Who is Using Your Domain for Phishing & Spam? A DMARC Overview

•

1 like•946 views

DMARC Compass™ is a comprehensive tool that provides clear visibility into your e-mail delivery environment. Email is a mission critical channel for most companies, but it has also become a major source of distrust. Most major attacks still use email as a launching pad, and users are taught to be wary of incoming messages. This lack of trust effects your ability to effectively communicate, market and sell via email! DMARC (Domain Message Authentication Reporting and Conformance) stands to change all that by providing visibility into email flows, telling email receivers to delete spoofed messages, and ensuring that only legitimate emails are delivered to inboxes from protected domains. In this presentation, we will cover: - The importance of building trust in your email communications - How to shine a light on all your email servers using the DMARC rails - The best way to consolidate, visualize and make sense of DMARC reporting data Watch the replay here: http://www.easysol.net/resources-who-is-using-your-domain

Technology

Who is using your domain for phishing & spam?
DMARC Compass™
Dan Ingevaldson
CTO

Email is a mission-critical communication channel for most
companies.
Over 205billion emails are sent and received every day (112.5
billion business emails).¹

Email has also become an untrusted channel.
Thanks to spam and phishing scams, users are
taught to be wary of incoming messages.
59.2%
2015 Proportion of Spam in Email²
Spam
97% of people globally are unable
to correctly identify phishing
emails³

This lack of trust impacts a company’s ability to
effectively communicate, market, and sell to
customers via email.
In 2014, email ROI reached 2,500%.⁴

(Domain MessageAuthentication, Reporting and Conformance)
DMARC
…stands to change all that.

DMARC
• Provides visibility into email flows
• Tells receiving servers to delete spoofed messages immediately
upon receipt
• Ensures only legitimate emails are delivered to inboxes

Getting started with DMARC
is easy. Any email sender and
receiver can use the DMARC
rails provided by the global
community.

Can be deployed in Monitor,Quarantine or Reject mode.
DMARC

Monitor
A domain owner can begin using DMARC in "monitor mode" to
collect data from participating receivers.

Quarantine
As the data shows that their legitimate traffic is passing authentication
checks, they can change their policy to request that failing messages
be quarantined.

Reject
As they grow confident that no
legitimate messages are being
incorrectly quarantined, they can
move to a "reject" policy.

It is impossible for spoofed email to be delivered
to DMARC-protected email servers.

“DMARC protects more than 85% of the people who
receive and send e-mail from Facebook”
Michael Adkins, Facebook
“Implementing DMARC stopped nearly 25 million
attempted attacks on our customers during the 2013
holiday season alone” Trent Adams, PayPay / Ebay, Chair of DMARC.org
Does it work?

The DMARC Standard
DMARC is an IETF Draft Specification that allows email receivers to determine if
an email is authentic and what to do if it is not

DMARC Compass™ a comprehensive tool that provides clear
visibility into your e-mail delivery environment

What is needed forCompleteVisibility?
Putting DMARC into Context
% of Incidents from DMARC?
<20%
Hacked
Sites
Social Media
Fraudulent
Domains
DMARC
Malware/MobileApps
Non-spoofed Phish
Active Monitoring
DMARC on its own is not a complete fraud strategy – but anything that provides some visibility is a win.
Make sure that you have other layers in place to protect against these other threats.

ProactiveThreat Detection andTakedown
18
DMARC Compass™
Detect Monitoring Service™
Threat Reduction
Attack Deactivation

Why from Easy Solutions?
19
* 2014, Top 40 US Bank

Differentiators Initiate server takedowns backed
by 24/7/365 Security Operations
Center
Full Restful API to leverage
Compass data elsewhere in your
stack
Customized reporting for
analytics
Shares intelligence with the rest
of our products

Determine your server policies through Compass Explorer
Deploy DNSTXT record
Monitor results in Compass portal
Authorize, deauthorize servers as they are identified
Migrate DNS policies for stricter e-mail handling
Deployment

