Phishing attacks using a spoofed email address can offer a direct way for hackers to penetrate an enterprise’s network, fooling staff into sharing sensitive data or inadvertently installing malware after clicking on links. Spotting phishing emails may sometimes be simple, but how do you stop your own email domains being used in attacks on others? Read on for some useful advice.
Understanding DMARC
Domain-based Message Authentication, Reporting and Conformance, better known as DMARC, is an authentication protocol for email, reporting and policy. It has been created to assist recipients in authenticating messages sent from a firm’s domain using two different methods of authentication: DKIM and SPF. These two dedicated protocols can verify that a server or IP address sending out an email using a domain have the correct authorisation, and the emails’ contents haven’t been maliciously altered.
Should a received message fail these two checks, DMARC aids the system receiving the email to select whether it is safe to accept it, and creates a log. An email sent from a genuine address connected to a company will be supported by the DMARC protocol, which will let the recipient’s mail server know the message can be trusted. However, if a hacker attempts to use an email address from their own server, which has no authorised connection to a company, the DMARC policy will instruct recipient servers not to accept the email and to log a traceable report stating the message was rejected.
Benefits of setting up a DMARC protocol
By correctly establishing a DMARC policy, you can protect your clients or suppliers from scams, as such recipients are most likely to trust a spoofed message that appears to be issued from your firm. Having a DMARC record can also act as a deterrent to hackers, who are less likely to try spoofing your address. A DMARC protocol can also ensure your mail campaigns reach their destination, with verification helping your missives sidestep spam folders of recipient’s accounts. Finally, a DMARC protocol gives you unique insight, with an overview of how your email domain is utilised.
Additional steps to stop spoofing
Wherever possible, it’s always wise to post only one email address on your site for contact purposes. Listing multiple staff member addresses can lead to high volumes of spam, but also shows the format you use for addresses, making it easier for hackers to spoof and appear legitimate.
Passwords employed to access email accounts should always be strong and differ from passwords used for any other active accounts. Remember that hackers who can access a real email account have no need to fake your address with spoofing tactics.
When you want to sign up for online accounts or a mailing list, it can be useful to adopt a temporary account for this purpose, instead of your main company email address. If obtained and spoofed, your clients or suppliers will be less inclined to believe it is authentic.
Our secure platform at Galaxkey has been designed to empower enterprise employees with the tools to keep email accounts entirely safe from operators seeking to spoof addresses. Contact our professional team for advice today.
