Middle East Retailers Strengthen Cybersecurity Amid E-Commerce Growth

As the shopping season gains momentum, retailers in the Middle East are reinforcing their cybersecurity frameworks to protect consumers from email fraud and cyberattacks. A recent study by cybersecurity firm Proofpoint highlights significant progress in the adoption of Domain-based Message Authentication, Reporting, and Conformance (DMARC) protocols by regional retailers, reflecting their commitment to ensuring secure online transactions.

Improved Cybersecurity Measures

According to Proofpoint’s analysis, 90% of the leading Middle East retailers have now published a DMARC record, an essential tool in preventing email fraud. Additionally, 40% of the top 20 retailers have implemented the strictest DMARC policy, “reject,” to block suspicious emails from reaching consumers’ inboxes. This marks a notable increase from the 30% adoption rate at the “reject” level observed last year, demonstrating a proactive stance in combating fraudulent activity.

DMARC is an email authentication protocol designed to protect domain names from misuse. It ensures that email senders are legitimate and offers three levels of protection:

• Monitoring: Observing suspicious activities.

• Quarantine: Flagging questionable emails for further inspection.

•  Rejection: Blocking malicious emails outright.

The “reject” policy is the most robust measure and is increasingly being adopted to shield consumers from phishing attempts and other email-based threats.

Cyber Threats and Evolving Tactics

The Middle East retail market is projected to grow by 4.21% annually from 2024 to 2032, according to IMARC. This growth is fueled by an expanding population and a shift toward online shopping. However, this surge in e-commerce has also attracted cybercriminals employing advanced phishing, ransomware, and business email compromise techniques.

"Phishing emails remain a major threat, leading unsuspecting consumers to unsafe websites that harvest sensitive information such as credentials and credit card data," said Emile Abou Saleh, Regional Director for the Middle East and Africa at Proofpoint. He emphasized the importance of deploying robust authentication protocols like DMARC to support both the growth and security of the region’s retail sector.

Vyber Law’s Perspective on Cybersecurity in the Middle East

From a legal standpoint, Middle East retailers must align their cybersecurity practices with regional data protection laws, such as the UAE’s Federal Decree-Law No. 45 of 2021 on Personal Data Protection (PDPL) and similar regulations across GCC countries. These laws emphasize the responsibility of businesses to safeguard consumer data and implement stringent cybersecurity measures.

Retailers failing to adopt adequate security protocols may face severe penalties under regional data protection laws, including fines and reputational damage. Vyber Law, specializing in compliance advisory for Middle Eastern businesses, highlights the following legal considerations:

1.   Mandatory Data Security Measures: Retailers must implement technologies like DMARC to comply with laws mandating robust data security.
2.  Liability in Data Breaches: Businesses are legally accountable for breaches resulting from negligence in adopting cybersecurity measures.
3.  Cross-Border Compliance: Retailers with international operations must also adhere to data protection laws in other jurisdictions, such as GDPR for European consumers.
4.  Consumer Rights: Transparency in handling personal data and notifying consumers in case of breaches is a legal obligation.

Practical Security Tips for Consumers

To stay protected during online shopping, Proofpoint and Vyber Law recommend:

• Typing website addresses directly into the browser instead of clicking on email links.

• Verifying the legitimacy of promotional codes at checkout.

• Using password managers and enabling multi-factor authentication for an added layer of security.

Conclusion

The Middle East retail sector’s growing adoption of DMARC and other cybersecurity measures reflects a shift toward prioritizing consumer protection. However, the legal landscape demands that businesses not only adopt these tools but also ensure compliance with regional data protection laws. As e-commerce continues to expand, a blend of robust technology and legal adherence will be crucial in safeguarding consumer trust and fostering sustainable growth.

 

For any enquiries or information, contact ask@tlr.ae or call us on +971 52 644 3004. Follow The Law Reporters on WhatsApp Channels