Jessica Holland“The best way to stop these [BECs] is to switch on DMARC with the strongest policy (“p=reject”) as default.”
– Phil Muncaster (Infosecurity-Magazine)
Phil Muncaster shares this advice – which could help protect against a Business Email Compromise (BEC) scam – in his article on the uncovering of information that an infamous BEC gang has built up a new targeting database of 8500 financial executives from around the world that they could use for carrying out BEC attacks.
What is DMARC?
DMARC, or Domain-based Message Authentication, Reporting & Conformance, is a protocol that’s used to detect if an email is legitimately from the sender and to prevent it from getting delivered to the recipient. Using this protocol gets the email senders and the recipients to work in a coordinated way to determine if the sender email is legitimate or not.
“Setting a DMARC policy of ‘reject’ provides the strongest protection against spoofed email, ensuring that unauthenticated messages are rejected at the mail server, even before delivery. Additionally, reports provide a mechanism for an agency to become aware of the source an apparent forgery, information that they would not normally receive otherwise.”
For a quick overview, visit this webpage. For an in-depth understanding, we recommend that you visit DMARC’s official website.
Or, watch this video for a general overview:
A word of caution
Though DMARC has most promise to help organizations defend against BEC attacks, it’s still a weak protection against spoofed emails. As per Cofence, it doesn’t protect against the dangerous Man-in-the-Inbox phishing attacks either.
To be exact, DMARC protocol protects by validating exact domains only, and thus doesn’t give us much leverage against other popular forms of BEC attacks, such as display name spoofing and domain impersonation.
And again, all communications with clients who do not adhere to DMARC would remain vulnerable to phishing attacks. But, if your organization is depending only upon secure email gateways (SEGs) to stop malicious emails, you should probably look into DMARC too.
User education remains the most reliable defense against advanced phishing attacks. Only alert and trained users can spot and flag spoofed email addresses and deal with phishing attacks that generate from a compromised email addresses.
Fortunately, there is a new registrar cheap domain names from $0.99
Namecheap exists to help EVERYONE get, make, and achieve more online with less cost, hassle, and headaches. We offer everything you need to get online and thrive, from domains to hosting to security to specialist services and products — all with value built in.
Very Nice. Thanks for Sharing such an amazing article.
Immediately after I at first commented I appear to have clicked the -Notify me when new opinions are included- checkbox and Any further every time a comment is additional I recieve 4 e-mail While using the same remark. Potentially You will find there’s way you could take away me from that service? A lot of thanks!
To the empowerelearning.com Administrator.
Hello empowerelearning.com Owner.
Hi empowerelearning.com admin, Your posts are always well thought out.
Hello empowerelearning.com administrator, Your posts are always interesting.
Hi empowerelearning.com owner, You always provide key takeaways and summaries.
Hello empowerelearning.com owner, Your posts are always informative and well-explained.