For the last four decades, email recipients have had to make a leap of faith every time they check their inbox. This is because the creators of the Internet didn’t include a way to verify the sender’s identity.
At the time, there was no indication that 84% of all emails would be fake — malware, phishing attacks, or spam. They didn’t include provisions for sender authentication, which, in retrospect, is a significant flaw in the overall security of email.
It leaves recipients to wonder, “Is this message really from who it appears to come from? Or is it fake?”
This is email’s “original sin.” It means that it’s easy for an impostor to imitate another person, company, or government agency by manipulating the From: and Reply-to: fields in an email header. Learn how to stop these spoofed and fake emails.
How to stop fake emails
Email authentication is the modern fix to this legacy flaw.
Using email authentication, a domain owner can enable only those third-party senders that it explicitly authorizes to use their domain. Once email authentication is set to enforcement, everyone else who attempts to send email using that domain name gets blocked or quarantined — automatically.
In other words, anyone receiving email from an authenticated domain can be sure that it really comes from that domain or from a service authorized by the domain owner.
How does email authentication stop fake email?
Email authentication is based on the application of several widely accepted standards. The cornerstone standard, Domain-based Message Authentication, Reporting, and Conformance (DMARC), incorporates and builds on two predecessors, Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM).
When fully enforced, DMARC ensures that only authorized senders can transmit messages on the domain owner’s behalf. This eliminates same-domain phishing attacks, which account for two-thirds of all fake email.
In addition, two newer standards also play a role:
- Authenticated Relay Chain (ARC) ensures that authentication survives forwarding by email lists and forwarders.
- Brand Indicators for Message Identification (BIMI) offers domain owners a way to signal authentication by designating logo images—a digital watermark—that appears only alongside authenticated messages.
Does email authentication stop spam?
Yes and no.
Email authentication is designed to specifically stop spoofed email, which is when someone else uses your domain for malicious reasons. Someone could send spam pretending to be you from a completely different email address. But if you have strong email authentication set up, they can’t use your exact email address to send these fake emails.
There are protocols to help prevent spam, but email authentication wasn’t originally built with the purpose of stopping spam. It was designed to protect domains from spoofers who could impersonate a domain they don’t own.
However, a large portion of spam comes from spoofed emails, which email authentication can help reduce. These are arguably some of the most damaging types of spam as well because the spoofed sender has intentions of tricking the recipient.
Stop fake emails with Valimail
Ready to stop fake emails and impersonators for good? Partner with Valimail.
We help fortify your defenses against email-based threats, protect your brand, and help you maintain the trust of all your clients and partners.
How?
Through DMARC.
Valimail simplifies the implementation of DMARC by offering an automated, real-time monitoring solution that effectively blocks fake emails, safeguarding your organization’s communication channels.
See for yourself. Schedule a demo with our DMARC experts to learn how DMARC enforcement can stop fake emails and protect your digital identity.
