DMARC_ICICIBank_web.pptx

•Download as PPTX, PDF•

0 likes•1 view

This document discusses DMARC (Domain-based Message Authentication, Reporting and Conformance), which is a technical standard that reduces email spoofing and phishing. It presents the benefits of DMARC for increasing customer protection against email frauds and the bank's insight into evolving email threats. The document outlines ICICI Bank's approach to DMARC implementation, including identifying customer domains, moving domains to DMARC monitoring and quarantine/block modes, and integrating DMARC data with anti-phishing and fraud management systems. Examples are provided of pre- and post-DMARC phishing emails. The presentation concludes with key learnings around ensuring appropriate collaboration between implementation and business teams when rolling out DMARC.

DMARC@ICICI Bank
ReBIT - Operational Excellence Webinar Series
(DMARC)
Bhavin B. Bhansali (bhavin.bhansali@icicibank.com)
DGM, Information Security Group, ICICI Bank Ltd.
May 11, 2017

2
Phishing
Business
email
compromise
Data
breach Scams
Ransomwar
e
Common email frauds

…and email spoofing makes it more legit
3
E-mail spoofing is the forgery of an e-mail so that the message
appears to have originated from someone other than the actual
source

DMARC in action
4
DMARC - Domain based Message
Authentication, Reporting & Conformance

5
Email protection
using DMARC
Increase in
• Customer & employee
protection against email
frauds
• Customer trust
• Insight to evolving email
threat landscape
Reduction in
• Senior mgmt. escalation
• Bank’s liability for phishing
emails
• Customer service cost
• Phishing fraud/remediation
cost
Benefits of DMARC

Pre- DMARC phishing sample email (1/2)
6
6

Phishing email sample (2/2)
8
8
Source - http://www.incometaxindia.gov.in/

Phishing website
9
9
Source - http://www.incometaxindia.gov.in/

Approach for DMARC implementation
10
Domain
identificatio
n
• Identify all cust.
domains
• Identify the key
domains from
cust. risk
perspective
• Seek
confirmation
from all
business units
on outsourced
email
arrangements
DMARC
implementation
• Move to DMARC
monitoring
mode
• Ensure DMARC
record is
implemented for
all mail servers
sending emails
for the domain
• Move to DMARC
quarantine/bloc
k mode
Integration
with
monitoring
controls
• Integrate
DMARC data
feeds with
anti-phishing
process
• Integrate
DMARC data
feeds with
Fraud
Management
System/SIEM

11
Key learnings - DMARC implementation
Update the email domain
induction process
Ensure appropriate collaboration of
implementation, email & biz teams
Ensure outsourced email service
arrangements are inventorised
Regularly review that no genuine
emails are blocked
Review the evolving modus
operandi of fraudsters
@
“Best things come in small packages”

Thank you
(bhavin.bhansali@icicibank.com)

Email fraud costs companies around the world millions every year, and can destroy brand reputation—customers are 42% less likely to interact with a brand after being phished or spoofed. And it’s getting worse. Phishing attacks are on the rise, up more than 162% between 2010 and 2014. DMARC (Domain-based Message Authentication Reporting & Conformance), a three year old industry authentication standard, is the best weapon companies have to prevent cybercriminals from spoofing their domains. In this infographic, we break down: The phishing problem What DMARC is How DMARC works The impact of DMARC

Using Return Path Data to Protect Your Brand: Security Breakout Session - San...

Return Path

GoDMARC - Block Email Phishing

Tarun Arora

https://godmarc.io Actively Block Phishing Boost Email Deliverability Get Visibility DMARC, which stands for “Domain-based Message Authentication, Reporting & Conformance”, is an email authentication, policy, and reporting protocol. It builds on the widely deployed SPF and DKIM protocols, adding linkage to the author (“From:”) domain name, published policies for recipient handling of authentication failures, and reporting from receivers to senders, to improve and monitor protection of the domain from fraudulent email. At a high level, DMARC is designed to satisfy the following requirements: Minimize false positives. Provide robust authentication reporting. Assert sender policy at receivers. Reduce successful phishing delivery. Work at Internet scale. Minimize complexity. It is important to note that DMARC builds upon both the DomainKeys Identified Mail (DKIM) and Sender Policy Framework (SPF) specifications that are currently being developed within the IETF. DMARC is designed to replace ADSP by adding support for: Wildcarding or subdomain policies, Non-existent subdomains, Slow rollout (e.g. percent experiments) SPF Quarantining mail

Email Security Case Study

Rakuten Group, Inc.

