By Cargo / Motor Vehicles
Motor Vehicles Carriers — Email Security
80.2% of active motor vehicles carrier domains have no enforced DMARC — leaving this segment open to email impersonation, payment-redirect fraud, and cargo theft via phishing.
No enforced DMARC
80.2%
national: 80.1%
p=reject
8.1%
national: 7.5%
Microsoft 365
34.7%
national: 38.1%
M365 + no DMARC (carriers)
4,811
national: 92,822
MTA-STS
3.9%
national: 3.3%
DNSSEC
6.4%
national: 6.1%
Dead domains
1,417
of 19,156 scanned
Total carriers
22,079
1,419 with dead domain
Risk bands — Motor Vehicles carriers
Carrier counts by risk band (composite email-security pain score). Critical = score 70+; Minimal = score <15.
| Risk band | Score range | Carriers | Domains |
|---|---|---|---|
| Critical | score 70+ | 2,054 | 1,835 |
| High | score 50–69 | 6,526 | 5,693 |
| Medium | score 30–49 | 8,597 | 7,418 |
| Low | score 15–29 | 3,307 | 2,645 |
| Minimal | score <15 | 176 | 148 |
Motor Vehicles vs. national average
What the Motor Vehicles numbers actually mean
Segment exposure framing. Motor-vehicle transport (auto haulers, dealer movements) has high per-unit value and a small attacker margin per attempt — attractive for targeted payment-redirect campaigns against dealer payment ops.
DMARC posture. The motor vehiclessegment's share of carrier domains with no enforced DMARC sits at 80.2% — within 0.1 points of the national average. enforced p=reject DMARC adoption tracks the national pool — meaning most domains in this segment either have no DMARC at all or are stuck at the monitor-only p=none policy. At the protective end of the distribution, 8.1% of segment domains are at p=reject — the only DMARC policy that actually instructs receivers to drop spoofed mail.
Microsoft 365 surface. Microsoft 365 mailflow adoption sits below the national rate, which shifts the remediation surface toward self-hosted and Google Workspace estates where DMARC has to be configured at the DNS layer rather than flipped on in a tenant policy. That share is 21.8% of all motor vehicles carriers — a one-flag-flip remediation set that segment-specific MSPs can clear in a single quarter without touching DNS infrastructure.
Transport encryption. MTA-STS adoption sits at 3.9%, materially below the threshold a freight payment-redirect attacker would have to clear to be inconvenienced by transport-layer policy. DNSSEC adoption across motor vehicles carriers runs at 6.4% (vs 6.1% national).
Risk-band shape. 9.3% of Motor Vehicles carriers sit in the critical risk band (score 70+) — above the national share of 8.4% — meaning a disproportionate cluster carries simultaneously broken SPF, missing or monitor-only DMARC, and no MTA-STS.
Best-practice control for this segment. Dealer groups dispatching new-car deliveries should require DMARC enforcement on every carrier counterparty and verify any banking-detail change via a callback to a known-good number.
Compare Motor Vehicles with other cargo segments
Segments closest in carrier-count rank to Motor Vehicles. Each is scored on the same DNS-derived control set, so the comparison is apples-to-apples.
See where your own domain stands
The research is free and self-serve. Run the same public checks on your own domain in about a minute — SPF, DKIM, DMARC, MTA-STS, DNSSEC, and more — and get a scored report by email. No agents, no credentials.
Data as of 2026-05-20 from public DNS measurements. Statistics are domain-weighted unless noted. Cargo segment membership is based on FMCSA Company Census cargo flags. Methodology: read the full index.