Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
Sparsa AI Launches Sovereign Enterprise AI Platform with Global Deploy...
Conifers AI Opens Singapore Data Region, Bringing Local Data Residency...
Finally taken down: Residential proxy network of at least 2m smart dev...
DXC Opens Flagship AI-first Customer Experience Center in Bengaluru
AI speeds threat discovery as coverage gaps persist: survey
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      S E Asia governments targeted by cyber-espionage group

      S E Asia governments targeted by cyber-espionage group

      Tuesday, June 23, 2026, 8:00 AM Asia/Singapore | Features
    • Featured

      Rethinking network and infrastructure design for resilience

      Rethinking network and infrastructure design for resilience

      Thursday, June 18, 2026, 2:17 PM Asia/Singapore | Features
    • Featured

      Bringing cybercriminals to justice in APAC

      Bringing cybercriminals to justice in APAC

      Thursday, June 11, 2026, 10:30 AM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • AWARDS 2026
  • Directory
  • E-Learning

Select Page

News

DNS‑record analysis shows uneven DMARC enforcement among FIFA World Cup sponsors

By CybersecAsia editors | Friday, April 17, 2026, 5:35 PM Asia/Singapore

DNS‑record analysis shows uneven DMARC enforcement among FIFA World Cup sponsors

A limited data analysis suggests that many 2026 sponsors lack strict DMARC enforcement despite having basic email authentication in place…

Based on an analysis of public data supplied by sponsor domains* published in February 2026, a cybersecurity firm has shared some findings with the media regarding gaps in email authentication controls among organizations linked to the FIFA World Cup 2026 that could impact readiness against domain impersonation and email fraud risks.

The analysis reviewed 25 corporate domains listed as official sponsors, suppliers, partners, and supporters of the tournament scheduled between June 11 and July 19, 2026.

First, the analysis found that 24 of the 25 domains had published a Domain-based Message Authentication, Reporting and Conformance (DMARC) record at some level, indicating that most organizations in the sample had implemented basic email authentication measures against domain spoofing. Second, 16 domains, representing 64% percent of those analyzed — had applied a DMARC policy configured to “reject”, which is the level that prevents unauthenticated or spoofed messages from being delivered to recipients’ inboxes.

Other findings

Third, nine organizations, accounting for 36% of the analyzed sponsors, had not implemented the “reject” enforcement level and were therefore not proactively blocking spoofed messages attempting to use their domains. Also:

  • Eight of the 25 domains (32%) had had DMARC configured for either monitoring mode or partial enforcement, which provided visibility into unauthorized use but did not automatically block suspicious messages.
  • One of the analyzed domains had not published a DMARC record at all, according to the data
  • The official FIFA domain, by contrast, was listed as having a full DMARC “reject” policy.

According to Jennifer Cheng, Director of Cybersecurity Strategy (Asia Pacific and Japan), Proofpoint, the firm that shared its data findings: “Major global sporting events like the FIFA World Cup create ideal conditions for cybercriminals to exploit excitement, urgency and trust at scale… brands and consumers should be on alert for increased phishing and impersonation attempts in the lead-up to the tournament, particularly as AI-powered tools make these attacks easier to launch and harder to detect. To reduce this risk, businesses need to take proactive steps by strengthening email protections to block fraudulent messages before they reach the inbox and by building employee awareness through phishing simulations and ongoing education.”

*Methodology: The analysis covered 25 primary corporate domains identified on FIFA and Sports Business Journal sponsor listings. DMARC configurations were verified in February 2026 by checking DNS records for the presence and policy level (none, quarantine, or reject). The sample is limited to a limited event‑specific group of sponsors and does not directly measure actual phishing volumes, fraud incidents, or downstream consumer losses, nor does it account for other controls — such as SPF/DKIM, mail transfer agent filtering, or brand‑protection tooling — that may also affect impersonation risk.

Editor’s note: Domain‑spoofing is only one technique within the broader category of email fraud, which also includes lookalike domains, account takeovers, and business‑email compromise.

Share:

PreviousHighlights of Asia’s 2026 premier integrated security event
NextExein establishes APAC headquarters and Taipei office

Related Posts

Brunei’s Baiduri Bank leverages cloud authentication platform for corporate and consumer divisions

Brunei’s Baiduri Bank leverages cloud authentication platform for corporate and consumer divisions

Friday, August 16, 2024

List of 10 brands most abused in phishing campaigns for Q1 2024

List of 10 brands most abused in phishing campaigns for Q1 2024

Tuesday, May 14, 2024

COVID-19 pandemic drives up fraud costs in four APAC countries

COVID-19 pandemic drives up fraud costs in four APAC countries

Monday, July 12, 2021

When you cannot crack secure passwords, hack the password manager software!

When you cannot crack secure passwords, hack the password manager software!

Thursday, December 8, 2022

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
previous arrow
next arrow

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

    Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

    Cyber threats have become more frequent and sophisticated, targeting organizations of all sizes across all …Download Whitepaper
  • Zero Trust Made Simple: Why it matters and how to get started

    Zero Trust Made Simple: Why it matters and how to get started

    Data breaches and cyberattacks are no longer limited to large, high-profile organizations.Download Whitepaper
  • Cloud Secure Edge: Remote access, better security

    Cloud Secure Edge: Remote access, better security

    ​SonicWall Cloud Secure Edge™ is a modern, cloud-native Security Service Edge (SSE) solution that addresses …Download Whitepaper
  • Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

    Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • How a Vietnamese D2C retailer built its own secure digital infrastructure

    How a Vietnamese D2C retailer built its own secure digital infrastructure

    Would your organization build your own digital infrastructure – including AI governance and cybersecurity – …Read more
  • Cyber protection for medical clinics in Singapore

    Cyber protection for medical clinics in Singapore

    As Singapore’s healthcare sector becomes increasingly digital and interconnected, clinics are facing heightened cyber risks, …Read more
  • India’s WazirX strengthens governance and digital asset security

    India’s WazirX strengthens governance and digital asset security

    Revamping its custody infrastructure using multi‑party computation tools has improved operational resilience and institutional‑grade safeguardsRead more
  • Bangladesh LGED modernizes communication while addressing data security concerns

    Bangladesh LGED modernizes communication while addressing data security concerns

    To meet emerging data localization/privacy regulations, the government engineering agency deploys a secure, unified digital …Read more

Bottom sidebar

Other News

  • Sparsa AI Launches Sovereign Enterprise AI Platform with Global Deployment at QNET

    Wednesday, July 8, 2026
    The Sparsa AI Enterprise Operating …Read More »
  • Conifers AI Opens Singapore Data Region, Bringing Local Data Residency to Asia-Pacific Security Teams

    Wednesday, July 8, 2026
    With data regions now spanning …Read More »
  • DXC Opens Flagship AI-first Customer Experience Center in Bengaluru

    Tuesday, July 7, 2026
    Strengthens DXC’s India presence with …Read More »
  • D-Link Brings Advanced AI Fall Detection and Privacy Protection to Home Elderly Care with the New DCS-8610 Wi-Fi Camera

    Monday, July 6, 2026
    Advanced technologies traditionally found in …Read More »
  • ICAC Commissioner attends first IAACA European regional anti-corruption conference in Hungary

    Friday, July 3, 2026
    BUDAPEST, Hungary, July 2, 2026 …Read More »
  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2026 CybersecAsia All Rights Reserved.