An independent cybersecurity review across many of California’s largest auto dealerships reveals a wide range of results. Dealerships hold customers’ finance and credit data, yet many show significant vulnerabilities.
Using data from audit.emailmenow.com, we evaluated each dealership’s domain across SPF, DKIM, DMARC, transport security (MTA-STS/TLS), and website security headers.
Cybersecurity Scores of Major California Auto Dealerships
Overall compliance scores from audit.emailmenow.com. Re-run any domain at the link to verify.
| Rank | Dealership Group | Domain | Overall Score | Performance Level |
|---|---|---|---|---|
| 1 | Fletcher Jones Automotive | fletcherjones.com | 70% | Strong |
| 2 | Longo Toyota | longotoyota.com | 60% | Above Average |
| 3 | Niello Company | niello.com | 54% | Average |
| 3 | Keyes Automotive Group | keyescars.com | 54% | Average |
| 5 | Galpin Motors | galpin.com | 44% | Weak |
| 6 | Hansel Auto Group | hansel.com | 38% | Weakest |
| 7 | Rusnak Auto Group | rusnakauto.com | 33% | Weakest |
| 8 | DCH Auto Group | dchauto.com | 30% | Weakest |
What the Results Reveal
- Scores range from 70% (Fletcher Jones) down to 30% — only one California dealer group reaches a strong posture, and most sit below 55%.
- Marquee luxury groups score among the weakest (Rusnak 33%, DCH 30%), exposing high-value deposit and finance traffic.
- Weak email authentication makes it easier for attackers to impersonate the dealership and intercept customer or lender communications.
Why This Matters for Auto Dealerships
Auto dealers are classified as financial institutions under the FTC Safeguards Rule (16 CFR Part 314) and must maintain a documented information security program. Weak email authentication exposes dealers to BEC and wire fraud around vehicle deposits and floor-plan payments.
Check any dealership’s posture at audit.emailmenow.com/?industry=auto-dealers.
See also — national audit
Recommendations
- Enforce DMARC (
p=reject), strict SPF (-all), and DKIM signing. - Add MTA-STS and website security headers.
- Maintain a written information security program and security awareness training for sales and F&I staff.
Protect your dealership and your customers. Run a free Instant Cybersecurity Audit at audit.emailmenow.com/?industry=auto-dealers.
Contact EmailMeNow IT Consulting for help with email security hardening and a documented information security program.
Source & methodology: Overall compliance scores from the free scan at audit.emailmenow.com — each domain checked for email authentication (SPF, DKIM, DMARC), transport security (MTA-STS/TLS), website security headers, and network security. Re-run any domain at the link to verify.