7 top tips to protect your business from BEC [infographic] By Stellarise

Elena Tatarenkova

Email fraud is rife and costs companies like yours millions. Implementing the authentication standard DMARC (Domain-based Authentication Reporting and Conformance) to block bad email before it reaches consumer inboxes is a great first step. But DMARC alone isn’t enough, protecting your brand from only 30% of email-borne attacks. We tapped into the Return Path Data Cloud and analyzed more than 760,000 email threats associated with 40 top global brands over the course of 2 months to understand how fraudsters circumvent email authentication mechanisms like DMARC.

Email: still the favourite route of attack

Claranet UK

IRJET- Email Spam Detection & Automation

IRJET Journal

What is Email Deliverability Service.pptx

Subhash Jain

Email 101

Forfront Ltd

Cloud university intel securityIngram Micro Cloud

Using Return Path Data to Protect Your Brand: Security Breakout Session - Chi...

Return Path

Comprehensive Protection and Visibility into Advanced Email Attacks

Symantec

Phishing: Analysis and Countermeasures

IRJET Journal

A novel hybrid approach of SVM combined with NLP and probabilistic neural ne...

IJECEIAES

Phishing attacks are one of the slanting cyber-attacks that apply socially engineered messages that are imparted to individuals from expert hackers going for tricking clients to uncover their delicate data, the most mainstream correspondence channel to those messages is through clients' emails. Phishing has turned into a generous danger for web clients and a noteworthy reason for money related misfortunes. Therefore, different arrangements have been created to handle this issue. Deceitful emails, also called phishing emails, utilize a scope of impact strategies to convince people to react, for example, promising a fiscal reward or summoning a feeling of criticalness. Regardless of far reaching alerts and intends to instruct clients to distinguish phishing sends, these are as yet a pervasive practice and a worthwhile business. The creators accept that influence, as a style of human correspondence intended to impact others, has a focal job in fruitful advanced tricks. Cyber criminals have ceaselessly propelling their techniques for assault. The current strategies to recognize the presence of such malevolent projects and to keep them from executing are static, dynamic and hybrid analysis. In this work we are proposing a hybrid methodology for phishing detection incorporating feature extraction and classification of the mails using SVM. At last, alongside the chose features, the PNN characterizes the spam mails from the genuine mails with more exactness and accuracy.

Using Return Path Data to Protect Your Brand: Security Breakout Session - London

Return Path

A Survey: SMS Spam Filtering

ijtsrd

Now a days Short Message Service(SMS) is most popular way to communication for mobile user because it is cheapest mode or version for communication than other mode.SMS is used for transmitting short length msg of around 160 character to different devices such as smart phones, cellular phones, PDAs using standardized communication protocols. The amount of Short Message Service (SMS) spam is increasing. SMS spam should be put into the spam folder, not the inbox. The growth of the mobile phone users has led to a dramatic increase in SMS spam messages. To avoid this problem SMS filtering Techniques are used. Our proposed approach filters SMS spam on an independent mobile phone on a large dataset and acceptable processing time. There are different approaches able to automatically detect and remove most of these messages, and the best-known ones are based on Bayesian decision theory and Support Vector Machines. Riya Mehta | Ankita Gandhi"A Survey: SMS Spam Filtering" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-2 | Issue-3 , April 2018, URL: http://www.ijtsrd.com/papers/ijtsrd12850.pdf http://www.ijtsrd.com/computer-science/data-miining/12850/a-survey-sms-spam-filtering/riya-mehta

Marketing Cloud - Partner Office Hour (August 18, 2015)

Salesforce Partners

Email threat detection and mitigation

NimishaRawat

Balancing Cloud-Based Email Benefits With Security

Symantec

As organizations try to take advantage of the business benefits and cost savings afforded by cloud offerings, email software as a service (SaaS) stands as one of the easiest first paths toward cloud adoption. Generally simple to set up and maintain, cloud email often is the first win for organizations that may not yet have the wherewithal for more complex cloud deployments. Unsurprisingly, statistics show that 58% of businesses today have already migrated to cloud email.1 And the enterprise is also quickly catching up. Gartner estimates that between 2014 and 2017, the percent of email seats based on a cloud or SaaS model will triple.2 Many reputable cloud email providers do offer some fundamental security controls bundled into their services. Nevertheless, organizations struggle to find the right balance of ease of use for their employees and cloud cost savings. After all, they must still maintain the same level of security their organization came to expect when email was hosted on internal infrastructure in their on-premises environments.

