Report Reveals Nearly 70 Percent of SaaS 1000 Leave Consumers Vulnerable to Phishing Attacks

Study produced by 250ok analyzed domains operated by the top 1,000 SaaS companies

INDIANAPOLIS--()--A study released today by 250ok, a leader in advanced email analytics for DMARC, deliverability, design and engagement, found 65 percent of SaaS 1000 companies do not protect their customers, partners and employees from phishing attacks by using a DMARC policy. Phishing and spoofing attacks against consumers are likely when companies do not have a published Sender Policy Framework (SPF) or Domain-based Message Authentication, Reporting and Conformance (DMARC) policy in place.

DMARC is considered the industry standard for email validation to prevent attacks in which malicious third parties send harmful email using a counterfeit address. Unsurprisingly, 91 percent of all cyber attacks begin with a phishing email.

250ok’s report, DMARC Adoption Among SaaS 1000 (Q1 2018),” reveals 65 percent of the top 20 SaaS companies use DMARC, almost double the adoption rate of the SaaS 1000 as a whole. Nearly 51 percent of the top 100 have a DMARC policy, with 18 percent of those companies using a Quarantine or Reject policy, the two most effective DMARC strategies. However, only 10 percent of the SaaS 1000 use Quarantine or Reject policies, while 25 percent use the lowest tier of DMARC.

“Beyond the benefits of better email deliverability and improved reputation, even the most basic DMARC policy can better ensure recipients are protected from attempts to steal personal information,” said Matthew Vernhout, director of privacy at 250ok.

A 2017 study from the Anti-Phishing Working Group reported phishing attacks targeted an average of 443 brands per month in the first half of 2017, up from 413 per month during the same period in the previous year. Cloudmark revealed 42 percent of consumers are less likely to do business with a company after receiving a suspicious message “from” the brand.

250ok’s report offers six recommendations for SaaS companies to successfully implement a DMARC policy to improve deliverability and protect reputation.

To access the full report, visit:

About 250ok

250ok focuses on advanced email analytics, insight and deliverability technology to power a large and growing number of businesses, ranging from clients like Adobe, eHarmony and Marketo, who depend on 250ok to cut through big data noise and provide actionable, real-time analytics to maximize email performance. For more information, visit


Kate Jaramillo, 317-806-1900

Release Summary

A study released today by 250ok found 65 percent of SaaS 1000 companies do not protect their customers, partners and employees from phishing attacks.

Social Media Profiles


Kate Jaramillo, 317-806-1900