[Sponsored by Return Path from Validity] More than 90% of successful cybercrimes use this simple tool to pull off their crimes — email, or phishing emails to be exact. Cybercriminals are more likely to pull off a successful hack if they get someone to open, read, and click links within emails that are spoofed to look like it was sent from a bank, retailer, or just about any brand.
Education is one of the keys to stopping people from falling victim to a phishing email, but the best way to prevent people from falling victim to an email scam is to prevent the phishing message from being delivered in the first place. Spam filters do a great job of catching most of these messages, but some phishing emails are so well spoofed and crafted, they can fool even the smartest filters.
Email authentication was created to validate that a received email was actually sent by the sender in the “from” line. SPF and DKIM are the two authentication protocols most widely used today. If a received email doesn’t pass one or both authentication checks, email providers, like Gmail for example, used to have no way of determining if the failed message should be blocked, sent to the spam folder or just simply ignored.
To help you get started in creating a DMARC policy, we created the guide “The Insider’s Guide to DMARC”. Setting up DMARC can be complex which is a big reason DMARC adoption is low, but there are other benefits besides stopping phishing, such as BIMI (Brand Indicators for Message Identification) that can display your logo next to your subject line in the inbox. DMARC can also help improve deliverability through consumer trust, and make you feel good about making the internet a safer place for everyone.