SlideShare a Scribd company logo

How Cybercriminals Cheat Email Authentication

Email fraud is rife and costs companies like yours millions. Implementing the authentication standard DMARC (Domain-based Authentication Reporting and Conformance) to block bad email before it reaches consumer inboxes is a great first step. But DMARC alone isn’t enough, protecting your brand from only 30% of email-borne attacks. We tapped into the Return Path Data Cloud and analyzed more than 760,000 email threats associated with 40 top global brands over the course of 2 months to understand how fraudsters circumvent email authentication mechanisms like DMARC.

1 of 33
Download to read offline
How Cybercriminals Cheat Email Authentication
Webinar: How Cybercriminals Cheat
Email Authentication
September 29, 2015
#BeyondDMARC
Welcome!
• Follow us on Twitter @StopEmailFraud.
• Use our hashtag #BeyondDMARC.
• Please type in your questions using the chat box.
• Yes! We’ll send you a recording.
Welcome!
Matthew Moorehead
Strategic Project Manager
Email Fraud Protection
Return Path
@mattmooreheadRP
Liz Dennison
Content Marketing Manager
Email Fraud Protection
Return Path
@LizKONeill
Ash Valeski
Senior Product Manager
Email Fraud Protection
Return Path
Agenda
• The Email Fraud Problem.
• Email Authentication Best Practices.
• Real-time Insights into All Email Attacks.
• Tactics Fraudsters Use to Cheat Email Authentication.
• Unite Against Email Fraud.
• Q&A.
The Email Fraud
Problem

Recommended

Protect your domain with DMARC
Protect your domain with DMARCProtect your domain with DMARC
Protect your domain with DMARCContactlab
 
Using DMARC to Improve Your Email Reputation
Using DMARC to Improve Your Email ReputationUsing DMARC to Improve Your Email Reputation
Using DMARC to Improve Your Email ReputationTerry Zink
 
Getting startedwithdmarc5
 Getting startedwithdmarc5 Getting startedwithdmarc5
Getting startedwithdmarc5grafica_corella
 
Protecting Users from Fraud
Protecting Users from FraudProtecting Users from Fraud
Protecting Users from FraudBarry Jones
 
Fighting Email Abuse with DMARC
Fighting Email Abuse with DMARCFighting Email Abuse with DMARC
Fighting Email Abuse with DMARCKurt Andersen
 
What is dmarc
What is dmarcWhat is dmarc
What is dmarcGodmarc
 
Infographic: How to Prevent Email Fraud with DMARC
Infographic: How to Prevent Email Fraud with DMARCInfographic: How to Prevent Email Fraud with DMARC
Infographic: How to Prevent Email Fraud with DMARCReturn Path
 

More Related Content

What's hot

A plan for email over IPv6
A plan for email over IPv6A plan for email over IPv6
A plan for email over IPv6Terry Zink
 
How to Implement DMARC/DKIM/SPF to Stop Email Spoofing/Phishing: The Definiti...
How to Implement DMARC/DKIM/SPF to Stop Email Spoofing/Phishing: The Definiti...How to Implement DMARC/DKIM/SPF to Stop Email Spoofing/Phishing: The Definiti...
How to Implement DMARC/DKIM/SPF to Stop Email Spoofing/Phishing: The Definiti...Gangcai Lin
 
DMARC360 Guide
DMARC360 GuideDMARC360 Guide
DMARC360 GuideDMARC360
 
Email Security Case Study in Rakuten at Rakuten Technology Conference 2019
Email Security Case Study in Rakuten at Rakuten Technology Conference 2019 Email Security Case Study in Rakuten at Rakuten Technology Conference 2019
Email Security Case Study in Rakuten at Rakuten Technology Conference 2019 顕志 北浦
 
What is DMARC?
What is DMARC?What is DMARC?
What is DMARC?Godmarc
 
MNSEC 2018 - Malware Distribution Trends, October 2018
MNSEC 2018 -  Malware Distribution Trends, October 2018 MNSEC 2018 -  Malware Distribution Trends, October 2018
MNSEC 2018 - Malware Distribution Trends, October 2018 MNCERT
 
Commtouch outbound-anti spam-webinar-201312-final
Commtouch outbound-anti spam-webinar-201312-finalCommtouch outbound-anti spam-webinar-201312-final
Commtouch outbound-anti spam-webinar-201312-finalCyren, Inc
 
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyAntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyamiable_indian
 

What's hot (9)

A plan for email over IPv6
A plan for email over IPv6A plan for email over IPv6
A plan for email over IPv6
 
How to Implement DMARC/DKIM/SPF to Stop Email Spoofing/Phishing: The Definiti...
How to Implement DMARC/DKIM/SPF to Stop Email Spoofing/Phishing: The Definiti...How to Implement DMARC/DKIM/SPF to Stop Email Spoofing/Phishing: The Definiti...
How to Implement DMARC/DKIM/SPF to Stop Email Spoofing/Phishing: The Definiti...
 
DMARC360 Guide
DMARC360 GuideDMARC360 Guide
DMARC360 Guide
 
Email Security Case Study in Rakuten at Rakuten Technology Conference 2019
Email Security Case Study in Rakuten at Rakuten Technology Conference 2019 Email Security Case Study in Rakuten at Rakuten Technology Conference 2019
Email Security Case Study in Rakuten at Rakuten Technology Conference 2019
 
What is DMARC?
What is DMARC?What is DMARC?
What is DMARC?
 
MNSEC 2018 - Malware Distribution Trends, October 2018
MNSEC 2018 -  Malware Distribution Trends, October 2018 MNSEC 2018 -  Malware Distribution Trends, October 2018
MNSEC 2018 - Malware Distribution Trends, October 2018
 
Commtouch outbound-anti spam-webinar-201312-final
Commtouch outbound-anti spam-webinar-201312-finalCommtouch outbound-anti spam-webinar-201312-final
Commtouch outbound-anti spam-webinar-201312-final
 
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyAntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the ugly
 
Article on DMARC
Article on DMARCArticle on DMARC
Article on DMARC
 

Viewers also liked

Fakhruddin all in one presentation revised3
Fakhruddin all in one presentation revised3Fakhruddin all in one presentation revised3
Fakhruddin all in one presentation revised3amyn83
 
Network Monitoring and Measurements at University of Napoli
Network Monitoring and Measurements at University of NapoliNetwork Monitoring and Measurements at University of Napoli
Network Monitoring and Measurements at University of Napolipescape
 
Colegio cooperativo del magisterio de cundinamarca
Colegio cooperativo del magisterio de cundinamarcaColegio cooperativo del magisterio de cundinamarca
Colegio cooperativo del magisterio de cundinamarcaosunanicolas11
 