Learn more: DMARC Compass
Contact us: info@easysol.net

Sources:
1. http://www.radicati.com/wp/wp-content/uploads/2015/02/Email-Statistics-Report-2015-2019-Executive-
Summary.pdf
2. https://securelist.com/analysis/quarterly-spam-reports/69932/spam-and-phishing-in-the-first-quarter-of-
2015/
3. http://www.information-age.com/technology/security/123459514/think-you-can-spot-scam-97-people-
wouldnt-know-phishing-email-if-it-hooked-them
4. http://www.cmo.com/articles/2015/1/6/15_stats_marketing_ROI.html

Recently uploaded

Created by Mozilla Research in 2012 and now part of Linux Foundation Europe, the Servo project is an experimental rendering engine written in Rust. It combines memory safety and concurrency to create an independent, modular, and embeddable rendering engine that adheres to web standards. Stewardship of Servo moved from Mozilla Research to the Linux Foundation in 2020, where its mission remains unchanged. After some slow years, in 2023 there has been renewed activity on the project, with a roadmap now focused on improving the engine’s CSS 2 conformance, exploring Android support, and making Servo a practical embeddable rendering engine. In this presentation, Rakhi Sharma reviews the status of the project, our recent developments in 2023, our collaboration with Tauri to make Servo an easy-to-use embeddable rendering engine, and our plans for the future to make Servo an alternative web rendering engine for the embedded devices industry. (c) Embedded Open Source Summit 2024 April 16-18, 2024 Seattle, Washington (US) https://events.linuxfoundation.org/embedded-open-source-summit/ https://ossna2024.sched.com/event/1aBNF/a-year-of-servo-reboot-where-are-we-now-rakhi-sharma-igalia

A Year of the Servo Reboot: Where Are We Now?

Igalia

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

apidays

Abhishek Deb(1), Mr Abdul Kalam(2) M. Des (UX) , School of Design, DIT University , Dehradun. This paper explores the future potential of AI-enabled smartphone processors, aiming to investigate the advancements, capabilities, and implications of integrating artificial intelligence (AI) into smartphone technology. The research study goals consist of evaluating the development of AI in mobile phone processors, analyzing the existing state as well as abilities of AI-enabled cpus determining future patterns as well as chances together with reviewing obstacles as well as factors to consider for more growth.

Exploring the Future Potential of AI-Enabled Smartphone Processors

debabhi2

Following the popularity of "Cloud Revolution: Exploring the New Wave of Serverless Spatial Data," we're thrilled to announce this much-anticipated encore webinar. In this sequel, we'll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you're building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Safe Software

GenAI Risks & Security Meetup 01052024.pdf

lior mazor

MINDCTI Revenue Release Quarter One 2024

MIND CTI

Scaling API-first – The story of a global engineering organization

Radu Cotescu

A Domino Admins Adventures (Engage 2024)

Gabriella Davis

Axa Assurance Maroc - Insurer Innovation Award 2024

The Digital Insurer

With more memory available, system performance of three Dell devices increased, which can translate to a better user experience Conclusion When your system has plenty of RAM to meet your needs, you can efficiently access the applications and data you need to finish projects and to-do lists without sacrificing time and focus. Our test results show that with more memory available, three Dell PCs delivered better performance and took less time to complete the Procyon Office Productivity benchmark. These advantages translate to users being able to complete workflows more quickly and multitask more easily. Whether you need the mobility of the Latitude 5440, the creative capabilities of the Precision 3470, or the high performance of the OptiPlex Tower Plus 7010, configuring your system with more RAM can help keep processes running smoothly, enabling you to do more without compromising performance.

Boost PC performance: How more available memory can improve productivity

Principled Technologies

A Principled Technologies deployment guide Conclusion Deploying VMware Cloud Foundation 5.1 on next gen Dell PowerEdge servers brings together critical virtualization capabilities and high-performing hardware infrastructure. Relying on our hands-on experience, this deployment guide offers a comprehensive roadmap that can guide your organization through the seamless integration of advanced VMware cloud solutions with the performance and reliability of Dell PowerEdge servers. In addition to the deployment efficiency, the Cloud Foundation 5.1 and PowerEdge solution delivered strong performance while running a MySQL database workload. By leveraging VMware Cloud Foundation 5.1 and PowerEdge servers, you could help your organization embrace cloud computing with confidence, potentially unlocking a new level of agility, scalability, and efficiency in your data center operations.

Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...

Principled Technologies

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

panagenda

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

Partners Life - Insurer Innovation Award 2024

The Digital Insurer

Tata AIG General Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Product Anonymous

Recently uploaded (20)

A Year of the Servo Reboot: Where Are We Now?

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Exploring the Future Potential of AI-Enabled Smartphone Processors

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

GenAI Risks & Security Meetup 01052024.pdf

MINDCTI Revenue Release Quarter One 2024

Scaling API-first – The story of a global engineering organization

A Domino Admins Adventures (Engage 2024)

Axa Assurance Maroc - Insurer Innovation Award 2024

Boost PC performance: How more available memory can improve productivity

Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...

Strategies for Landing an Oracle DBA Job as a Fresher

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

Boost Fertility New Invention Ups Success Rates.pdf

Why Teams call analytics are critical to your entire business

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Partners Life - Insurer Innovation Award 2024

Tata AIG General Insurance Company - Insurer Innovation Award 2024

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Featured

Mental health has been in the news quite a bit lately. Dozens of U.S. states are currently suing Meta for contributing to the youth mental health crisis by inserting addictive features into their products, while the U.S. Surgeon General is touring the nation to bring awareness to the growing epidemic of loneliness and isolation. The country has endured periods of low national morale, such as in the 1970s when high inflation and the energy crisis worsened public sentiment following the Vietnam War. The current mood, however, feels different. Gallup recently reported that national mental health is at an all-time low, with few bright spots to lift spirits. To better understand how Americans are feeling and their attitudes towards mental health in general, ThinkNow conducted a nationally representative quantitative survey of 1,500 respondents and found some interesting differences among ethnic, age and gender groups. Technology For example, 52% agree that technology and social media have a negative impact on mental health, but when broken out by race, 61% of Whites felt technology had a negative effect, and only 48% of Hispanics thought it did. While technology has helped us keep in touch with friends and family in faraway places, it appears to have degraded our ability to connect in person. Staying connected online is a double-edged sword since the same news feed that brings us pictures of the grandkids and fluffy kittens also feeds us news about the wars in Israel and Ukraine, the dysfunction in Washington, the latest mass shooting and the climate crisis. Hispanics may have a built-in defense against the isolation technology breeds, owing to their large, multigenerational households, strong social support systems, and tendency to use social media to stay connected with relatives abroad. Age and Gender When asked how individuals rate their mental health, men rate it higher than women by 11 percentage points, and Baby Boomers rank it highest at 83%, saying it’s good or excellent vs. 57% of Gen Z saying the same. Gen Z spends the most amount of time on social media, so the notion that social media negatively affects mental health appears to be correlated. Unfortunately, Gen Z is also the generation that’s least comfortable discussing mental health concerns with healthcare professionals. Only 40% of them state they’re comfortable discussing their issues with a professional compared to 60% of Millennials and 65% of Boomers. Race Affects Attitudes As seen in previous research conducted by ThinkNow, Asian Americans lag other groups when it comes to awareness of mental health issues. Twenty-four percent of Asian Americans believe that having a mental health issue is a sign of weakness compared to the 16% average for all groups. Asians are also considerably less likely to be aware of mental health services in their communities (42% vs. 55%) and most likely to seek out information on social media (51% vs. 35%).

