media
Risk Level: Moderate Risk
| Metric | Value |
|---|---|
| SPF Correct | 95.0% |
| SPF Incorrect | 5.0% |
| DMARC p=reject | 17.5% |
| DMARC p=quarantine | 15.0% |
| DMARC p=none | 40.0% |
| No DMARC Record | 22.5% |
| Incorrect DMARC | 5.0% |
| MTA-STS Valid | 0% |
| DNSSEC Enabled | 2.5% |
Threat Scenario: SIM-Swap & Billing Phishing
Scammers spoof carrier domains for credential harvesting. With only 17.5% at p=reject, spoofed carrier emails reach subscribers, enabling SIM-swap attacks, account takeovers, and billing fraud. Telecoms are the digital backbone of Argentina; their reactive posture puts every subscriber at risk.
PowerDMARC Solution for Telecom
Risk Level: Lower Risk
| Metric | Value |
|---|---|
| SPF Correct | 98.0% |
| SPF Incorrect | 2.0% |
| DMARC p=reject | 30.6%; Sector Leader |
| DMARC p=quarantine | 28.6% |
| DMARC p=none | 28.6% |
| No DMARC Record | 12.2% |
| MTA-STS Valid | 2.0% |
| DNSSEC Enabled | 2.0%; Sector Leader |
Threat Scenario: Invoice Manipulation
The 12.2% no-DMARC gap allows attackers to send spoofed invoices to shipping partners, changing bank details to redirect freight payments. Logistics companies handle just-in-time data; any interruption in email trust can halt a supply chain.
PowerDMARC Solution for Transport
SUMMARY HEATMAP
Color context: Green = strong (>80%), Amber = partial (15–80%), Red = insufficient (<15%), gray=absent (0%).
| Sector | SPF Correct | DMARC p=reject | MTA-STS Valid |
|---|---|---|---|
| Banking | 96.7% | 28.4% | 1.6% |
| Healthcare | 82.6% | 8.7% | 0% |
| Government | 97.8% | 26.1% | 0% |
| Education | 100.0% | 9.0% | 0% |
| Energy | 98.2% | 28.6% | 5.4% |
| Media | 92.6% | 2.7% | 0% |
| Telecommunications | 95.0% | 17.5% | 0% |
| Transport & Logistics | 98.0% | 30.6% | 2.0% |
| Sector | SPF Correct | DMARC p=reject | MTA-STS Valid |
|---|---|---|---|
| Banking | 96.7% | 28.4% | 1.6% |
| Healthcare | 82.6% | 8.7% | 0% |
| Government | 97.8% | 26.1% | 0% |
| Education | 100.0% | 9.0% | 0% |
| Energy | 98.2% | 28.6% | 5.4% |
| Media | 92.6% | 2.7% | 0% |
| Telecommunications | 95.0% | 17.5% | 0% |
| Transport & Logistics | 98.0% | 30.6% | 2.0% |
Scroll
GLOBAL BENCHMARKING
All figures below are sourced from PowerDMARC’s own published country report.
| Country | SPF Correct | DMARC p=reject | MTA-STS | DNSSEC | Policy Regime |
|---|---|---|---|---|---|
| Australia | 92.3% | 46.7% | 5.8% | 6.8% | ACSC Guidance |
| Poland | 98.9% | 21.2% | 0.9% | 15.7% | EU NIS2 Directive |
| Netherlands | 70.0% | 23.2% | 0.9% | 37.7% | EU NIS2 Directive |
| Italy | 91.0% | 16.7% | 1.0% | 3.5% | Voluntary |
| Japan | 95.0% | 9.2% | 0.5% | 16.4% | Voluntary |
| Argentina | 95.2% | 18.5% | 1.2% | 1.8% | No Mandate |
Scroll
WHERE ARGENTINA LEADS
Argentina’s 95.2% SPF outpaces Australia (92.3%), Italy (91.0%), and Japan (95.0%) while approaching Poland (98.9%) as a near-perfect foundation. SPF adoption is Argentina’s clearest global strength.
THE ENFORCEMENT GAP
At 18.5% p=reject, Argentina exceeds Japan (9.2%) and trails Australia (46.7%), Poland (21.2%), and the Netherlands (23.2%). Italy (16.7%) is the closest peer; both operate without mandates.
THE DNSSEC DEFICIT
Argentina’s 1.8% DNSSEC rate is dwarfed by the Netherlands (37.7%), Poland (15.7%), and Japan (16.4%). This is the most severe relative gap and the one where a national mandate would have the fastest impact.
KEY FINDINGS
Argentina achieves 95.2% national SPF adoption, on par with the US (95.7%) and above Australia (92.3%), Italy (91.0%), and Japan (95.0%). The foundational layer outpaces most of the developed world.