Practica 4.1. que es la web herrera indise
Practica 4.1. que es la web herrera indisePractica 4.1. que es la web herrera indise
Practica 4.1. que es la web herrera indiseJavier Herrera
 
La reputazione dei ristoranti toscani
La reputazione dei ristoranti toscaniLa reputazione dei ristoranti toscani
La reputazione dei ristoranti toscaniMind Lab Hotel
 
Žurnalas mama ir vaikas 2014 m. ruduo
Žurnalas mama ir vaikas 2014 m. ruduoŽurnalas mama ir vaikas 2014 m. ruduo
Žurnalas mama ir vaikas 2014 m. ruduoMB "Mama ir vaikas"
 
Parodi et al 2002 atp y adenosina
Parodi et al 2002 atp y adenosinaParodi et al 2002 atp y adenosina
Parodi et al 2002 atp y adenosinaJorge Parodi
 
NetConsulting presenta Vamos a Contar Verdades (PPT)
NetConsulting presenta Vamos a Contar Verdades (PPT)NetConsulting presenta Vamos a Contar Verdades (PPT)
NetConsulting presenta Vamos a Contar Verdades (PPT)NetConsulting Marketing
 
Basics business card
Basics business cardBasics business card
Basics business cardmrsmercedes
 
San francisco de nuevo ecuador completo final pq
San francisco de nuevo ecuador completo final pq San francisco de nuevo ecuador completo final pq
San francisco de nuevo ecuador completo final pq Carlos Márquez
 
Webinar | Cómo emprender con éxito
Webinar | Cómo emprender con éxitoWebinar | Cómo emprender con éxito
Webinar | Cómo emprender con éxitoInfoJobs
 
Acupuntura deber de enfer (1)
Acupuntura  deber de enfer (1)Acupuntura  deber de enfer (1)
Acupuntura deber de enfer (1)Karol Sarmiento
 
Idiomas Modernos Administración Acuerdo de Aprendizaje martes julio 2015
Idiomas Modernos Administración Acuerdo de Aprendizaje  martes  julio  2015Idiomas Modernos Administración Acuerdo de Aprendizaje  martes  julio  2015
Idiomas Modernos Administración Acuerdo de Aprendizaje martes julio 2015Johana Guerrero
 
Smarte Bildschirme von pilot screentime GmbH (DEUTSCH)
Smarte Bildschirme von pilot screentime GmbH (DEUTSCH)Smarte Bildschirme von pilot screentime GmbH (DEUTSCH)
Smarte Bildschirme von pilot screentime GmbH (DEUTSCH)pilot Screentime GmbH
 

Viewers also liked (20)

Fakhruddin all in one presentation revised3
Fakhruddin all in one presentation revised3Fakhruddin all in one presentation revised3
Fakhruddin all in one presentation revised3
 
Network Monitoring and Measurements at University of Napoli
Network Monitoring and Measurements at University of NapoliNetwork Monitoring and Measurements at University of Napoli
Network Monitoring and Measurements at University of Napoli
 
Colegio cooperativo del magisterio de cundinamarca
Colegio cooperativo del magisterio de cundinamarcaColegio cooperativo del magisterio de cundinamarca
Colegio cooperativo del magisterio de cundinamarca
 
Trabajo os unix
Trabajo os unixTrabajo os unix
Trabajo os unix
 
Practica 4.1. que es la web herrera indise
Practica 4.1. que es la web herrera indisePractica 4.1. que es la web herrera indise
Practica 4.1. que es la web herrera indise
 
Matemáticas iii vol. i
Matemáticas iii vol. iMatemáticas iii vol. i
Matemáticas iii vol. i
 
La reputazione dei ristoranti toscani
La reputazione dei ristoranti toscaniLa reputazione dei ristoranti toscani
La reputazione dei ristoranti toscani
 
Žurnalas mama ir vaikas 2014 m. ruduo
Žurnalas mama ir vaikas 2014 m. ruduoŽurnalas mama ir vaikas 2014 m. ruduo
Žurnalas mama ir vaikas 2014 m. ruduo
 
Parodi et al 2002 atp y adenosina
Parodi et al 2002 atp y adenosinaParodi et al 2002 atp y adenosina
Parodi et al 2002 atp y adenosina
 
NetConsulting presenta Vamos a Contar Verdades (PPT)
NetConsulting presenta Vamos a Contar Verdades (PPT)NetConsulting presenta Vamos a Contar Verdades (PPT)
NetConsulting presenta Vamos a Contar Verdades (PPT)
 
3 STAR CONSULTING SERVICES
3 STAR CONSULTING SERVICES3 STAR CONSULTING SERVICES
3 STAR CONSULTING SERVICES
 
Basics business card
Basics business cardBasics business card
Basics business card
 
San francisco de nuevo ecuador completo final pq
San francisco de nuevo ecuador completo final pq San francisco de nuevo ecuador completo final pq
San francisco de nuevo ecuador completo final pq
 
Mobil Delvac
Mobil Delvac Mobil Delvac
Mobil Delvac
 
SOCIMI
SOCIMISOCIMI
SOCIMI
 
Webinar | Cómo emprender con éxito
Webinar | Cómo emprender con éxitoWebinar | Cómo emprender con éxito
Webinar | Cómo emprender con éxito
 
Acupuntura deber de enfer (1)
Acupuntura  deber de enfer (1)Acupuntura  deber de enfer (1)
Acupuntura deber de enfer (1)
 
Idiomas Modernos Administración Acuerdo de Aprendizaje martes julio 2015
Idiomas Modernos Administración Acuerdo de Aprendizaje  martes  julio  2015Idiomas Modernos Administración Acuerdo de Aprendizaje  martes  julio  2015
Idiomas Modernos Administración Acuerdo de Aprendizaje martes julio 2015
 
Nueva escuela
Nueva escuelaNueva escuela
Nueva escuela
 
Smarte Bildschirme von pilot screentime GmbH (DEUTSCH)
Smarte Bildschirme von pilot screentime GmbH (DEUTSCH)Smarte Bildschirme von pilot screentime GmbH (DEUTSCH)
Smarte Bildschirme von pilot screentime GmbH (DEUTSCH)
 

Similar to How Cybercriminals Cheat Email Authentication

Using Return Path Data to Protect Your Brand: Security Breakout Session - LA
Using Return Path Data to Protect Your Brand: Security Breakout Session - LAUsing Return Path Data to Protect Your Brand: Security Breakout Session - LA
Using Return Path Data to Protect Your Brand: Security Breakout Session - LAReturn Path
 