A LITERATURE REVIEW ON PHISHING EMAIL DETECTION USING DATA MINING

Heather Strinden

Why You Must Look at at Least 3: A Solutions ShowdownVivastream

Symantec Brightmail Gateway 9

Symantec

Best practices-guide-for-exchange-server-database-corruption-problems

Bharat Bhushan

Microsoft Exchange Server Database Corruption Problems & Solution: Comprehensive Guide Since Microsoft Exchange is a critical asset for any organization, many challenges come up when Exchange server goes down. Due to database corruption, Exchange Server is unable to mount which causes email downtime, loss of productivity, business opportunity loss, and financial loss etc. Solutions for Exchange Database Corruption Exchange Server recovery by using built-In utilities: Eseutil And Isinteg Exchange Server recovery with the help of Stellar Repair For Exchange

Free Complete Python - A step towards Data Science

RinaMondal9

Securing your Kubernetes cluster_ a step-by-step guide to success !

KatiaHIMEUR1

Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster. However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks. In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.

Similar to DMARC_ICICIBank_web.pptx

Email Security Case Study in Rakuten at Rakuten Technology Conference 2019

顕志北浦

How Cybercriminals Cheat Email Authentication

Return Path

Email: still the favourite route of attack

Claranet UK

IRJET- Email Spam Detection & Automation

IRJET Journal

What is Email Deliverability Service.pptx

Subhash Jain

Email 101

Forfront Ltd

Cloud university intel securityIngram Micro Cloud

Using Return Path Data to Protect Your Brand: Security Breakout Session - Chi...

Return Path

Comprehensive Protection and Visibility into Advanced Email Attacks

Symantec

Phishing: Analysis and Countermeasures

IRJET Journal

A novel hybrid approach of SVM combined with NLP and probabilistic neural ne...

IJECEIAES

Using Return Path Data to Protect Your Brand: Security Breakout Session - London

Return Path

A Survey: SMS Spam Filtering

ijtsrd

Marketing Cloud - Partner Office Hour (August 18, 2015)

Salesforce Partners

Email threat detection and mitigation

NimishaRawat

Balancing Cloud-Based Email Benefits With Security

Symantec

A LITERATURE REVIEW ON PHISHING EMAIL DETECTION USING DATA MINING

Heather Strinden

Why You Must Look at at Least 3: A Solutions ShowdownVivastream

Symantec Brightmail Gateway 9

Symantec

Best practices-guide-for-exchange-server-database-corruption-problems

Bharat Bhushan

Similar to DMARC_ICICIBank_web.pptx (20)

Email Security Case Study in Rakuten at Rakuten Technology Conference 2019

How Cybercriminals Cheat Email Authentication

Email: still the favourite route of attack

IRJET- Email Spam Detection & Automation

What is Email Deliverability Service.pptx

Email 101

Cloud university intel security

Using Return Path Data to Protect Your Brand: Security Breakout Session - Chi...

Comprehensive Protection and Visibility into Advanced Email Attacks

Phishing: Analysis and Countermeasures

A novel hybrid approach of SVM combined with NLP and probabilistic neural ne...

Using Return Path Data to Protect Your Brand: Security Breakout Session - London

A Survey: SMS Spam Filtering

Marketing Cloud - Partner Office Hour (August 18, 2015)

Email threat detection and mitigation

Balancing Cloud-Based Email Benefits With Security

A LITERATURE REVIEW ON PHISHING EMAIL DETECTION USING DATA MINING

Why You Must Look at at Least 3: A Solutions Showdown

Symantec Brightmail Gateway 9

Best practices-guide-for-exchange-server-database-corruption-problems

Recently uploaded

Free Complete Python - A step towards Data Science

RinaMondal9

Securing your Kubernetes cluster_ a step-by-step guide to success !

KatiaHIMEUR1

A tale of scale & speed: How the US Navy is enabling software delivery from l...

sonjaschweigert1

Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved: - Reduction in onboarding time from 5 weeks to 1 day - Improved developer experience and productivity through actionable findings and reduction of false positives - Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO) Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production. We will cover: - How to remove silos in DevSecOps - How to build efficient development pipeline roles and component templates - How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence) - How to streamline operations with automated policy checks on container images

DevOps and Testing slides at DASA Connect

Kari Kakkonen

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

FIDO Alliance

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Prayukth K V

The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development. The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers: State of global ICS asset and network exposure Sectoral targets and attacks as well as the cost of ransom Global APT activity, AI usage, actor and tactic profiles, and implications Rise in volumes of AI-powered cyberattacks Major cyber events in 2024 Malware and malicious payload trends Cyberattack types and targets Vulnerability exploit attempts on CVEs Attacks on counties – USA Expansion of bot farms – how, where, and why In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East Why are attacks on smart factories rising? Cyber risk predictions Axis of attacks – Europe Systemic attacks in the Middle East Download the full report from here: https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/

