Securing consumer trust before it’s too late: key takeaways from our latest whitepaper

These days, falling victim to cybercriminal activity feels like an inevitability for online retailers of all shapes and sizes. And with nearly 20% of total retail sales now coming from ecommerce worldwide, ransomware attacks, phishing campaigns, and other data breaches will only become more sophisticated.

During this make-or-break period for retailers, it’s important to not only consider the immediate business impact of these attacks, but also the ripple effect that can cost much more in the long run: the loss of consumer trust.

So, what do consumers expect from their eCommerce partners, and how can retailers take action before they pass the point of no return? We’ve broken it all down in our newest report, “When it’s gone, it’s gone! The value of safeguarding consumer trust in the retail sector.”

Brand loyalty is everything — and consumer trust is the heart of brand loyalty

A whopping 75% of consumers noted that they’re loyal to a brand they trust, even when ‘trendier’ options are available, and 59% are willing to spend more on a product from a trusted brand. The loyalty crusher? A breach in trust. What’s more, 65% of customers have stopped purchasing from brands after the retailer did something the consumer considered distrustful.

DMARC brand protection

Data security is the new gold standard in customer service

While damaged goods, subpar quality, and slow response times are still excellent ways to lose repeat business, consumers have also turned their attention to the potentially devastating financial and privacy impacts of data breaches. And it’s clear that consumers have put the onus on ecommerce vendors to serve as their first line of defense. A recent study found that 72% of UK consumers and 64% of US consumers place the blame squarely on the shoulders of the business, rather than the hacker when their personal data is breached. It should come as no surprise, then, that retailers’ failure to adequately protect consumer data comes with massive business consequences: 81% of consumers say they will no longer engage with an online brand in the wake of a high-profile data breach.

Email campaigns are an essential — and increasingly vulnerable — component of eCommerce.

DMARC is a crucial first step toward brand security. Each day, consumers’ inboxes are flooded with attention-grabbing subject lines from retailers, compelling them to snag the latest products and hottest deals. With an estimated 376 billion daily emails expected by the year 2025, the opportunity to cash in on a data breach is far too lucrative for cybercriminals to pass up. Taking steps to protect consumers from email-based attacks begins with Domain-based Message Authentication, Reporting and Conformance (DMARC), which blocks would-be hackers from impersonating a retailers’ domain in an effort to dupe customers into sharing sensitive data. While domain protection should be a foundational investment to safeguard customers’ data, Red Sift found that only 12 percent of the world’s top retailers are fully covered.

BIMI boosts consumer trust and brand engagement

Even with DMARC protocols in place, weary consumers need more assurance that retailers’ emails are legitimate. That’s where BIMI (Brand Indicators for Message Identification) comes in. BIMI allows retailers to display a registered, trademarked logo on all DMARC-authenticated emails, signaling to consumers that the message is safe to open and explore. When Red Sift asked consumers if an email with a logo increased their confidence in the message, 90 percent of UK-based respondents and 84 percent of US-based respondents agreed or strongly agreed.

Read the whole report

Interested in finding out more? Download the full report today, and discover how DMARC, and BIMI with VMC, are essential and cost-effective measures in securing consumer trust now and for the future.

download our latest report

PUBLISHED BY

Red Sift

4 Feb. 2022

SHARE ARTICLE:

Recent Posts

VIEW ALL
Certificates

TLS certificates are changing: What you need to know

Red Sift

Executive summary: TLS certificates are about to get significantly shorter-lived. Starting 15 March 2026, newly issued public-trust certificates will max out at 200 days—and just three years later, that lifespan drops to 47 days. Backed by Google, Apple, and Mozilla, this shift aims to make the web safer through fresher data, faster failover, and…

Read more
DKIM

The hidden threat: How misconfigured DKIM enables replay attacks

Red Sift

Email authentication isn’t just an IT concern. It protects your brand and customers. A single misstep can let attackers spoof your domain, send phishing emails, and destroy customer trust. One of the most dangerous methods? The DKIM replay attack. In this post, we’ll break down how undersigned DKIM keys and related misconfigurations open your…

Read more
BIMI

Why DMARC and BIMI are a business priority

Jack Lilley

Email threats aren’t slowing down, and neither should your authentication strategy. In our recent joint webinar with Marigold, “From DMARC to BIMI: Navigating the New Email Authorization Landscape,” we broke down what today’s evolving standards mean for both security and marketing teams—and how to take action now with our free Red Sift Investigate tool.…

Read more
ASM

Zoom stops zooming: Why active monitoring is essential

Billy McDiarmid

​On April 16, 2025, Zoom experienced a significant global outage that disrupted video conferencing services and access to its website for thousands of users, as well as their corporate email for all their employees. It was quickly identified as a domain name registration status problem. Despite being a critical name for Zoom, somehow, the…

Read more