Using Return Path Data to Protect Your Brand: Security Breakout Session - San...
Using Return Path Data to Protect Your Brand: Security Breakout Session - San...Using Return Path Data to Protect Your Brand: Security Breakout Session - San...
Using Return Path Data to Protect Your Brand: Security Breakout Session - San...Return Path
 
Using Return Path Data to Protect Your Brand: Security Breakout Session - NYC
Using Return Path Data to Protect Your Brand: Security Breakout Session - NYCUsing Return Path Data to Protect Your Brand: Security Breakout Session - NYC
Using Return Path Data to Protect Your Brand: Security Breakout Session - NYCReturn Path
 
Using Return Path Data to Protect Your Brand: Security Breakout Session - Chi...
Using Return Path Data to Protect Your Brand: Security Breakout Session - Chi...Using Return Path Data to Protect Your Brand: Security Breakout Session - Chi...
Using Return Path Data to Protect Your Brand: Security Breakout Session - Chi...Return Path
 
Using Return Path Data to Protect Your Brand: Security Breakout Session - London
Using Return Path Data to Protect Your Brand: Security Breakout Session - LondonUsing Return Path Data to Protect Your Brand: Security Breakout Session - London
Using Return Path Data to Protect Your Brand: Security Breakout Session - LondonReturn Path
 
Marketing Cloud - Partner Office Hour (August 18, 2015)
Marketing Cloud - Partner Office Hour (August 18, 2015)Marketing Cloud - Partner Office Hour (August 18, 2015)
Marketing Cloud - Partner Office Hour (August 18, 2015)Salesforce Partners
 
2010 Spam Filtered World Fv
2010 Spam Filtered World Fv2010 Spam Filtered World Fv
2010 Spam Filtered World Fvcactussky
 
GoDMARC - Block Email Phishing
GoDMARC - Block Email PhishingGoDMARC - Block Email Phishing
GoDMARC - Block Email PhishingTarun Arora
 
7 top tips to protect your business from BEC [infographic] By Stellarise
7 top tips to protect your business from BEC [infographic] By Stellarise7 top tips to protect your business from BEC [infographic] By Stellarise
7 top tips to protect your business from BEC [infographic] By StellariseElena Tatarenkova
 
Neuailes Global Technologies Pvt Ltd
Neuailes Global Technologies Pvt LtdNeuailes Global Technologies Pvt Ltd
Neuailes Global Technologies Pvt LtdShankar Suman
 
A guide to email spoofing
A guide to email spoofingA guide to email spoofing
A guide to email spoofingMattChapman50
 
Email: still the favourite route of attack
Email: still the favourite route of attackEmail: still the favourite route of attack
Email: still the favourite route of attackClaranet UK
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresIRJET Journal
 
Presentation on Email phishing.pptx
Presentation on Email phishing.pptxPresentation on Email phishing.pptx
Presentation on Email phishing.pptxAbdulHaseebKhan34
 
2017 Deliverabilty & Beyond - What Eloquans Need to Know
2017 Deliverabilty & Beyond - What Eloquans Need to Know2017 Deliverabilty & Beyond - What Eloquans Need to Know
2017 Deliverabilty & Beyond - What Eloquans Need to KnowChris Arrendale
 
Using Return Path Data to Protect Your Brand: Security Breakout Session - Sao...
Using Return Path Data to Protect Your Brand: Security Breakout Session - Sao...Using Return Path Data to Protect Your Brand: Security Breakout Session - Sao...
Using Return Path Data to Protect Your Brand: Security Breakout Session - Sao...Return Path
 
Maximise Email Deliverability
Maximise Email DeliverabilityMaximise Email Deliverability
Maximise Email DeliverabilityGetResponse
 
End the Nightmares! 10 Email Deliverability Myths Debunked
End the Nightmares! 10 Email Deliverability Myths DebunkedEnd the Nightmares! 10 Email Deliverability Myths Debunked
End the Nightmares! 10 Email Deliverability Myths DebunkedYes Lifecycle Marketing
 
Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...
Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...
Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...Return Path
 

Similar to How Cybercriminals Cheat Email Authentication (20)

Using Return Path Data to Protect Your Brand: Security Breakout Session - LA
Using Return Path Data to Protect Your Brand: Security Breakout Session - LAUsing Return Path Data to Protect Your Brand: Security Breakout Session - LA
Using Return Path Data to Protect Your Brand: Security Breakout Session - LA
 
Using Return Path Data to Protect Your Brand: Security Breakout Session - San...
Using Return Path Data to Protect Your Brand: Security Breakout Session - San...Using Return Path Data to Protect Your Brand: Security Breakout Session - San...
Using Return Path Data to Protect Your Brand: Security Breakout Session - San...
 
Using Return Path Data to Protect Your Brand: Security Breakout Session - NYC
Using Return Path Data to Protect Your Brand: Security Breakout Session - NYCUsing Return Path Data to Protect Your Brand: Security Breakout Session - NYC
Using Return Path Data to Protect Your Brand: Security Breakout Session - NYC
 
Using Return Path Data to Protect Your Brand: Security Breakout Session - Chi...
Using Return Path Data to Protect Your Brand: Security Breakout Session - Chi...Using Return Path Data to Protect Your Brand: Security Breakout Session - Chi...
Using Return Path Data to Protect Your Brand: Security Breakout Session - Chi...
 
Using Return Path Data to Protect Your Brand: Security Breakout Session - London
Using Return Path Data to Protect Your Brand: Security Breakout Session - LondonUsing Return Path Data to Protect Your Brand: Security Breakout Session - London
Using Return Path Data to Protect Your Brand: Security Breakout Session - London
 
Marketing Cloud - Partner Office Hour (August 18, 2015)
Marketing Cloud - Partner Office Hour (August 18, 2015)Marketing Cloud - Partner Office Hour (August 18, 2015)
Marketing Cloud - Partner Office Hour (August 18, 2015)
 
2010 Spam Filtered World Fv
2010 Spam Filtered World Fv2010 Spam Filtered World Fv
2010 Spam Filtered World Fv
 
GoDMARC - Block Email Phishing
GoDMARC - Block Email PhishingGoDMARC - Block Email Phishing
GoDMARC - Block Email Phishing
 
7 top tips to protect your business from BEC [infographic] By Stellarise
7 top tips to protect your business from BEC [infographic] By Stellarise7 top tips to protect your business from BEC [infographic] By Stellarise
7 top tips to protect your business from BEC [infographic] By Stellarise
 
Neuailes Global Technologies Pvt Ltd
Neuailes Global Technologies Pvt LtdNeuailes Global Technologies Pvt Ltd
Neuailes Global Technologies Pvt Ltd
 
