Learn what tactics cyber-criminals are using today to spoof your brand and defraud your customers – and how you can put a stop to these attacks.

1. Using Return Path Data to Protect Your Brand
Security Breakout Session
Brian Westnedge, Sr. Director of Client Services

2. Agenda
• Email fraud trends and impact
• The power of data: email threat intelligence
• The Return Path Data Cloud
• Tactics used by cybercriminals today
• Unite against email fraud: tips for defending your customers, brand, and
bottom line
• Questions

3. Email Fraud Trends
& Impact

4. Email Delivers Business Value…
Increases
Customer Loyalty
Boosts
Revenue
Reduces
Operating Costs

5. …But Its Impact Is Being Eroded
5 out of 6 big
companies
are targeted with
phishing attacks
Phishing costs brands
worldwide $4.5 billion
each year
RSA identifies
a phishing attack
every minute
Email fraud has
up to a 45%
conversion rate
Source: http://www.emc.com/emc-plus/rsa-thought-leadership/online-fraud/index.htm
$4.5 B 1 MIN 5/6 45%

6. Phishing Leads To – Revenue Losses
• Reduced trust in brand:
• Subscribers don’t know what to trust
• Reduced effectiveness of email
• ISPs don’t know what to trust
Customers are 42% less likely to
interact with a brand after being
phished or spoofed.

7. Phishing Leads To – Unwanted Media Attention

8. “If you boil the jobs down of IT security
professionals, they are ultimately tasked with
protecting the brand… If you have a breach,
research suggests that 60% of your customers will
think about moving and 30% actually do.”
Bryan Littlefair
Global Chief Information Security Officer
Aviva

9. Phishing Leads To – Remediation Costs
Fraud Losses Malware Infection Investigation Remediation

10. Can You Spot a
Spoof?

11. Anatomy Of A
Phishing Email
to: You <you@yourdomain.com>
from: Phishing Company <phishingcompany@spoof.com>
subject: Unauthorized login attempt
Dear Customer,
We have recieved noticed that you have recently
attempted to login to your account from an unauthorized
device.
As a saftey measure, please visit the link below to
update your login details now:
http://www.phishingemail.com/updatedetails.asp
Once you have updated your details your account will be
secure from further unauthorized login attempts.
Thanks,
The Phishing Team
1 attachment
Making an email
look legitimate by
spoofing the
company name in
the “Display Name”
field.
Tricking email
servers into
delivering the email
to the inbox by
spoofing the
“envelope from”
address hidden in
the technical header
of the email.
Including logos,
company terms,
and urgent
language in the body
of the email.
Making an email
appear to come from
a brand by using a
legitimate company
domain, or a domain
that looks like it in
the “from” field.
Creating convincing
subject lines to drive
recipients to open
the message.
Including links to
malicious websites
that prompt users to
give up
credentials
Including
attachments
containing malicious
content.

12. From: service@paypal.com <paypal@service.com>
From: PayPal <paypal@e.paypal.co.uk>

13. The Power of the
Right Data

14. Knowledge Is Your Best Defense
• We know there is no silver bullet.
• But defense starts with understanding.
• Data is the key to that understanding.

15. Breadth, Depth, and Speed
Contactually Molto ParibusGetAirHelp
Message Finder UnsubscriberOrganizer

16. EMAIL THREAT
DATA
· Consumer inbox data
· Email delivery data
· Authentication results
· Message level data
· SPAM trap & complaints data
EMAIL THREAT
INTELLIGENCE
· Domain-spoofing alerts
· Brand-spoofing intelligence
· Suspicious activity map
· Fraudcaster URL feed
· Sender Score: IP reputation

17. Email Fraud: Primary Attack Vectors
Domain Spoofing
(from domains owned by the brand)
Brand Spoofing
(from domains outside the brand’s control)
phish@company.com company@phish.com

18. 30% of Attacks Spoof Domains You Own
30% Domain
Spoofing
• Active Emailing Domains
• Non-Sending Domains
• Defensively-Registered
Domains
70% Brand
Spoofing
• Cousin Domains
• Display Name Spoofing
• Subject Line Spoofing
• Email Account Spoofing
Source: Return Path / APWG White Paper, 2014

19. Unite Against
Email Fraud
Tips for defending your customers, your brand, and
your bottom line.

20. Leading Companies Fighting Email Fraud

21. DMARC (Domain-based Message Authentication Reporting &
Conformance):
• Technical specification created to help reduce the potential for email-
based abuse (www.dmarc.org)
• Prevents domain-based spoofing by blocking fraudulent activity
appearing to come from domains under your control
• Provides threat reporting mechanism (aggregate and forensic data)
#1: Authenticate Your Email

22. “Simply put, the DMARC standard works.
In a blended approach to fight email fraud, DMARC
represents the cornerstone of technical controls
that commercial senders can implement today to
rebuild trust and retake the email channel for
legitimate brands and consumers.”
Edward Tucker
Head of Cyber Security
Her Majesty’s Revenue & Customs

23. • Addressing the 70% of email attacks that spoof your brand using
domains your company does not own requires email threat
intelligence.
• Get visibility into all types of email threats targeting you today.
#2: Leverage Email Threat Intelligence

24. • The reality is, some attacks are always going to get through.
• The more prepared your customers are, the better.
• Create an educational website
• Include anti-fraud language within your legitimate email
• In the event of an attack, warn your customers immediately
#3: Educate Your Customers

25. • Engage with Brand Protection teams to make the business case.
• Create a sense of urgency.
• Communicate the risks that result from not taking action:
• Email fraud destroys brand reputation and erodes customer loyalty
• Email fraud thwarts email marketing effectiveness
• Email fraud negatively impacts revenue
#4: Raise Awareness with Top Executives

26. Learn More
www.returnpath.com/StopEmailFraud
Twitter: @StopEmailFraud
New: Download the Email Threat
Intelligence report at
bit.ly/EmailThreatIntel