Security News

How do I select a DMARC solution for my business?
2020-07-22 05:00

To select a suitable DMARC solution for your business, you need to think about a variety of factors. API Integration with the DMARC solution will allow you to tailor the solution into your enterprise reporting & analysis tools.

DMARC Adoption Spikes, Higher Ed Remains Behind
2020-07-14 14:46

Adoption of the email security protocol DMARC has continued to tick upwards, with the number of domains deploying DMARC records surpassing 1 million in the last two years - a 2.5 times greater total than in 2018. According to Tessian, out of the 60 percent of universities that do have DMARC in place, the DMARC policies have not been set up to quarantine or outright reject any emails from unauthorized senders using its domains.

BofA Phish Gets Around DMARC, Other Email Protections
2020-06-18 13:00

A credential-phishing attempt that relies on impersonating Bank of America has emerged in the U.S. this month, with emails that get around secure gateway protections and heavy-hitting protections like DMARC. The campaign involves emails that ask recipients to update their email addresses, warning users that their accounts could be recycled if this isn't done. "This ensured that the email wasn't caught in the bulk email filters provided by native Microsoft email security or the Secure Email Gateway."

Tax Phishing Campaign Reminds of DMARC Limitations
2020-04-21 18:01

April is a time for tax-related phishing scams, and we haven't been let down this year despite the dominance of COVID-19-themed phishing campaigns. Security firm Abnormal Security discovered a phishing email giving a single day for the recipient to respond and claim an outstanding tax rebate from HMRC for '550.11 GBP'. The email contains an obfuscated link to a webpage masquerading as a Gov.uk page.

Nearly 1 Million Domains Use DMARC, but Only 13% Prevent Email Spoofing
2020-03-05 19:10

Nearly one million domains use DMARC, but only 13% of them are configured to actually prevent email spoofing, according to a report published this week by anti-phishing solutions provider Valimail. DMARC is an email authentication, policy, and reporting protocol designed to detect and prevent email spoofing.

Email domains without DMARC enforcement spoofed nearly 4X as often
2020-03-05 05:00

As of January 2020, nearly 1 million domains have published DMARC records - an increase of 70% compared to last year, and more than 180% growth in the last two years. Just 13% of all DMARC records are configured with enforcement policies, demonstrating that interest in DMARC is increasing but DMARC expertise is not keeping pace.

Number of spoof attempts on domains drops to "near zero" within months of DMARC enforcement
2020-03-04 18:17

In a new study on DMARC usage and success, email cybersecurity company Vailmail found that spoof attempts drop to nearly zero "Within a few months after that domain moves to DMARC enforcement." There has been a steady increase in organizations using Domain-based Message Authentication, Reporting, and Conformance as a security measure against domain spoofing but enforcement continues to be the main struggle for most enterprises. Nearly 80 percent of US federal government domains have DMARC records and of those 93%. These high numbers are due mostly to a Department of Homeland Security directive in 2017 mandating DMARC at enforcement for most executive branch domains by January 2018.

How some presidential campaigns use DMARC to protect their domains from being spoofed
2020-02-20 15:49

DMARC can prevent spammers from using a trusted domain name to send junk mail, a useful tactic for the presidential campaigns and for your organization, according to security provider Valimail.

Threat From Spoofed Emails Grows, While DMARC Implementation Lags
2020-02-13 14:33

Agari's Cyber Intelligence Division, which concentrates on email threat investigations, has found that 60% of employee-reported suspect emails are false positives. Wire transfer scams also increased from 19% to 22%, while payroll diversion scams fell from around 25% to 16%. There is another shift within the fraudulent emails.

How some presidential campaigns use DMARC to protect their domains from being spoofed
2020-02-10 18:46

DMARC can prevent spammers from using a trusted domain name to send junk mail, a useful tactic for the presidential campaigns and for your organization, according to security provider Valimail. Owners of legitimate domains can protect their names from being spoofed in junk mail through Domain-based Message Authentication, Reporting & Conformance, a type of authentication that verifies email messages by checking the sender's domain.