Do you know how your company can reduce phishing emails targeting your brand?
Email scams have increased rapidly in recent years. For example, in 2016 a Swedish manufacturer lost SEK 25 million due to this kind of scam. In these cases, criminals impersonate a company executive and send a fake email message to selected employees, tricking them into wiring funds.
Every organization with a domain name should consider using DMARC to help reduce spam and phishing attacks targeting their brand.
How to get started?
Although it technically can take less than an hour to build and publish a DMARC record, it is wise to first engage all teams with a stake in email security (security, marketing, fraud prevention, service desk, system administrators, and others) and then consider deploying DMARC in three steps:
- Monitoring mode
In monitoring mode, you advertise to the Internet that you want all DMARC-compliant email receivers to send you reports on who is sending email from your domain. No emails are flagged, blocked, rejected, or quarantined.
- Quarantine mode
In quarantine mode, suspicious messages are flagged for review. This allows you to identify all internal and authorized email servers and ensure they are configured properly.
- Reject mode
In reject mode, spam and phishing messages are deleted by DMARC -protected email servers. This enhances the trust relationship between emails sent by you and received by DMARC-protected mailboxes.
As a final step, DMARC should be leveraged to detect and mitigate threats since it provides valuable reporting information about the amount and structure of phishing attacks and can help to improve fraud intelligence around targeted attacks on your brand.
For further information, see the Global Cyber Alliance's web site https://dmarc.globalcyberalliance.org/
If News 2/2018 Property
Cyber Risk Engineer