DMARC - the solution to your phishing problems

Email is still an essential business communication tool. It is likely to remain so for the foreseeable future, even with the rise of other communication platforms like Slack, Microsoft Teams, and Basecamp. The way email was initially conceived on the Internet means that it has some easily exploitable security issues.

One of these is the fact that cybercriminals and other malicious actors can spoof email addresses to make them appear to be from reputable organisations when they are not. This opens up businesses to potential malware attacks, phishing attempts, and other data targeting cyber attacks when users open what they think are legitimate emails from trusted organisations. Beyond the data security implications of emails pretending to be from a known organisation, the potential reputational damage to brands due to spoofed email addresses is significant.

DMARC (Domain-based Message Authentication, Reporting & Conformance) is an open standard that allows email sending and receiving domain infrastructure to coordinate email domain checking procedures. Any organisation can implement DMARC, and it is the only sure-fire way that senders can let receivers know that emails are from who they say they are.

Agari are transforming email with their next-generation Secure Email Cloud powered by predictive machine learning. DMARC is an integral part of their vision and solution offering. Agari automates DMARC implementation, simplifying the process of choosing which senders are authorised to send emails on your behalf and reducing the task of maintaining an accurate enforcement policy. If you already use third-party services to send emails on your behalf, like Salesforce, Mailchimp, or HubSpot, then implementing Agari DMARC will ensure that receivers do not block these emails as SPAM. While also protecting your email domain and company brand. See the Agari site for more details on their Secure Email Cloud or contact Renaissance if you want to find out more. Read on for an overview of more Agari DMARC benefits.

The Benefits of DMARC

Many global businesses have seen the benefits that flow from implementing DMARC. Household names such as Netflix, Apple, DHL, Facebook, Citi, Twitter, UPS and many others have implemented DMARC, which now protects a total of 2.5 billion mailboxes worldwide. It is also recommended by governmental organisations such as the UK government plus NIST & Federal Trade Commission in the USA. It should be noted that DMARC needs to be part of a broader comprehensive solution to adequately protect against email domain name spoofing. DMARC on its own will protect against Direct/Same Domain Spoofing, but additional security will be needed to protect against Display Name Spoofing and Look-alike Domain Spoofing. Agari Secure Email Cloud can provide across the board protection.

The benefits of Agari DMARC protection include:

?        Brand Protection - It is a question of when, not if, your business email domain will be used for a cyberattack against other organisations. Whether it’s phishing, malware distribution, or nuisance spam, your brand is harmed when perceived to be associated with these malicious emails.

?        Increased Email Deliverability - Receiving email systems have powerful SPAM filters. They are often very aggressive in what they classify as SPAM. Implementing DMARC allows sending servers to inform receiving servers that the emails are legitimate. This reduces the likelihood that they will be classed as SPAM.

?        Reduced Service Calls - Preventing the use of an email domain to cybercriminals minimises the number of support calls that result from suspicious emails your clients and business partners get. One Agari customer reported that they were able to redeploy 60 support staff after putting DMARC in place.

?        Visibility into Cyber Attack Risk - DMARC allows you to see the volume of third parties sending email using your domain. If they are cybercriminals using the domain, then you can take steps to prevent this use. If they are legitimate third party services that are allowed to send emails on your behalf, then DMARC will give you visibility into their emails to ensure they are complying with email best practices.

?        Business email compromise (BEC) protection - Most people have seen emails pretending to be from the CEO or CFO of your organisation, or a business partner, asking for confidential information. DMARC protects against this often used method of cyberattack.

Conclusion

Implementing DMARC protection for an email domain is an important and necessary part of a modern cybersecurity strategy. It can protect your users, your business partners, and your brand. Agari DMARC allows you to implement the protection you need quickly. It is part of the wider Agari Secure Email Cloud. Using advanced machine learning and real-time intelligence from trillions of emails, the Agari Identity Graph detects, defends, and deters costly email attacks including business email compromise, spear phishing and account takeover. It was the winner of the 2018 Best Email Security Solution by SC Magazine. Contact Renaissance today to find out more.

Norman