News
GMO Brand Security Survey: [Current State of Email Security in Local Governments] Two-Thirds of 862 Municipalities Nationwide Lack Anti-Spoofing Measures
Only 1.9% Have Enabled DMARC Settings Capable of Blocking Spoofing Emails
- Press Release
- Share
2026-03-12
To members of the press
GMO Brand Security, Inc.
GMO Brand Security Inc. (Representative director and president: Mitsuaki Nakagawa; hereinafter "GMO Brand Security"), a member of the GMO Internet Group, has conducted a survey on the implementation status of the sender domain authentication technology "DMARC" (Domain-based Message Authentication, Reporting, and Conformance). The survey targeted a total of 862 organizations nationwide using domains ending in ".lg.jp," including 47 prefectures and 815 municipalities (20 ordinance-designated cities, 772 cities, and the 23 special wards of Tokyo).
The survey revealed that approximately two-thirds (66.9%) or 577 organizations have not yet implemented DMARC, highlighting that many local governments remain exposed to the risk of email spoofing. Furthermore, even among the organizations that have implemented DMARC, over 90% are limited to monitoring-only settings. Only 1.9% of all surveyed organizations have implemented "quarantine" or "reject" policies, which can effectively block unauthorized emails.
For further details, please refer to the following link (Japanese only): https://brandsecurity.gmo/en/news/