How Race, Age and Gender Shape Attitudes Towards Mental Health

ThinkNow

AI Trends in Creative Operations 2024 by Artwork Flow.pdf

marketingartwork

Skeleton Culture Code

Skeleton Technologies

PEPSICO Presentation to CAGNY Conference Feb 2024

Neil Kimberley

Content Methodology: A Best Practices Report (Webinar)

contently

How to Prepare For a Successful Job Search for 2024

Albert Qian

A report by thenetworkone and Kurio. The contributing experts and agencies are (in an alphabetical order): Sylwia Rytel, Social Media Supervisor, 180heartbeats + JUNG v MATT (PL), Sharlene Jenner, Vice President - Director of Engagement Strategy, Abelson Taylor (USA), Alex Casanovas, Digital Director, Atrevia (ES), Dora Beilin, Senior Social Strategist, Barrett Hoffher (USA), Min Seo, Campaign Director, Brand New Agency (KR), Deshé M. Gully, Associate Strategist, Day One Agency (USA), Francesca Trevisan, Strategist, Different (IT), Trevor Crossman, CX and Digital Transformation Director; Olivia Hussey, Strategic Planner; Simi Srinarula, Social Media Manager, The Hallway (AUS), James Hebbert, Managing Director, Hylink (CN / UK), Mundy Álvarez, Planning Director; Pedro Rojas, Social Media Manager; Pancho González, CCO, Inbrax (CH), Oana Oprea, Head of Digital Planning, Jam Session Agency (RO), Amy Bottrill, Social Account Director, Launch (UK), Gaby Arriaga, Founder, Leonardo1452 (MX), Shantesh S Row, Creative Director, Liwa (UAE), Rajesh Mehta, Chief Strategy Officer; Dhruv Gaur, Digital Planning Lead; Leonie Mergulhao, Account Supervisor - Social Media & PR, Medulla (IN), Aurelija Plioplytė, Head of Digital & Social, Not Perfect (LI), Daiana Khaidargaliyeva, Account Manager, Osaka Labs (UK / USA), Stefanie Söhnchen, Vice President Digital, PIABO Communications (DE), Elisabeth Winiartati, Managing Consultant, Head of Global Integrated Communications; Lydia Aprina, Account Manager, Integrated Marketing and Communications; Nita Prabowo, Account Manager, Integrated Marketing and Communications; Okhi, Web Developer, PNTR Group (ID), Kei Obusan, Insights Director; Daffi Ranandi, Insights Manager, Radarr (SG), Gautam Reghunath, Co-founder & CEO, Talented (IN), Donagh Humphreys, Head of Social and Digital Innovation, THINKHOUSE (IRE), Sarah Yim, Strategy Director, Zulu Alpha Kilo (CA).

Social Media Marketing Trends 2024 // The Global Indie Insights

Kurio // The Social Media Age(ncy)

The search marketing landscape is evolving rapidly with new technologies, and professionals, like you, rely on innovative paid search strategies to meet changing demands. It’s important that you’re ready to implement new strategies in 2024. Check this out and learn the top trends in paid search advertising that are expected to gain traction, so you can drive higher ROI more efficiently in 2024. You’ll learn: - The latest trends in AI and automation, and what this means for an evolving paid search ecosystem. - New developments in privacy and data regulation. - Emerging ad formats that are expected to make an impact next year. Watch Sreekant Lanka from iQuanti and Irina Klein from OneMain Financial as they dive into the future of paid search and explore the trends, strategies, and technologies that will shape the search marketing landscape. If you’re looking to assess your paid search strategy and design an industry-aligned plan for 2024, then this webinar is for you.

Trends In Paid Search: Navigating The Digital Landscape In 2024

Search Engine Journal

From their humble beginnings in 1984, TED has grown into the world’s most powerful amplifier for speakers and thought-leaders to share their ideas. They have over 2,400 filmed talks (not including the 30,000+ TEDx videos) freely available online, and have hosted over 17,500 events around the world. With over one billion views in a year, it’s no wonder that so many speakers are looking to TED for ideas on how to share their message more effectively. The article “5 Public-Speaking Tips TED Gives Its Speakers”, by Carmine Gallo for Forbes, gives speakers five practical ways to connect with their audience, and effectively share their ideas on stage. Whether you are gearing up to get on a TED stage yourself, or just want to master the skills that so many of their speakers possess, these tips and quotes from Chris Anderson, the TED Talks Curator, will encourage you to make the most impactful impression on your audience. See the full article and more summaries like this on SpeakerHub here: https://speakerhub.com/blog/5-presentation-tips-ted-gives-its-speakers See the original article on Forbes here: http://www.forbes.com/forbes/welcome/?toURL=http://www.forbes.com/sites/carminegallo/2016/05/06/5-public-speaking-tips-ted-gives-its-speakers/&refURL=&referrer=#5c07a8221d9b

