The United Kingdom may have the most forward looking policies and deployment plans of any major government. Last week Chancellor of the Exchequer Philip Hammond announced a £1.9 billion national cyber security strategy that includes a broad series of measures, and will continue a series of improvements in email security that the UK government has […]
In July the Australian Signals Directorate, part of the Department of Defence, and the Australian Cyber Security Centre issued a report for IT professionals titled, Malicious Email Mitigation Strategies. The report recommends the most effective methods of protecting organizations from email-borne attacks, and includes deploying DKIM, DMARC, and SPF. Furthermore it recommends using DMARC with […]
Businesses and other organizations can protect themselves from certain classes of phishing attacks on their employees by using DMARC to filter incoming email messages. But whether the company is large or small, they usually don’t have the expertise or resources to build their own filtering solution. That’s why commercial email gateways that support DMARC are […]
Berkeley, California – February 16, 2016 – As DMARC enters its fifth year as an open standard, leading organizations increasingly rely on Domain-based Authentication, Reporting & Conformance (DMARC) to protect their customers from email fraud that impersonates their domains. In 2016, DMARC.org will continue to promote increased use of email authentication to protect consumers, and advocate the […]
NBC morning television show The Today Show featured some basic, consumer-friendly tips on identifying and avoiding phishing scams on their November 16th show. Developed in partnership with security firm ESET, they also added an interactive quiz on their website. You can find both items by following this URL: http://www.today.com/money/test-your-phish-spotting-skills-fun-quiz-t55891 Hopefully this is something even security […]
Last year AOL and Yahoo curtailed massive email-borne abuse of their customers by deploying strict DMARC policies on their marquee domains. Recently Yahoo announced that they would be extending that policy to more of their domains as soon as November.
The more popular a website is, the more likely the average consumer is to trust a fraudulent message that impersonates that website’s Internet domain. One might expect that the websites at the top of the list employ email authentication to protect against that possibility, but what about sites further down the list? This piece will […]
A recent Trend Micro blog post suggests that the bad actors behind a current ransomware campaign are using email authentication and DMARC to make their messages more effective. One online article citing the post even includes a headline that incorrectly suggests that DMARC somehow enables the malware to bypass filters – which it assuredly does […]
On February 12th Kaspersky Labs published a report titled “Financial cyberthreats in 2014.” This report takes a broad view of malware and email-based attacks on financial institutions and/or their customers. It notes some broad trends, like an almost 6% decrease in phishing attacks against banks, and that the number of malware attacks involving Bitcoin mining […]
You might expect that the IT department or security team knows who’s sending email using your company’s domains. But for a variety of reasons these groups are often unaware of many legitimate senders — not to mention all the bad actors. Fortunately you can get a more complete view by using DMARC‘s reporting features.