Insights | PKF Infuse

Derby businesses urged to tighten email security after PKF Infuse research

Written by PKF Infuse | Jul 16, 2026 11:47:41 AM


New research finds more than one in five local domains have inadequate protection against email impersonation attacks.


A cyber security audit carried out by PKF Infuse found that 118 of the 499 domains assessed across Derby and Nottingham had authentication failures involving DMARC, SPF or both, potentially leaving them more vulnerable to spoofed emails designed to impersonate trusted organisations.


Using a newly developed DMARC checker tool, PKF Infuse analysed 499 domains across Derby and Nottingham to assess the implementation of Domain-based Message Authentication, Reporting and Conformance (DMARC).
DMARC is an email authentication standard that helps prevent cyber criminals from impersonating legitimate organisations and sending fraudulent emails in their name.


The audit found that just 14.2% of domains had fully implemented DMARC best practice, while 118 domains had authentication failures involving DMARC, SPF or both, potentially leaving them more vulnerable to spoofed emails.


A further 195 domains, representing 39.1% of those assessed, were operating under a quarantine policy, meaning some protection measures are in place but have not yet been fully enforced.


The research also identified 163 domains, or 32.7%, that appeared inactive, highlighting the need for organisations to review whether legacy domains have been properly retired or remain unnecessarily exposed.
The research forms part of a wider assessment of more than 1,000 organisations across the Midlands, with PKF Infuse aiming to track improvements in cyber resilience over time.


Paul Howard, managing director of PKF Infuse and the developer behind the tool, said: “Cyber security doesn’t always have to start with expensive technology or complex projects. Sometimes it’s about getting the fundamentals right.


“DMARC is one of those basics that can stop criminals impersonating trusted organisations and sending convincing fraudulent emails in their name. “People are more likely to trust emails that appear to come from a recognised business, supplier, school, council or public sector organisation, which is why these domains are attractive targets for cyber criminals.


“This is about education and awareness, not naming and shaming organisations. We want businesses to know where they stand and encourage them to take practical steps that make it harder for cyber criminals to exploit their brands and deceive customers, employees or members of the public.


“It is encouraging that many organisations have taken some steps towards protection, but our research shows there is still significant work to do to ensure domains are properly protected. “That’s why we’ve made a free checker available so organisations can make informed decisions about improving their email security.”


Email spoofing remains one of the simplest techniques used by attackers, enabling them to impersonate executives, suppliers or trusted brands in an attempt to trick recipients into transferring money, disclosing sensitive information or sharing login credentials.


The findings come at a time when phishing and impersonation attacks continue to represent one of the biggest cyber security threats facing organisations and members of the public alike.


Paul added: “Email remains one of the most common routes for cyber attacks. Implementing and enforcing DMARC is a relatively straightforward step that can significantly reduce risk and help protect both organisations and the people they serve.


“If, a year from now, we can say more organisations across Derby and Nottingham have strengthened their email security, that will be a positive outcome for everyone.”


To help organisations understand their own exposure, PKF Infuse has launched a free online DMARC checker, enabling businesses to assess their email authentication status and identify whether additional protections may be needed.


Businesses can check their DMARC status here.