A guide to email spoofing
A guide to email spoofingA guide to email spoofing
A guide to email spoofing
 
Email: still the favourite route of attack
Email: still the favourite route of attackEmail: still the favourite route of attack
Email: still the favourite route of attack
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and Countermeasures
 
Presentation on Email phishing.pptx
Presentation on Email phishing.pptxPresentation on Email phishing.pptx
Presentation on Email phishing.pptx
 
2017 Deliverabilty & Beyond - What Eloquans Need to Know
2017 Deliverabilty & Beyond - What Eloquans Need to Know2017 Deliverabilty & Beyond - What Eloquans Need to Know
2017 Deliverabilty & Beyond - What Eloquans Need to Know
 
Using Return Path Data to Protect Your Brand: Security Breakout Session - Sao...
Using Return Path Data to Protect Your Brand: Security Breakout Session - Sao...Using Return Path Data to Protect Your Brand: Security Breakout Session - Sao...
Using Return Path Data to Protect Your Brand: Security Breakout Session - Sao...
 
Maximise Email Deliverability
Maximise Email DeliverabilityMaximise Email Deliverability
Maximise Email Deliverability
 
End the Nightmares! 10 Email Deliverability Myths Debunked
End the Nightmares! 10 Email Deliverability Myths DebunkedEnd the Nightmares! 10 Email Deliverability Myths Debunked
End the Nightmares! 10 Email Deliverability Myths Debunked
 
PHISHING PROTECTION
 PHISHING PROTECTION PHISHING PROTECTION
PHISHING PROTECTION
 
Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...
Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...
Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...
 

More from Return Path

Understanding Gmail Deliverability
Understanding Gmail DeliverabilityUnderstanding Gmail Deliverability
Understanding Gmail DeliverabilityReturn Path
 
Green Eggs & Spam
Green Eggs & SpamGreen Eggs & Spam
Green Eggs & SpamReturn Path
 
Return Path World Tour Keynote - San Francisco
Return Path World Tour Keynote - San FranciscoReturn Path World Tour Keynote - San Francisco
Return Path World Tour Keynote - San FranciscoReturn Path
 
Return Path World Tour Keynote - New York
Return Path World Tour Keynote - New YorkReturn Path World Tour Keynote - New York
Return Path World Tour Keynote - New YorkReturn Path
 
Return Path World Tour Keynote - Sao Paulo
Return Path World Tour Keynote - Sao PauloReturn Path World Tour Keynote - Sao Paulo
Return Path World Tour Keynote - Sao PauloReturn Path
 
Return Path World Tour Keynote - Sydney
Return Path World Tour Keynote - SydneyReturn Path World Tour Keynote - Sydney
Return Path World Tour Keynote - SydneyReturn Path
 
Return Path World Tour Keynote - Paris
Return Path World Tour Keynote - ParisReturn Path World Tour Keynote - Paris
Return Path World Tour Keynote - ParisReturn Path
 
World Tour Keynote Presentation - London
World Tour Keynote Presentation - LondonWorld Tour Keynote Presentation - London
World Tour Keynote Presentation - LondonReturn Path
 
Stemming the Fall of Email Deliverability
Stemming the Fall of Email DeliverabilityStemming the Fall of Email Deliverability
Stemming the Fall of Email DeliverabilityReturn Path
 
Return Path Academy on 7 September 2016
Return Path Academy on 7 September 2016Return Path Academy on 7 September 2016
Return Path Academy on 7 September 2016Return Path
 
Deliverability Rates are Falling - Learn the Reasons Why and How to Prevent It.
Deliverability Rates are Falling - Learn the Reasons Why and How to Prevent It.Deliverability Rates are Falling - Learn the Reasons Why and How to Prevent It.
Deliverability Rates are Falling - Learn the Reasons Why and How to Prevent It.Return Path
 
How to keep_your_lists_clean_and_improve_deliverability
How to keep_your_lists_clean_and_improve_deliverabilityHow to keep_your_lists_clean_and_improve_deliverability
How to keep_your_lists_clean_and_improve_deliverabilityReturn Path
 
The Hidden Metrics of Email Deliverability Webinar
The Hidden Metrics of Email Deliverability WebinarThe Hidden Metrics of Email Deliverability Webinar
The Hidden Metrics of Email Deliverability WebinarReturn Path
 
CASL One Year Later
CASL One Year Later CASL One Year Later
CASL One Year Later Return Path
 
Email Optimization Suite Product Overview
Email Optimization Suite Product OverviewEmail Optimization Suite Product Overview
Email Optimization Suite Product OverviewReturn Path
 
Little Data, Big Decisions: The Path to Data Enlightenment Keynote - San Fran...
Little Data, Big Decisions: The Path to Data Enlightenment Keynote - San Fran...Little Data, Big Decisions: The Path to Data Enlightenment Keynote - San Fran...
Little Data, Big Decisions: The Path to Data Enlightenment Keynote - San Fran...Return Path
 
Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...
Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...
Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...Return Path
 
Little Data, Big Decisions: The Path to Data Enlightenment Keynote - LA
Little Data, Big Decisions: The Path to Data Enlightenment Keynote - LALittle Data, Big Decisions: The Path to Data Enlightenment Keynote - LA
Little Data, Big Decisions: The Path to Data Enlightenment Keynote - LAReturn Path
 
Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...
Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...
Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...Return Path
 
Little Data, Big Decisions: The Path to Data Enlightenment Keynote - NYC
Little Data, Big Decisions: The Path to Data Enlightenment Keynote - NYCLittle Data, Big Decisions: The Path to Data Enlightenment Keynote - NYC
Little Data, Big Decisions: The Path to Data Enlightenment Keynote - NYCReturn Path
 

More from Return Path (20)

Understanding Gmail Deliverability
Understanding Gmail DeliverabilityUnderstanding Gmail Deliverability
Understanding Gmail Deliverability
 
Green Eggs & Spam
Green Eggs & SpamGreen Eggs & Spam
Green Eggs & Spam
 
Return Path World Tour Keynote - San Francisco
Return Path World Tour Keynote - San FranciscoReturn Path World Tour Keynote - San Francisco
Return Path World Tour Keynote - San Francisco
 
Return Path World Tour Keynote - New York
Return Path World Tour Keynote - New YorkReturn Path World Tour Keynote - New York
Return Path World Tour Keynote - New York
 
Return Path World Tour Keynote - Sao Paulo
Return Path World Tour Keynote - Sao PauloReturn Path World Tour Keynote - Sao Paulo
Return Path World Tour Keynote - Sao Paulo
 