5 Public speaking tips from TED - Visualized summary

SpeakerHub

Everyone is in agreement that ChatGPT (and other generative AI tools) will shape the future of work. Yet there is little consensus on exactly how, when, and to what extent this technology will change our world. Businesses that extract maximum value from ChatGPT will use it as a collaborative tool for everything from brainstorming to technical maintenance. For individuals, now is the time to pinpoint the skills the future professional will need to thrive in the AI age. Check out this presentation to understand what ChatGPT is, how it will shape the future of work, and how you can prepare to take advantage.

ChatGPT and the Future of Work - Clark Boyd

Clark Boyd

Getting into the tech field. what next

Tessa Mero

Google's Just Not That Into You: Understanding Core Updates & Search Intent

Lily Ray

How to have difficult conversations

Rajiv Jayarajah, MAppComm, ACC

Introduction to Data Science

Christy Abraham Joy

Time Management & Productivity - Best Practices

Vit Horky

The six step guide to practical project management If you think managing projects is too difficult, think again. We’ve stripped back project management processes to the basics – to make it quicker and easier, without sacrificing the vital ingredients for success. “If you’re looking for some real-world guidance, then The Six Step Guide to Practical Project Management will help.” Dr Andrew Makar, Tactical Project Management

The six step guide to practical project management

MindGenius

Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...

RachelPearson36

During this webinar, Anand Bagmar demonstrates how AI tools such as ChatGPT can be applied to various stages of the software development life cycle (SDLC) using an eCommerce application case study. Find the on-demand recording and more info at https://applitools.info/b59 Key takeaways: • Learn how to use ChatGPT to add AI power to your testing and test automation • Understand the limitations of the technology and where human expertise is crucial • Gain insight into different AI-based tools • Adopt AI-based tools to stay relevant and optimize work for developers and testers * ChatGPT and OpenAI belong to OpenAI, L.L.C.

Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...

Applitools

12 Ways to Increase Your Influence at Work

GetSmarter

ChatGPT webinar slides

Alireza Esmikhani

Featured (20)

How Race, Age and Gender Shape Attitudes Towards Mental Health

AI Trends in Creative Operations 2024 by Artwork Flow.pdf

Skeleton Culture Code

PEPSICO Presentation to CAGNY Conference Feb 2024

Content Methodology: A Best Practices Report (Webinar)

How to Prepare For a Successful Job Search for 2024

Social Media Marketing Trends 2024 // The Global Indie Insights

Trends In Paid Search: Navigating The Digital Landscape In 2024

5 Public speaking tips from TED - Visualized summary

ChatGPT and the Future of Work - Clark Boyd

Getting into the tech field. what next

Google's Just Not That Into You: Understanding Core Updates & Search Intent

How to have difficult conversations

Introduction to Data Science

Time Management & Productivity - Best Practices

The six step guide to practical project management

Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...

Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...

12 Ways to Increase Your Influence at Work

ChatGPT webinar slides

Who is Using Your Domain for Phishing & Spam? A DMARC Overview

1. Who is using your domain for phishing & spam? DMARC Compass™ Dan Ingevaldson CTO

2. Email is a mission-critical communication channel for most companies. Over 205billion emails are sent and received every day (112.5 billion business emails).¹

3. Email has also become an untrusted channel. Thanks to spam and phishing scams, users are taught to be wary of incoming messages. 59.2% 2015 Proportion of Spam in Email² Spam 97% of people globally are unable to correctly identify phishing emails³

4. This lack of trust impacts a company’s ability to effectively communicate, market, and sell to customers via email. In 2014, email ROI reached 2,500%.⁴

5. (Domain MessageAuthentication, Reporting and Conformance) DMARC …stands to change all that.