Quantum Computing: Current Landscape and the Future Role of APIs

Vlad Stirbu

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Aggregage

GraphRAG is All You need? LLM & Knowledge Graph

Guy Korland

Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs. 1. Unifying Large Language Models and Knowledge Graphs: A Roadmap. https://arxiv.org/abs/2306.08302 2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs: https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/

Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™

UiPathCommunity

In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni. 📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath: Autopilot per Studio Web Autopilot per Studio Autopilot per Apps Clipboard AI GenAI applicata alla Document Understanding 👨‍🏫👨‍💻 Speakers: Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath Andrei Tasca, RPA Solutions Team Lead @NTT Data

PHP Frameworks: I want to break free (IPC Berlin 2024)

Ralf Eggert

In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development. This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.

The Art of the Pitch: WordPress Relationships and Sales

Laura Byrne

Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes? All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance

Monitoring Java Application Security with JDK Tools and JFR Events

Ana-Maria Mihalceanu

Elizabeth Buie - Older adults: Are we really designing for our future selves?

Nexer Digital

Climate Impact of Software Testing at Nordic Testing Days

Kari Kakkonen

My slides at Nordic Testing Days 6.6.2024 Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

91mobiles

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx

nkrafacyberclub

Recently uploaded (20)

Free Complete Python - A step towards Data Science

Securing your Kubernetes cluster_ a step-by-step guide to success !

A tale of scale & speed: How the US Navy is enabling software delivery from l...

DevOps and Testing slides at DASA Connect

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

Epistemic Interaction - tuning interfaces to provide information for AI support

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Quantum Computing: Current Landscape and the Future Role of APIs

Generative AI Deep Dive: Advancing from Proof of Concept to Production

GraphRAG is All You need? LLM & Knowledge Graph

Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™

PHP Frameworks: I want to break free (IPC Berlin 2024)

The Art of the Pitch: WordPress Relationships and Sales

FIDO Alliance Osaka Seminar: Overview.pdf

Monitoring Java Application Security with JDK Tools and JFR Events

Elizabeth Buie - Older adults: Are we really designing for our future selves?

Climate Impact of Software Testing at Nordic Testing Days

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx

DMARC_ICICIBank_web.pptx

1. DMARC@ICICI Bank ReBIT - Operational Excellence Webinar Series (DMARC) Bhavin B. Bhansali (bhavin.bhansali@icicibank.com) DGM, Information Security Group, ICICI Bank Ltd. May 11, 2017

2. 2 Phishing Business email compromise Data breach Scams Ransomwar e Common email frauds

3. …and email spoofing makes it more legit 3 E-mail spoofing is the forgery of an e-mail so that the message appears to have originated from someone other than the actual source

4. DMARC in action 4 DMARC - Domain based Message Authentication, Reporting & Conformance

5. 5 Email protection using DMARC Increase in • Customer & employee protection against email frauds • Customer trust • Insight to evolving email threat landscape Reduction in • Senior mgmt. escalation • Bank’s liability for phishing emails • Customer service cost • Phishing fraud/remediation cost Benefits of DMARC

6. Pre- DMARC phishing sample email (1/2) 6 6

7. Phishing website 7

8. Phishing email sample (2/2) 8 8 Source - http://www.incometaxindia.gov.in/

9. Phishing website 9 9 Source - http://www.incometaxindia.gov.in/

10. Approach for DMARC implementation 10 Domain identificatio n • Identify all cust. domains • Identify the key domains from cust. risk perspective • Seek confirmation from all business units on outsourced email arrangements DMARC implementation • Move to DMARC monitoring mode • Ensure DMARC record is implemented for all mail servers sending emails for the domain • Move to DMARC quarantine/bloc k mode Integration with monitoring controls • Integrate DMARC data feeds with anti-phishing process • Integrate DMARC data feeds with Fraud Management System/SIEM

11. 11 Key learnings - DMARC implementation Update the email domain induction process Ensure appropriate collaboration of implementation, email & biz teams Ensure outsourced email service arrangements are inventorised Regularly review that no genuine emails are blocked Review the evolving modus operandi of fraudsters @ “Best things come in small packages”

12. Post-DMARC phishing email 12

13. Thank you (bhavin.bhansali@icicibank.com)

DMARC_ICICIBank_web.pptx

Recommended

Recommended

More Related Content

Similar to DMARC_ICICIBank_web.pptx

Similar to DMARC_ICICIBank_web.pptx (20)

Recently uploaded

Recently uploaded (20)

DMARC_ICICIBank_web.pptx

Editor's Notes