Return Path World Tour Keynote - Sydney
Return Path World Tour Keynote - SydneyReturn Path World Tour Keynote - Sydney
Return Path World Tour Keynote - Sydney
 
Return Path World Tour Keynote - Paris
Return Path World Tour Keynote - ParisReturn Path World Tour Keynote - Paris
Return Path World Tour Keynote - Paris
 
World Tour Keynote Presentation - London
World Tour Keynote Presentation - LondonWorld Tour Keynote Presentation - London
World Tour Keynote Presentation - London
 
Stemming the Fall of Email Deliverability
Stemming the Fall of Email DeliverabilityStemming the Fall of Email Deliverability
Stemming the Fall of Email Deliverability
 
Return Path Academy on 7 September 2016
Return Path Academy on 7 September 2016Return Path Academy on 7 September 2016
Return Path Academy on 7 September 2016
 
Deliverability Rates are Falling - Learn the Reasons Why and How to Prevent It.
Deliverability Rates are Falling - Learn the Reasons Why and How to Prevent It.Deliverability Rates are Falling - Learn the Reasons Why and How to Prevent It.
Deliverability Rates are Falling - Learn the Reasons Why and How to Prevent It.
 
How to keep_your_lists_clean_and_improve_deliverability
How to keep_your_lists_clean_and_improve_deliverabilityHow to keep_your_lists_clean_and_improve_deliverability
How to keep_your_lists_clean_and_improve_deliverability
 
The Hidden Metrics of Email Deliverability Webinar
The Hidden Metrics of Email Deliverability WebinarThe Hidden Metrics of Email Deliverability Webinar
The Hidden Metrics of Email Deliverability Webinar
 
CASL One Year Later
CASL One Year Later CASL One Year Later
CASL One Year Later
 
Email Optimization Suite Product Overview
Email Optimization Suite Product OverviewEmail Optimization Suite Product Overview
Email Optimization Suite Product Overview
 
Little Data, Big Decisions: The Path to Data Enlightenment Keynote - San Fran...
Little Data, Big Decisions: The Path to Data Enlightenment Keynote - San Fran...Little Data, Big Decisions: The Path to Data Enlightenment Keynote - San Fran...
Little Data, Big Decisions: The Path to Data Enlightenment Keynote - San Fran...
 
Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...
Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...
Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...
 
Little Data, Big Decisions: The Path to Data Enlightenment Keynote - LA
Little Data, Big Decisions: The Path to Data Enlightenment Keynote - LALittle Data, Big Decisions: The Path to Data Enlightenment Keynote - LA
Little Data, Big Decisions: The Path to Data Enlightenment Keynote - LA
 
Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...
Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...
Using Return Path Data to Promote Your Brand: Marketing/Research Breakout Ses...
 
Little Data, Big Decisions: The Path to Data Enlightenment Keynote - NYC
Little Data, Big Decisions: The Path to Data Enlightenment Keynote - NYCLittle Data, Big Decisions: The Path to Data Enlightenment Keynote - NYC
Little Data, Big Decisions: The Path to Data Enlightenment Keynote - NYC
 

Recently uploaded

fundamentals of digital imaging - POONAM.pptx
fundamentals of digital imaging - POONAM.pptxfundamentals of digital imaging - POONAM.pptx
fundamentals of digital imaging - POONAM.pptxPoonamRijal
 
Customer Satisfaction Data - Multiple Linear Regression Model.pdf
Customer Satisfaction Data -  Multiple Linear Regression Model.pdfCustomer Satisfaction Data -  Multiple Linear Regression Model.pdf
Customer Satisfaction Data - Multiple Linear Regression Model.pdfruwanp2000
 
WOMEN IN TECH EVENT : Explore Salesforce Metadata.pptx
WOMEN IN TECH EVENT : Explore Salesforce Metadata.pptxWOMEN IN TECH EVENT : Explore Salesforce Metadata.pptx
WOMEN IN TECH EVENT : Explore Salesforce Metadata.pptxyosra Saidani
 
HayleyDerby_Market_Research_Spotify.docx
HayleyDerby_Market_Research_Spotify.docxHayleyDerby_Market_Research_Spotify.docx
HayleyDerby_Market_Research_Spotify.docxHayleyDerby
 
Unlocking New Insights Into the World of European Soccer Through the European...
Unlocking New Insights Into the World of European Soccer Through the European...Unlocking New Insights Into the World of European Soccer Through the European...
Unlocking New Insights Into the World of European Soccer Through the European...ThinkInnovation
 
What you need to know about Generative AI and Data Management?
What you need to know about Generative AI and Data Management?What you need to know about Generative AI and Data Management?
What you need to know about Generative AI and Data Management?Denodo
 
Ratio analysis, Formulas, Advantage PPt.pptx
Ratio analysis, Formulas, Advantage PPt.pptxRatio analysis, Formulas, Advantage PPt.pptx
Ratio analysis, Formulas, Advantage PPt.pptxSugumarVenkai
 
EXCEL-VLOOKUP-AND-HLOOKUP LECTURE NOTES ALL EXCEL VLOOKUP NOTES PDF
EXCEL-VLOOKUP-AND-HLOOKUP LECTURE NOTES ALL EXCEL VLOOKUP NOTES PDFEXCEL-VLOOKUP-AND-HLOOKUP LECTURE NOTES ALL EXCEL VLOOKUP NOTES PDF
EXCEL-VLOOKUP-AND-HLOOKUP LECTURE NOTES ALL EXCEL VLOOKUP NOTES PDFProject Cubicle
 
Operations Data On Mobile - inSis Mobile App - Sample Screens
Operations Data On Mobile - inSis Mobile App - Sample ScreensOperations Data On Mobile - inSis Mobile App - Sample Screens
Operations Data On Mobile - inSis Mobile App - Sample ScreensKondapi V Siva Rama Brahmam
 
itc limited word file.pdf...............
itc limited word file.pdf...............itc limited word file.pdf...............
itc limited word file.pdf...............mahetamanav24
 
Choose your perfect jacket.pdf
Choose your perfect jacket.pdfChoose your perfect jacket.pdf
Choose your perfect jacket.pdfAlexia Trejo
 
Tips to Align with Your Salesforce Data Goals
Tips to Align with Your Salesforce Data GoalsTips to Align with Your Salesforce Data Goals
Tips to Align with Your Salesforce Data GoalsDataArchiva
 
Cousera Cap Course Datasets containing datasets from a Fictional Fitness Trac...
Cousera Cap Course Datasets containing datasets from a Fictional Fitness Trac...Cousera Cap Course Datasets containing datasets from a Fictional Fitness Trac...
Cousera Cap Course Datasets containing datasets from a Fictional Fitness Trac...Samuel Chukwuma
 