6. DMARC • Provides visibility into email flows • Tells receiving servers to delete spoofed messages immediately upon receipt • Ensures only legitimate emails are delivered to inboxes

7. Getting started with DMARC is easy. Any email sender and receiver can use the DMARC rails provided by the global community.

8. Free use of the rails provides access to the critical, raw reporting data that helps you see who is sending email and who is spoofing your brand.

9. Can be deployed in Monitor,Quarantine or Reject mode. DMARC

10. Monitor A domain owner can begin using DMARC in "monitor mode" to collect data from participating receivers.

11. Quarantine As the data shows that their legitimate traffic is passing authentication checks, they can change their policy to request that failing messages be quarantined.

12. Reject As they grow confident that no legitimate messages are being incorrectly quarantined, they can move to a "reject" policy.

13. It is impossible for spoofed email to be delivered to DMARC-protected email servers.

14. “DMARC protects more than 85% of the people who receive and send e-mail from Facebook” Michael Adkins, Facebook “Implementing DMARC stopped nearly 25 million attempted attacks on our customers during the 2013 holiday season alone” Trent Adams, PayPay / Ebay, Chair of DMARC.org Does it work?

15. The DMARC Standard DMARC is an IETF Draft Specification that allows email receivers to determine if an email is authentic and what to do if it is not

16. DMARC Compass™ a comprehensive tool that provides clear visibility into your e-mail delivery environment

17. What is needed forCompleteVisibility? Putting DMARC into Context % of Incidents from DMARC? <20% Hacked Sites Social Media Fraudulent Domains DMARC Malware/MobileApps Non-spoofed Phish Active Monitoring DMARC on its own is not a complete fraud strategy – but anything that provides some visibility is a win. Make sure that you have other layers in place to protect against these other threats.

18. ProactiveThreat Detection andTakedown 18 DMARC Compass™ Detect Monitoring Service™ Threat Reduction Attack Deactivation

19. Why from Easy Solutions? 19 * 2014, Top 40 US Bank

20. Differentiators Initiate server takedowns backed by 24/7/365 Security Operations Center Full Restful API to leverage Compass data elsewhere in your stack Customized reporting for analytics Shares intelligence with the rest of our products

21. Determine your server policies through Compass Explorer Deploy DNSTXT record Monitor results in Compass portal Authorize, deauthorize servers as they are identified Migrate DNS policies for stricter e-mail handling Deployment

22. Learn more: DMARC Compass Contact us: info@easysol.net

23. Sources: 1. http://www.radicati.com/wp/wp-content/uploads/2015/02/Email-Statistics-Report-2015-2019-Executive- Summary.pdf 2. https://securelist.com/analysis/quarterly-spam-reports/69932/spam-and-phishing-in-the-first-quarter-of- 2015/ 3. http://www.information-age.com/technology/security/123459514/think-you-can-spot-scam-97-people- wouldnt-know-phishing-email-if-it-hooked-them 4. http://www.cmo.com/articles/2015/1/6/15_stats_marketing_ROI.html

Editor's Notes

A domain owner who has deployed email authentication can begin using DMARC in "monitor mode" to collect data from participating receivers. As the data shows that their legitimate traffic is passing authentication checks, they can change their policy to request that failing messages be quarantined. As they grow confident that no legitimate messages are being incorrectly quarantined, they can move to a "reject" policy.
DMARC stands for, Domain Message Authentication, Reporting and Conformance IEFT – Internet Engineering Task Force SPF - Sender Policy Framework (SPF) records allow domain owners to publish a list of IP addresses or subnets that are authorized to send email on their behalf. DKIM – DomainKeys Identified Mail DKIM provides a method for validating a domain name identity that is associated with a message through cryptographic authentication.

Who is Using Your Domain for Phishing & Spam? A DMARC Overview

Recommended

Recommended

More Related Content

Recently uploaded

Recently uploaded (20)

Featured

Featured (20)

Who is Using Your Domain for Phishing & Spam? A DMARC Overview

Editor's Notes