A battle against email phishing

4th August 2021

Even with training being offered in many companies to help prevent it, fraud and phishing is still a huge security threat to many businesses. It is often very hard to spot with a lot of the attackers becoming craftier with their methods and these attacks are leaving a lot of companies crippled either financially or by having their brand and reputation tarnished.  

However, steps are being made to help try to minimise the amount of people that are being caught out by these attacks. Domain-based Message Authentication & Conformance (DMARC) is a process that manages a user’s email inbox to ensure that only verified contacts can reach their inbox. It’s designed to fit in with already existing authentication processes meaning it will not interfere with them but just add another layer of security. 

There is a 3-step process: 

  1. Authentication and alignment: For this to work as well as it can, the organisation in question will need to already use Sender Policy Framework (SPF) and Domain Keys Identified Mail (DKIM). SPF is used to prevent spammers from sending emails, claiming to be from an organisation that they are not part of. DKIM uses a digital signature to allow the receiver to verify the email was sent and authorized by the owner of that domain.  
  1. Reporting: DMARC provides information about the authentication of the messages and the sender that are trying to reach the users inbox. This information includes the source the message was sent from, the date the message was sent, the number of messages that were sent, the domain used to send them and the IP address of the sender. It will produce reports and using these the user can see which emails have been authenticated against DKIM and SPF and which have not.  
  1. Conformance: This means that the policies and message handling will be placed in the hands of the domain owner. They may choose to delete suspicious emails immediately or they could quarantine them instead. With a lot of tweaking to policies, senders and receivers can reject unauthorised messages.  

DMARC can really help organisations to reduce the risk of falling victim to phishing and scams, but it can also offer companies a lot more, especially in the hands of a capable domain owner. If you have any questions regarding how it could benefit your company, please contact us.  

Photo by Torsten Dettlaff from Pexels