Introduction to data science.pdf-Definition,types and application of Data Sci...
Introduction to data science.pdf-Definition,types and application of Data Sci...Introduction to data science.pdf-Definition,types and application of Data Sci...
Introduction to data science.pdf-Definition,types and application of Data Sci...DrSumathyV
 
Artificial Intelligence for Vision: A walkthrough of recent breakthroughs
Artificial Intelligence for Vision:  A walkthrough of recent breakthroughsArtificial Intelligence for Vision:  A walkthrough of recent breakthroughs
Artificial Intelligence for Vision: A walkthrough of recent breakthroughsNikolas Markou
 
introduction-to-crimean-congo-haemorrhagic-fever.pdf
introduction-to-crimean-congo-haemorrhagic-fever.pdfintroduction-to-crimean-congo-haemorrhagic-fever.pdf
introduction-to-crimean-congo-haemorrhagic-fever.pdfSalamaAdel
 
Basics of Creating Graphs / Charts using Microsoft Excel
Basics of Creating Graphs / Charts using Microsoft ExcelBasics of Creating Graphs / Charts using Microsoft Excel
Basics of Creating Graphs / Charts using Microsoft ExcelTope Osanyintuyi
 

Recently uploaded (18)

fundamentals of digital imaging - POONAM.pptx
fundamentals of digital imaging - POONAM.pptxfundamentals of digital imaging - POONAM.pptx
fundamentals of digital imaging - POONAM.pptx
 
Customer Satisfaction Data - Multiple Linear Regression Model.pdf
Customer Satisfaction Data -  Multiple Linear Regression Model.pdfCustomer Satisfaction Data -  Multiple Linear Regression Model.pdf
Customer Satisfaction Data - Multiple Linear Regression Model.pdf
 
WOMEN IN TECH EVENT : Explore Salesforce Metadata.pptx
WOMEN IN TECH EVENT : Explore Salesforce Metadata.pptxWOMEN IN TECH EVENT : Explore Salesforce Metadata.pptx
WOMEN IN TECH EVENT : Explore Salesforce Metadata.pptx
 
HayleyDerby_Market_Research_Spotify.docx
HayleyDerby_Market_Research_Spotify.docxHayleyDerby_Market_Research_Spotify.docx
HayleyDerby_Market_Research_Spotify.docx
 
Unlocking New Insights Into the World of European Soccer Through the European...
Unlocking New Insights Into the World of European Soccer Through the European...Unlocking New Insights Into the World of European Soccer Through the European...
Unlocking New Insights Into the World of European Soccer Through the European...
 
What you need to know about Generative AI and Data Management?
What you need to know about Generative AI and Data Management?What you need to know about Generative AI and Data Management?
What you need to know about Generative AI and Data Management?
 
Ratio analysis, Formulas, Advantage PPt.pptx
Ratio analysis, Formulas, Advantage PPt.pptxRatio analysis, Formulas, Advantage PPt.pptx
Ratio analysis, Formulas, Advantage PPt.pptx
 
EXCEL-VLOOKUP-AND-HLOOKUP LECTURE NOTES ALL EXCEL VLOOKUP NOTES PDF
EXCEL-VLOOKUP-AND-HLOOKUP LECTURE NOTES ALL EXCEL VLOOKUP NOTES PDFEXCEL-VLOOKUP-AND-HLOOKUP LECTURE NOTES ALL EXCEL VLOOKUP NOTES PDF
EXCEL-VLOOKUP-AND-HLOOKUP LECTURE NOTES ALL EXCEL VLOOKUP NOTES PDF
 
Operations Data On Mobile - inSis Mobile App - Sample Screens
Operations Data On Mobile - inSis Mobile App - Sample ScreensOperations Data On Mobile - inSis Mobile App - Sample Screens
Operations Data On Mobile - inSis Mobile App - Sample Screens
 
itc limited word file.pdf...............
itc limited word file.pdf...............itc limited word file.pdf...............
itc limited word file.pdf...............
 
Choose your perfect jacket.pdf
Choose your perfect jacket.pdfChoose your perfect jacket.pdf
Choose your perfect jacket.pdf
 
Tips to Align with Your Salesforce Data Goals
Tips to Align with Your Salesforce Data GoalsTips to Align with Your Salesforce Data Goals
Tips to Align with Your Salesforce Data Goals
 
Cousera Cap Course Datasets containing datasets from a Fictional Fitness Trac...
Cousera Cap Course Datasets containing datasets from a Fictional Fitness Trac...Cousera Cap Course Datasets containing datasets from a Fictional Fitness Trac...
Cousera Cap Course Datasets containing datasets from a Fictional Fitness Trac...
 
Introduction to data science.pdf-Definition,types and application of Data Sci...
Introduction to data science.pdf-Definition,types and application of Data Sci...Introduction to data science.pdf-Definition,types and application of Data Sci...
Introduction to data science.pdf-Definition,types and application of Data Sci...
 
Electricity Year 2023_updated_22022024.pptx
Electricity Year 2023_updated_22022024.pptxElectricity Year 2023_updated_22022024.pptx
Electricity Year 2023_updated_22022024.pptx
 
Artificial Intelligence for Vision: A walkthrough of recent breakthroughs
Artificial Intelligence for Vision:  A walkthrough of recent breakthroughsArtificial Intelligence for Vision:  A walkthrough of recent breakthroughs
Artificial Intelligence for Vision: A walkthrough of recent breakthroughs
 
introduction-to-crimean-congo-haemorrhagic-fever.pdf
introduction-to-crimean-congo-haemorrhagic-fever.pdfintroduction-to-crimean-congo-haemorrhagic-fever.pdf
introduction-to-crimean-congo-haemorrhagic-fever.pdf
 
Basics of Creating Graphs / Charts using Microsoft Excel
Basics of Creating Graphs / Charts using Microsoft ExcelBasics of Creating Graphs / Charts using Microsoft Excel
Basics of Creating Graphs / Charts using Microsoft Excel
 

