Who is Using Your Domain for Phishing & Spam? A DMARC Overview

Who is using your domain for phishing & spam?

E-mail Authentication

DMARC Compass™

Dan Ingevaldson

CTO

Email is a mission-critical communication channel for most companies.

Over 205 billion emails are sent and received every day (112.5 billion business emails).¹

Email has also become an untrusted channel. Thanks to spam and phishing scams, users are taught to be wary of incoming messages.

59.2%

2015 Proportion of Spam in Email²

Spam

97% of people globally are unable to correctly identify phishing emails³

This lack of trust impacts a company’s ability to effectively communicate, market, and sell to customers via email.

In 2014, email ROI reached

2,500%.⁴

(Domain Message Authentication, Reporting and Conformance)

DMARC

…stands to change all that.

DMARC • Provides visibility into email flows

• Tells receiving servers to delete spoofed messages

immediately upon receipt

• Ensures only legitimate emails are delivered to

inboxes

Getting started with DMARC is easy. Any email sender and receiver can use the DMARC rails provided by the global community.

Free use of the rails provides access to the critical, raw reporting data that helps you see who is sending email and who is spoofing your brand.

Can be deployed in Monitor, Quarantine or Reject mode.

DMARC

MonitorA domain owner can begin using DMARC in "monitor mode" to collect data from participating receivers.

QuarantineAs the data shows that their legitimate traffic is passing authentication checks, they can change their policy to request that failing messages be quarantined.

RejectAs they grow confident that no legitimate messages are being incorrectly quarantined, they can move to a "reject" policy.

It is impossible for spoofed email to be delivered to DMARC-protected email servers.

“DMARC protects more than 85% of the people who receive and send e-mail from Facebook”

Michael Adkins, Facebook

“Implementing DMARC stopped nearly 25 million attempted attacks on our customers during the 2013 holiday season alone”Trent Adams, PayPay / Ebay, Chair of DMARC.org

Does it work?

The DMARC Standard DMARC is an IETF Draft Specification that allows email receivers

to determine if an email is authentic and what to do if it is not

DMARC Compass™ a comprehensive tool that provides clear visibility into your e-mail delivery environment

What is needed for Complete Visibility?

Putting DMARC into Context

% of Incidents from DMARC?

<20%Hacked

Sites

Social Media

FraudulentDomains

DMARC

Malware/Mobile Apps

Non-spoofed Phish

Active Monitoring

DMARC on its own is not a complete fraud strategy – but anything that provides some visibility is a win. Make sure that you have other layers in place to protect against these other threats.

Proactive Threat Detection and Takedown

18

DMARC Compass™

Detect Monitoring Service™

Threat Reduction

Attack Deactivation

Why from Easy Solutions?

19

* 2014, Top 40 US Bank

Differentiators Initiate server takedowns backed by 24/7/365 Security Operations Center

Full Restful API to leverage Compass data elsewhere in your stack

Customized reporting for analytics

Shares intelligence with the rest of our products

Determine your server policies through Compass ExplorerDeploy DNS TXT recordMonitor results in Compass portalAuthorize, deauthorize servers as they are identifiedMigrate DNS policies for stricter e-mail handling

Deployment

Learn more: DMARC CompassContact us: [email protected]

Sources:1. http://

www.radicati.com/wp/wp-content/uploads/2015/02/Email-Statistics-Report-2015-2019-Executive-Summary.pdf

2. https://securelist.com/analysis/quarterly-spam-reports/69932/spam-and-phishing-in-the-first-quarter-of-2015/

3. http://www.information-age.com/technology/security/123459514/think-you-can-spot-scam-97-people-wouldnt-know-phishing-email-if-it-hooked-them

4. http://www.cmo.com/articles/2015/1/6/15_stats_marketing_ROI.html