Your cart is currently empty!
Stop Fraudulent Emails – Implement DMARC
Domain-based Message Authentication, Reporting & Conformance (DMARC)
If you’ve ever been the victim of a phishing scam or gotten an email from someone impersonating an acquaintance or loved one, you will know why you should have Domain-based Message Authentication, Reporting & Conformance (DMARC) in place to protect your business. While many people are aware of these types of attacks and can detect one just by looking at the correspondence, all it takes is one individual to let down their guard and open the door to a cybercriminal.
Email impersonation attacks are often successful. They involve sending an email to an individual or small group in an organisation with a plausible request. The sender of the message is spoofed so the email appears to have been sent from a known individual or company
What is DMARC?
DMARC is an added layer of security for email that helps prevent email address impersonation and spoofing attacks by giving email receivers a consistent method to check identity of email. These attacks are typically used by cybercriminals with the objective of either stealing private information or coercing the individual into performing an activity for them, such as processing an invoice or resetting a password. Owing to the reliance that is placed on an emails ‘FROM:’ address, cybercriminals are capitalising on this by impersonating the address you trust in an email directed to you.
DMARC is a technical specification that effectively stops exact-domain spoofing and phishing attacks by preventing unauthorised use of a domain in the “From” address of email messages.
So for example, you work for a company called TrustCorp and the company emails are structured as ‘[email protected]’. Also, your organisation has an awareness programme that includes phishing awareness, so you already know not to respond to emails that are trying to look similar to your domain name, such as ‘@trustc0rp.com” or “@tru5tcorp.com”.
However, without a properly configured DMARC implementation, a cybercriminal could still send you an email as ‘@trustcorp.com’ – Therefore, you could still receive an email from ‘[email protected]’ with an urgent request.
Also, without a properly configured DMARC implementation, a cybercriminal could still send an email to your customers as ‘[email protected]’ to inform them that the bank details have changed.
DMARC combats this by allowing email senders and receivers to cooperate in sharing information about the email they sent to each other. This information helps senders improve the email authentication infrastructure so that all of their mail can be authenticated. Additionally, DMARC gives the legitimate owner of an email address a method to disregard spoofed messages, spam, and phishing communication directly into their spam folder, or even stop them from being delivered.
Why Should I Enable a DMARC Policy?
DMARC has two aspects. It prevents spoofing of your domain, which is great, but the more valuable aspect is that it authenticates your legitimate emails and prioritizes delivery into the recipients’ inbox. If you implement DMARC, it is more likely that your genuine marketing emails will be delivered into the inbox rather than into the Junk Mail folder. DMARC can make marketing campaigns and genuine emails far more effective, which means a greater Return On Investment (ROI). If marketing emails are delivered, there is a greater chance they’ll be read and this allows a better chance of peaking interest.
Most companies aren’t using technology effectively to combat phishing, and this is contributing to a growing distrust in email.
The prevalence of fraud and phishing online has caused problems for everyone with any sort of online presence. All it takes is a believable message and cybercriminals can compromise user accounts, steal passwords, access financial information, and much more. It’s too easy to spoof an email, one proven way to get results is by using a well-known email to the user that won’t look out of place.
A DMARC policy allows a sender to specify that their message is protected by a Sender Policy Framework (SPF). It can also state that it is a DomainKeys Identified Message (DKIM). In both cases, the DMARC will realise that the message is legitimate and allow it to pass to the inbox. If either of those authentication methods fails, the receiver will be warned in some way, either by the email going directly into the junk file or by being rejected entirely.
Give Me the Technical Details
DMARC builds up two existing technologies that are used to associate a piece of email with a domain – These technologies have been around for many years and can stand independently from DMARC.
- Checks where the email comes from
- “Path Based” – (RFC 7208)
- Authorised servers published via DNS
- Forwarding breaks SPF
- Checks the content of the email
- “Signature based” – (RFC 6376)
- Public keys published via DNS
- Can survive forwarding
Identifier Alignment checks for a positive signal from either of the above records and further checks them against the email FROM Headers
In summary, SPF and DKIM are used to generate Domain-Level Identifiers and DMARC ties those results to the FROM Header in an email – Referred to as Identifier Alignment.
How CyberSec Can Help?
Adopting DMARC also has a flow-on effect to other areas of your business. As well as reducing internal fraud, implementing DMARC can also stop fraudulent emails from being delivered to your customers. By stopping criminals from spoofing your legitimate domain, it lessens the success rate of spear-phishing attacks (where a criminal spoofs a CFO’s email address to send financial transaction instructions to payroll staff). – If someone tries to spoof a domain with DMARC, the email simply won’t be delivered. DMARC also stops criminals from domain-spoofing to send outgoing phishing emails to the masses. Implementing DMARC can preserve your brand equity, eliminate customer support costs related to email fraud, and make email an effective communication method again, which is something that is seriously lacking at the moment.
Our team is fully capable of assisting with and implementing an end-to-end DMARC protection for your business’s email address. This will ensure that you are given the highest possible protection from cybercriminals using your name (domain name) to scam users. Our team can work with you to secure your business’s email communications.