How Cybercriminals Cheat Email Authentication

  • 2. Webinar: How Cybercriminals Cheat Email Authentication September 29, 2015 #BeyondDMARC
  • 3. Welcome! • Follow us on Twitter @StopEmailFraud. • Use our hashtag #BeyondDMARC. • Please type in your questions using the chat box. • Yes! We’ll send you a recording.
  • 4. Welcome! Matthew Moorehead Strategic Project Manager Email Fraud Protection Return Path @mattmooreheadRP Liz Dennison Content Marketing Manager Email Fraud Protection Return Path @LizKONeill Ash Valeski Senior Product Manager Email Fraud Protection Return Path
  • 5. Agenda • The Email Fraud Problem. • Email Authentication Best Practices. • Real-time Insights into All Email Attacks. • Tactics Fraudsters Use to Cheat Email Authentication. • Unite Against Email Fraud. • Q&A.
  • 7. Email Fraud Is on the Rise 5 out of 6 big companies are targeted with phishing attacks Phishing costs brands worldwide $4.5 billion each year RSA identifies a phishing attack every minute Email fraud has up to a 45% conversion rate Source: EMC, Google
  • 8. Hard Cost Impact Fraud Losses Malware Infection Investigation Remediation
  • 9. Revenue Impact • Reduced trust in brand: • Customers and subscribers don’t know what to trust • Reduced effectiveness of email: • Consumer mailbox providers don’t know what to trust Customers are 42% less likely to interact with a brand after being phished or spoofed.
  • 10. to: You <you@yourdomain.com> from: Phishing Company <phishingcompany@spoof.com> subject: Unauthorized login attempt Dear Customer, We have recieved noticed that you have recently attempted to login to your account from an unauthorized device. As a saftey measure, please visit the link below to update your login details now: http://www.phishingemail.com/updatedetails.asp Once you have updated your details your account will be secure from further unauthorized login attempts. Thanks, The Phishing Team 1 attachment Making an email look legitimate by spoofing the company name in the “Display Name” field. Tricking email servers into delivering the email to the inbox by spoofing the “envelope from” address hidden in the technical header of the email. Including logos, company terms, and urgent language in the body of the email. Making an email appear to come from a brand by using a legitimate company domain, or a domain that looks like it in the “from” field. Creating convincing subject lines to drive recipients to open the message. Including links to malicious websites that prompt users to give up credentials Including attachments containing malicious content. Anatomy Of A Phishing Email
  • 12. Email Authentication Keeps Bad Email Out Authenticating email helps ensure your legitimate messages reach your customers, and malicious messages don’t. There are three key authentication protocols to know: 1. SPF (Sender Policy Framework) 2. DKIM (DomainKeys Identified Mail) 3. DMARC (Domain-based Message Authentication Reporting & Conformance)
  • 13. How DMARC Works Email received by mailbox provider Has DMARC been implemented for “header from” domain? Does email fail DMARC authentication? Mailbox provider runs filters QUARANTINE NONE REJECT Apply domain owners policy YESYES NO NO Deliver Report to Sender Control & Visibility
  • 14. Phishing Emails DMARC Would Block
  • 15. But Email Authentication Isn’t Enough 30% spoof your domain •Active Emailing Domains •Non-Sending Domains •Defensively-registered Domains 70% spoof your brand in other ways • Cousin Domains • Display Name Spoofing • Subject Line Spoofing • Email Account Spoofing Source: Return Path / APWG White Paper, 2014
  • 17. The Return Path Data Cloud Contactually Molto ParibusGetAirHelp Message Finder UnsubscriberOrganizer
  • 18. EMAIL THREAT DATA · Consumer inbox data · Email delivery data · Authentication results · Message level data · SPAM trap & complaints data EMAIL THREAT INTELLIGENCE · Domain-spoofing alerts · Brand-spoofing intelligence · Suspicious activity map · Fraudcaster URL feed · Sender Score: IP reputation
  • 21. Tactics Fraudsters Use to Cheat Email Authentication
  • 22. Tapping Into the Return Path Data Cloud • 40 day period (July and August 2015). • Analyzed over 240 billion emails from more than 100 data feeds. • Identified over 760,000 email threats targeting 40 top brands.
  • 23. Tactic 1: Snowshoeing • No discernible pattern to suggest that the biggest phishing attacks are launched on distributed IP addresses. • But 22 of the 76 medium-sized attacks were sent from distributed IPs. • Assessing IP reputations should continue to provide value.
  • 24. Tactic 2: Subject Line Spoofing The minority of serialized subject lines we did find fell under four interesting themes: 1. Social media scams 2. Account security 3. Calls to action with reference number 4. HR Scams
  • 25. Tactic 2: Subject Line Spoofing • Urgency is a key theme in subject line spoofing. • Fraudsters prefer a template-based approach.
  • 26. Tactic 3: Display Name Spoofing • In the majority of email threats, fraudsters spoof elements of the Header From field. • Nearly half of all email threats spoofed the brand in the Display Name.
  • 27. Unite Against Email Fraud Tips for defending your customers, your brand, and your bottom line.
  • 28. #1: Authenticate Your Email DMARC (Domain-based Message Authentication Reporting & Conformance): • DMARC prevents domain-based spoofing by blocking fraudulent activity appearing to come from domains under your control. • DMARC provides an email threat reporting mechanism (aggregate and forensic data). • Use our DMARC Check Tool to query your domain's record and validate that it is up to date with your current policy: bit.ly/DMARCcheck.
  • 29. “Simply put, the DMARC standard works. In a blended approach to fight email fraud, DMARC represents the cornerstone of technical controls that commercial senders can implement today to rebuild trust and retake the email channel for legitimate brands and consumers.” Edward Tucker, Head of Cyber Security for Her Majesty’s Revenue & Customs
  • 30. #2: Get Visibility Into Email Threats Email Threat Intelligence is the only way to: • Address the 70% of email attacks that spoof your brand using domains your company does not own (brand spoofing). • Get visibility into all types of email threats targeting your brand today.
  • 31. Defend Your Customers, Brand, and Bottom Line Detect & block fraudulent emails spoofing your brand before they hit consumer inboxes Bolster malicious URL takedown efforts with real-time email threat detection Reduce spend on fraud reimbursements, phishing remediation, and customer service costs
  • 32. “If you boil the jobs down of [IT security professionals], they are ultimately tasked with protecting the brand… If you have a breach, research suggests that 60% of your customers will think about moving and 30% actually do.” Bryan Littlefair, Global Chief Information Security Officer, Aviva
  • 33. THANK YOU! Want more? Download “The Email Threat Intelligence Report”. bit.ly/EmailThreatIntel

