DMARC Adoption Spikes, Higher Ed Remains Behind

2020-07-14 14:46

Adoption of the email security protocol DMARC has continued to tick upwards, with the number of domains deploying DMARC records surpassing 1 million in the last two years - a 2.5 times greater total than in 2018.

According to Tessian, out of the 60 percent of universities that do have DMARC in place, the DMARC policies have not been set up to quarantine or outright reject any emails from unauthorized senders using its domains.

"Without DMARC records in place, or without having DMARC policies set at the strictest settings, hackers can easily impersonate a university's email domain in phishing campaigns, convincing their targets that they are opening a legitimate email from a fellow student, professor or administrator at their university," explained Maddie Rosenthal, researcher at Tessian, in a recent posting.

As email threats continue and DMARC awareness grows at companies, cybercriminals are also getting savvy - and are pioneering ways to take advantage of those without adequate DMARC protection.

"With implementation of LetsEncrypt or by purchasing a certificate for a legitimate domain, there is no way to know if it's bad or good from DMARC alone. DMARC can be used with a host of other tools and features like SPF , DKIM , reputation, spam filters, and the like, to actually stop malicious emails."

News URL

https://threatpost.com/dmarc-adoption-spikes-higher-ed-remains-behind/157413/

#dmarc #spike