Australia’s guidance-driven 46.7% rejection rate is 2.5x Argentina’s voluntary 18.5%. Argentina’s posture mirrors Italy (16.7%), both countries lack a national mandate.
Only Energy (5.4%), Transport (2.0%), and Banking (1.6%) have any MTA-STS. Six of eight sectors report 0%, leaving 98.8% of Argentina’s email traffic exposed to SMTP downgrade attacks.
With only 2.7% p=reject and 35.8% lacking any DMARC record, media is Argentina’s most vulnerable sector, giving attackers a near-open channel to weaponize trusted news brands for AI-generated disinformation campaigns.
More than half of healthcare domains are in monitoring-only mode. Combined with 100% missing MTA-STS, this is the highest-risk patient data exposure posture of any analyzed sector, and a critical ANMAT compliance risk.
Argentina’s 1.8% national DNSSEC rate, with Government and Education at 0%, leaves the entire DNS foundation exposed to hijacking and cache poisoning. Italy alone (3.5%) is nearly double Argentina’s national average.
RECOMMENDATIONS
Six prioritized actions, organized by urgency, to close Argentina’s enforcement gap and achieve a posture commensurate with its world-class SPF foundation.
Immediate Priority
Healthcare (52.2% p=none) and Telecom (40.0%) must begin a structured enforcement journey immediately. PowerDMARC’s hosted platform provides a safe, guided migration path (p=none → p=quarantine → p=reject) with zero legitimate mail disruption.
Immediate Priority
Six of eight sectors report 0% MTA-STS. PowerMTA-STS eliminates SMTP downgrade attacks and enforces TLS 1.2+ on all inbound mail, closing the transport encryption gap that exposes 98.8% of Argentina’s email infrastructure.
Immediate Priority
Media (35.8%), Healthcare (26.1%), and Telecom (22.5%) have the largest shares of domains with no DMARC record at all. Publishing even a p=none record immediately enables visibility. PowerDMARC’s DMARC Generator deploys a valid record in minutes.
Short Term (3–6 months)
Both sectors report 0% DNSSEC. A national mandate for .gov.ar domains, mirroring international cybersecurity strategies, would rapidly protect the DNS foundation all other protocols depend on.
Short Term (3–6 months)
Telecom (5.0% incorrect DMARC), Media (3.4%), Energy (1.8%), and Healthcare (17.4% incorrect SPF) all have active misconfigurations providing false security. PowerDMARC’s Domain Health Analyzer identifies and resolves all misconfigurations automatically.
Long Term (6–18 months)
The data is unambiguous: countries with national guidance achieve 2.5–3x higher enforcement rates. Argentina should follow the US, UK, and Australian models. PowerDMARC supports government-scale multi-domain deployments with full compliance reporting.
Active DNS queries across domain samples from all 8 sectors, retrieving and validating SPF, DMARC, MTA-STS, and DNSSEC records per relevant RFC standards.
Domains identified from publicly available registries and sector databases across Financial, Healthcare, Government, Education, Energy, Media, Telecommunications, and Transport.
All benchmark figures sourced from PowerDMARC’s published country reports for Australia, Poland, Netherlands, Italy, and Japan, using consistent DNS-analysis methodology.
Sector risk ratings derived from a composite of p=reject adoption, share of domains with no DMARC record, and SPF misconfiguration rate across analyzed domains.
Argentina’s email security posture in 2026 reflects a country that has successfully completed Phase 1 of the authentication journey: identification. With 95.2% national SPF adoption, Argentina matches the United States and outpaces most of Europe. The foundational layer is genuinely world-class.
But in a threat environment where Argentina saw a 44% surge in phishing attacks year-on-year, and where CERT.ar managed 438 high-impact security incidents in 2024 alone; a near-perfect SPF rate without enforcement is like a sophisticated alarm system with the siren muted. At 18.5% national p=reject, compared to Australia’s 46.7%, Argentina is leaving the vast majority of its digital infrastructure open to impersonation, fraud, and interception.
The path from “Passive Leader” to “Resilient Defender” runs through DMARC p=reject, MTA-STS deployment, and a national framework that mandates adoption across government and regulated sectors. The tools to close this gap are available today, and with government institutions bearing 61% of Argentina’s 2024 cyberincidents, the urgency for public-sector leadership on email authentication has never been clearer.
“Argentina has laid a flawless floor. The structure above it (DMARC enforcement, MTA-STS, DNSSEC) remains unfinished and exposed. Building it is not optional in 2026.”
PowerDMARC secures email ecosystems for over 10,000 organizations across 100+ countries, including Fortune 100 companies, governments, and critical infrastructure operators. SOC 2 Type 2 · ISO 27001 · GDPR compliant. Visit powerdmarc.com to book a 1:1 session with our email security experts.
