Millions of fraudulent e-mails intercepted before reaching customers

Since the spring of 2017, Danske Bank has managed to block more than 3 million fraudulent e-mails to customers and employees thanks to simple and efficient technology.

Criminals pretending to be Danske Bank are to a great extent prevented from succeeding in their missions. Following the implementation by Danske Bank in spring 2017 of a new and efficient layer of security, more than 3 million fraudulent e-mails have been blocked, according to new figures from the bank. The e-mails in question seem to be sent from @danskebank.dk and similar domains such as @danske.dk and @danske-bank.dk.

“This is a huge step forwards as both customers and employees of the bank now receive way fewer fraudulent e-mails. It means that we have effectively reduced the risk of fraud in connection with fraudulent e-mails,” says Poul Otto Schousboe, Head of IT Security at Danske Bank.

Fewer fraudulent e-mails
Danske Bank is thus up to speed with a number of other large corporates and authorities all over the world. They use the e-mail configuration called DMARC (Domain-based Message Authentication).




In short, it imposes an additional layer, which stops fraudulent e-mails before they are delivered to the recipient. Consequently, customers and employees of the bank do not receive fraudulent e-mails that seem to be sent from Danske Bank, and which in the worst case scenario could make the recipient share confidential information or transfer funds to the phoney sender.
According to a new report from Global Cyber Alliance, an increasing number of companies and organisations make use of the technology. This leads to cost reductions, according to the report.
Access to IT infrastructure
Poul Otto Schousboe points to the fact that several studies have shown that 90-95 per cent of all successful cyberattacks begin with fraudulent e-mails, where the fraudsters can then potentially gain access to the infrastructure, which typically consists of hardware, software and network.

The approach is not surprising as it takes only little effort to set up a fake e-mail, and at the same time fraudsters can target a wide range of companies and employees. If just one employee or customer clicks the link or opens the attachment, the fraudsters could potentially gain access to the infrastructure of the customer or the employee.

Poul Otto Schousboe

Head of IT Security, Danske Bank