New Report Finds 56% of Private Equity Domains Vulnerable to Spoofing

Updated Atumcell Analysis Reveals Modest Progress — and Mounting Cloud-Driven Risks

BOSTON, MA, UNITED STATES, June 30, 2025 /EINPresswire.com/ -- Six months after revealing widespread domain spoofing vulnerabilities among private equity (PE) firms, cybersecurity firm Atumcell has released an updated report showing that most firms remain exposed — and the risks are growing. The study, titled Still Spoofable, finds that 56% of PE firm and portfolio company domains are spoofable, a slight increase from 55% in November 2024.

The report evaluates 179 mid-market PE firms and their 2845 portfolio companies for adoption of SPF, DKIM, and DMARC, the email authentication protocols that protect organizations from being impersonated in phishing attacks.

“Email is now the primary attack surface,” said David Williams, CEO of Atumcell. “Attackers no longer need to break into infrastructure. They phish for credentials, exploit email weaknesses, and use that access to move through cloud environments largely undetected.”

One Firm Gets It Right. Most Still Don’t

For the first time in Atumcell’s analysis, a single firm achieved a perfect score, demonstrating complete implementation of spoofing protections across its domain ecosystem. The next closest firm left over 20% of its domains vulnerable, highlighting the gap between best practice and the industry norm. Other notable changes include five new firms entering the top 20 ranking, with one firm climbing 85 spots. However, the overall picture remains bleak: several previously top-ranked firms lost ground, and the majority of domains remain vulnerable to impersonation.

Spoofing Now Enables Cloud Breaches

The report warns that spoofing is no longer just a phishing risk. It's often the first step in cloud compromise. As PE firms rely more on cloud-based tools for communication, file sharing, and portfolio management, a single spoofed email can lead to credential theft, unauthorized access, and significant data exposure.

Cloud service providers charge extra for security logging and alerting, and many mid-market firms forego those features, leaving massive blind spots when attackers gain access.

The report includes actionable recommendations for PE firms and portfolio companies:

1. Check any domain for spoofability using Atumcell's free tool atumcell.com/spoofcheck
2. Enforce DMARC policies to block unauthorized use of domains
3. Monitor domain configurations regularly
4. Test for spoofing in penetration tests and phishing simulations
5. Invest in cloud logging and visibility tools


The full report, Still Spoofable: Insecure Domains Leave PE Firms Exposed to Modern Cyberattacks, is available at https://atumcell.com/whitepapers

About Atumcell

Atumcell (atumcell.com) provides a cybersecurity operating system tailored to private equity firms and their portfolio companies. With innovative tools and a strategic, attacker-focused approach, Atumcell helps clients reduce risk, mature security posture, and meet insurability standards.

David E Williams
Atumcell Inc
+1 617-671-8810
email us here