Editor's Notes

  1. [Liz]
  2. [liz]
  3. [liz]
  4. [liz]
  5. [matt]
  6. [Matt] Email Fraud is on the rise and it’s costing companies millions. Additional stats: More than 400 brands are phished each month (Anti-Phishing Working Group) Every day, beyond your control, cybercriminals send emails that spoof your brand, targeting your customers, partners, and suppliers with malicious content. As a result, customers lose trust in your brand, and your company loses business.
  7. [Matt] First there is a hard cost impact. Fraud losses Malware infection (secondary damages/losses) Investigation Remediation
  8. [Matt] Second there is a revenue impact. Email fraud has a dramatic impact on the trust your customers have in your brand. It also reduce the effectiveness of email that is legitimate. A great data point from Cloudmark here: customers are 42% less likely to interact with a brand after being phished or spoofed. While consumer fraud losses, increases in cyber insurance premiums, investigation and remediation costs are key drivers in justifying the investment in a solution, the more significant damage is the erosion of trust in your brand and potential loss in customer loyalty. After falling victim to email fraud, the trust your consumers have in your brand will be negatively impacted and this will ultimately affect their buying decisions. Phishers can erase years of goodwill in a second by exploiting that trust, but only if you let them. As a result, customers lose trust in your brand, and your company loses business.
  9. [Matt] So why is email the chosen threat vector? Because it is so easy to abuse as a channel. Think about this: 97% of people globally cannot correctly identify a sophisticated phishing email. And here is why. Lets look at the all the different aspects of an email that fraudsters leverage to target victims.
  10. [Ash]
  11. [Ash] - go through these at a high level. It is best practice to authenticate all legitimate email streams so your organisation can address direct domain spoofing attacks with DMARC. SPF allows the owner of a domain to specify which mail servers they use to send messages from that domain. Prevents fraudsters from spoofing the sending domain contained within the “envelope from” (aka mfrom or return path) address. An SPF-protected domain is less attractive to phishers, and is therefore less likely to be blacklisted by spam filters. DKIM allows an organization to take responsibility for transmitting a message in a way that can be verified by mailbox provider. Can ensure that the message has not been modified or tampered with in transit. Can help inform how mailbox providers limit spam and spoofing. Not a universally reliable way of authenticating the identity of a sender. DMARC ensures that legitimate email is properly authenticating, and that fraudulent activity appearing to come from domains under the organization’s control is blocked. Makes the “header from” address (what users see in their email clients) trustworthy. Helps protect customers and the brand. Discourages cybercriminals are less likely to go after a brand with a DMARC record.
  12. [ash]
  13. [Ash] Talk through why this phishing email is protected by DMARC. Then, pass it to Ash with something like, “But, while critical, DMARC doesn’t combat against all phishing attacks. I’ll pass it to Ash to reveal why.”
  14. [ash] We ran some primary research in sept 2014, looking at 18 billion suspicious emails, targeting 11 banks in the UK and the US. And what did we discover? 30% of the attacks came from an email address from a domain that was owned by the bank that leaves 70% that were spoofed in some other ways like display name spoofing. This is REALLY relevant to our solution because we seek to address both: the 30% and the 70%. We analysed 40 of the top global brands for a period of 2 months (july/August 2015) and looked at fraudulent emails coming from the 70% we covered here. These are some of the tactics we were able to uncover thanks to email threat data: 1. Snowshoeing is still rife and monitoring IP reputations needs to be part of a multi-faceted email fraud protection strategy 2. Fraudsters do not go to the trouble of rotating elements of their subject lines, preferring a more template-based approach. Access to message-level data from email threat intelligence sources should help you prioritize your efforts around attack mitigation. 3. The most frequently spoofed Header From field is the Display Name, for which there is currently no authentication mechanism. Visibility into Display Name spoofing is critical in identifying and responding to phishing attacks leveraging your brand.
  15. [ash]
  16. With such a complex threat landscape, you need breadth, depth and speed when it comes to email threat intelligence, and this is what we mean by it: data from mailbox providers, data from security vendors, and data from consumer inboxes to give you a complete pictures of all the threats spoofing your domains (under your control) and your brand (outside your control).
  17. Powered by the Return Path Data Cloud, our proprietary email threat intelligence empowers you to identify threats beyond DMARC — so you can respond to the 70% of email attacks spoofing your brand from domains that you do not control. We use over 100 data feeds from more than 70 providers to detect, classify and analyze data relating to over 6 billion emails every day. Respond to the 70% of email attacks spoofing your brand from domains that you do not own. DMARC is a great first step, but it’s not a complete solution, protecting your brand from only 30% of email threats. Powered by the Return Path Data Cloud, our proprietary email threat intelligence empowers you to identify threats beyond DMARC. We use over 100 data feeds from more than 70 mailbox and security providers to detect, classify and analyze data relating to over 5.5 billion emails every day. With Email Threat Intelligence, you can: Get insight into email threats, coming from domains that your company does not own (e.g. cousin domains, display name spoofing, subject line spoofing). View redacted message-level samples of fraudulent emails targeting your brand. Identify phishing URLs embedded in fraudulent emails and inform your takedown vendor(s). Integrate intelligence into your existing systems through a RESTful API. Manage all Email Governance and Email Threat Intelligence alerts from a single portal.
  18. [ash] Here is an example of the data we get through
  19. [ash]
  20. [matt]
  21. [matt] For this project, we leveraged the Return Path Data Cloud—our proprietary network of over 70 mailbox and security providers representing 2.5 billion email accounts and in-depth behavioral insights from more than 2 million individual consumer inboxes.
  22. [matt] DEFINE SNOWSHOEING FIRST: - Just as a snowshoe spreads the load of a person’s weight across a wide area of snow, snowshoe spamming distributes spam from various IP addresses in order to dilute reputation metrics, evade filters, and avoid getting blacklisted. Traditional spam filters struggle with snowshoeing because they may not see enough volume from a single IP to trigger the filter. Therefore, we suspect fraudsters use this technique in large-scale phishing attacks to stay under the radar. Volume of sample fraudulent emails seen Attack size HUGE: >7,500 LARGE: >2,500 MEDIUM: >500
  23. [matt]
  24. [matt]
  25. [matt] In the majority (62.69%) of email threats, fraudsters spoof elements of the Header From field, the most popular being the Display Name field (for which there is currently no authentication).
  26. It’s time to unite against email fraud… And here are some of the leading brands out there at the forefront of this initiative (next slide)
  27. [Matt m]
  28. So how can Return Path help you? Defend Your Customers Detect and block all fraudulent emails spoofing your domains and brand before they hit consumer inboxes Prevent loss of sensitive customer data by eliminating malicious emails Defend Your Brand Bolster malicious URL takedown efforts with real-time email threat detection Preserve your organization’s reputation without impacting deliverability of legitimate emails Defend Your Bottom Line Reduce spend on fraud reimbursements, phishing remediation and customer service costs Build trust in the email channel and and secure marketing-generated revenue
  29. Here is a great quote from Aviva’s CISO Bryan Littlefair on why it is the CISO’s responsibility to protect the brand, in collaboration with Marketing.