Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Who is using your domain for phishing & spam?
DMARC Compass™
Dan Ingevaldson
CTO
Email is a mission-critical communication channel for most
companies.
Over 205billion emails are sent and received every d...
Email has also become an untrusted channel.
Thanks to spam and phishing scams, users are
taught to be wary of incoming mes...
This lack of trust impacts a company’s ability to
effectively communicate, market, and sell to
customers via email.
In 201...
(Domain MessageAuthentication, Reporting and Conformance)
DMARC
…stands to change all that.
DMARC
• Provides visibility into email flows
• Tells receiving servers to delete spoofed messages immediately
upon receipt...
Getting started with DMARC
is easy. Any email sender and
receiver can use the DMARC
rails provided by the global
community.
Free use of the rails provides access to the critical, raw
reporting data that helps you see who is sending email
and who ...
Can be deployed in Monitor,Quarantine or Reject mode.
DMARC
Monitor
A domain owner can begin using DMARC in "monitor mode" to
collect data from participating receivers.
Quarantine
As the data shows that their legitimate traffic is passing authentication
checks, they can change their policy ...
Reject
As they grow confident that no
legitimate messages are being
incorrectly quarantined, they can
move to a "reject" p...
It is impossible for spoofed email to be delivered
to DMARC-protected email servers.
“DMARC protects more than 85% of the people who
receive and send e-mail from Facebook”
Michael Adkins, Facebook
“Implement...
The DMARC Standard
DMARC is an IETF Draft Specification that allows email receivers to determine if
an email is authentic ...
DMARC Compass™ a comprehensive tool that provides clear
visibility into your e-mail delivery environment
What is needed forCompleteVisibility?
Putting DMARC into Context
% of Incidents from DMARC?
<20%
Hacked
Sites
Social Media...
ProactiveThreat Detection andTakedown
18
DMARC Compass™
Detect Monitoring Service™
Threat Reduction
Attack Deactivation
Why from Easy Solutions?
19
* 2014, Top 40 US Bank
Differentiators Initiate server takedowns backed
by 24/7/365 Security Operations
Center
Full Restful API to leverage
Compa...
Determine your server policies through Compass Explorer
Deploy DNSTXT record
Monitor results in Compass portal
Authorize, ...
Learn more: DMARC Compass
Contact us: info@easysol.net
Sources:
1. http://www.radicati.com/wp/wp-content/uploads/2015/02/Email-Statistics-Report-2015-2019-Executive-
Summary.pdf...
Upcoming SlideShare
Loading in …5
×

Who is Using Your Domain for Phishing & Spam? A DMARC Overview

829 views

Published on

DMARC Compass™ is a comprehensive tool that provides clear visibility into your e-mail delivery environment.

Email is a mission critical channel for most companies, but it has also become a major source of distrust. Most major attacks still use email as a launching pad, and users are taught to be wary of incoming messages. This lack of trust effects your ability to effectively communicate, market and sell via email!

DMARC (Domain Message Authentication Reporting and Conformance) stands to change all that by providing visibility into email flows, telling email receivers to delete spoofed messages, and ensuring that only legitimate emails are delivered to inboxes from protected domains.

In this presentation, we will cover:

- The importance of building trust in your email communications
- How to shine a light on all your email servers using the DMARC rails
- The best way to consolidate, visualize and make sense of DMARC reporting data

Watch the replay here: http://www.easysol.net/resources-who-is-using-your-domain

Published in: Technology
  • Be the first to comment

Who is Using Your Domain for Phishing & Spam? A DMARC Overview

  1. 1. Who is using your domain for phishing & spam? DMARC Compass™ Dan Ingevaldson CTO
  2. 2. Email is a mission-critical communication channel for most companies. Over 205billion emails are sent and received every day (112.5 billion business emails).¹
  3. 3. Email has also become an untrusted channel. Thanks to spam and phishing scams, users are taught to be wary of incoming messages. 59.2% 2015 Proportion of Spam in Email² Spam 97% of people globally are unable to correctly identify phishing emails³
  4. 4. This lack of trust impacts a company’s ability to effectively communicate, market, and sell to customers via email. In 2014, email ROI reached 2,500%.⁴
  5. 5. (Domain MessageAuthentication, Reporting and Conformance) DMARC …stands to change all that.
  6. 6. DMARC • Provides visibility into email flows • Tells receiving servers to delete spoofed messages immediately upon receipt • Ensures only legitimate emails are delivered to inboxes
  7. 7. Getting started with DMARC is easy. Any email sender and receiver can use the DMARC rails provided by the global community.
  8. 8. Free use of the rails provides access to the critical, raw reporting data that helps you see who is sending email and who is spoofing your brand.
  9. 9. Can be deployed in Monitor,Quarantine or Reject mode. DMARC
  10. 10. Monitor A domain owner can begin using DMARC in "monitor mode" to collect data from participating receivers.
  11. 11. Quarantine As the data shows that their legitimate traffic is passing authentication checks, they can change their policy to request that failing messages be quarantined.
  12. 12. Reject As they grow confident that no legitimate messages are being incorrectly quarantined, they can move to a "reject" policy.
  13. 13. It is impossible for spoofed email to be delivered to DMARC-protected email servers.
  14. 14. “DMARC protects more than 85% of the people who receive and send e-mail from Facebook” Michael Adkins, Facebook “Implementing DMARC stopped nearly 25 million attempted attacks on our customers during the 2013 holiday season alone” Trent Adams, PayPay / Ebay, Chair of DMARC.org Does it work?
  15. 15. The DMARC Standard DMARC is an IETF Draft Specification that allows email receivers to determine if an email is authentic and what to do if it is not
  16. 16. DMARC Compass™ a comprehensive tool that provides clear visibility into your e-mail delivery environment
  17. 17. What is needed forCompleteVisibility? Putting DMARC into Context % of Incidents from DMARC? <20% Hacked Sites Social Media Fraudulent Domains DMARC Malware/MobileApps Non-spoofed Phish Active Monitoring DMARC on its own is not a complete fraud strategy – but anything that provides some visibility is a win. Make sure that you have other layers in place to protect against these other threats.
  18. 18. ProactiveThreat Detection andTakedown 18 DMARC Compass™ Detect Monitoring Service™ Threat Reduction Attack Deactivation
  19. 19. Why from Easy Solutions? 19 * 2014, Top 40 US Bank
  20. 20. Differentiators Initiate server takedowns backed by 24/7/365 Security Operations Center Full Restful API to leverage Compass data elsewhere in your stack Customized reporting for analytics Shares intelligence with the rest of our products
  21. 21. Determine your server policies through Compass Explorer Deploy DNSTXT record Monitor results in Compass portal Authorize, deauthorize servers as they are identified Migrate DNS policies for stricter e-mail handling Deployment
  22. 22. Learn more: DMARC Compass Contact us: info@easysol.net
  23. 23. Sources: 1. http://www.radicati.com/wp/wp-content/uploads/2015/02/Email-Statistics-Report-2015-2019-Executive- Summary.pdf 2. https://securelist.com/analysis/quarterly-spam-reports/69932/spam-and-phishing-in-the-first-quarter-of- 2015/ 3. http://www.information-age.com/technology/security/123459514/think-you-can-spot-scam-97-people- wouldnt-know-phishing-email-if-it-hooked-them 4. http://www.cmo.com/articles/2015/1/6/15_stats_marketing_ROI.html

×