Media inquiries: Contact Dylan Tweney, Head of Communications,

11/24/2017 - MarTech Series

Is Your Company Domain Vulnerable To Email Impersonation?

Yolande D'Mello summarizes the findings of our 2017 Email Fraud Landscape and follows it with an extensive interview with ValiMail co-founder and CEO Alexander García-Tobar.

11/21/2017 - Credit Union Times

Email a Pervasive Threat With 20% Fraudulent

CU Times's Roy Urrico reports on ValiMail's annual Email Fraud Landscape, noting "The research also indicated large financial services companies with revenues of at least $1 billion scored well in comparison to other sectors."

11/21/2017 - SANS Newsbites

DMARC Adoption is Low Among Large, High-Revenue Organizations

SANS editors note ValiMail's 2017 Email Fraud Landscape research, and adding discussion of the significance of DMARC in light of the recent DHS directive mandating DMARC usage for government agencies, and pointing to resources on the subject.

11/21/2017 - David Strom

Becoming a Better Master of My Email Domain

Freelance tech writer and analyst David Strom reviews his experience using ValiMail to implement DMARC on his domains. This is a detailed account of what it's like to be a customer of ValiMail, from an experience enterprise tech reviewer.

11/21/2017 - Infosecurity Magazine

DMARC Implementation Lags as Email Fraud Surges

Tara Seals reports: ValiMail’s 2017 Email Fraud Landscape Report shows that email fraud is a pervasive threat: One in five messages sent today come from unauthorized senders, many representing fraudulent activity.

11/20/2017 - ValiMail

Study: One In Five Emails Sent Today Are From Unauthorized Senders, Highlighting Rampant Email Impersonation

ValiMail's 2017 Email Fraud Landscape Report shows that most domain owners have not attempted to implement fraud protection through the latest and most complete form of protection, DMARC ("Domain-based Message Authentication, Reporting & Conformance"), a widely used standard that ensures only authorized senders can use an organization's domain name in their emails.

11/20/2017 - MediaPost

Firms Fail To Properly Implement DMARC, Study Says

Ray Schultz writes, for Email Marketing Daily: One in five email messages landing in inboxes come from unauthorized senders, according to a new study by ValiMail. And companies are failing to protect themselves with proper use of Domain-based Message Authentication, Reporting & Conformance (DMARC).

11/20/2017 - NewsFactor

Email Has Been Weaponized by Hackers, Results Can Be Deadly

Nearly all of the top million most popular domains are inadequately protected from "weaponized" email impersonation by hackers, formerly known as spear phishing, according to a new study released today by San Francisco-based email authentication service provider ValiMail. Shirley Sulik reports for the NewsFactor Network.

11/20/2017 - Cyberscoop

Report: DMARC email security can be too hard for some large companies

Adoption of the email security standard known as DMARC — the best way to stop fraudulent email like phishing messages — remains low, even among large banks and other major corporations, according to new figures from ValiMail, as Shaun Waterman reports in this feature story on our latest research.

10/31/2017 - KQED

The Crippling Ransomware Attack on KQED: The Inside Story

ValiMail CEO Alexander García-Tobar is quoted in this story about a ransomware attack that took the KQED newsroom offline. Months later, the news organization is still struggling.

11/13/2017 - Forbes

It's Time To Get Ready For Strict New EU Privacy Regulations

ValiMail CEO Alexander García-Tobar offers five tips for companies struggling to prepare for GDPR in this op-ed for Forbes.

10/30/2017 - American Express OPEN Forum

7 Ways to Help Prevent E-Commerce Fraud During the Holiday

Advice for small business owners #4 -- Take advantage of email authentication. "The most destructive [type of fraud] and hardest to detect is a message coming from a fake email address," says ValiMail CEO Alexander García-Tobar. "The only way to avoid this is to use email authentication with DMARC."

10/26/2017 - TechCrunch

It’s time for the internet to block fake emails

Shasta's Jason Pressman asks, in this guest post: "Today, when most companies have switched their websites to HTTPS by default, locked down their Wi-Fi networks, and insist on access cards to identify and grant access to every employee who wants to come in through the front door, can we really still be relying on non-authenticated emails? Everything else is authenticated. Why aren’t we doing the same with email?"

10/16/2017 - Dark Reading

DHS to Require All Fed Agencies to Use DMARC, HTTPS, and STARTTLS

The U.S. Department of Homeland Security will now require all federal agencies to deploy DMARC within 90 days. Dawn Kawamoto reports on the development, quoting Peter Goldstein, who applauds the move, but adds, "You have to get to enforcement to get real value out of DMARC."

10/10/2017 - ComputerWeekly

More than three-quarters of global email protected by Dmarc

Warwick Ashford reports that about 4.8 billion email accounts are now covered by DMARC, writing: "This means DMARC use has reached a tipping point."

10/10/2017 - CyberScoop

Chinese providers fueling growth of DMARC email security standard

More than three-quarters of the world’s email inboxes are secured against spammers and scammers with DMARC, Shaun Waterman reports.

10/05/2017 - iBoss Blog

Implementing Better Email Authentication Systems

Technology writer David Strom explains the basics of configuring email authentication with SPF, DKIM, and DMARC, and points readers to the configuration services offered by ValiMail.

09/27/2017 - SC Magazine

GDPR: Resistance Is Futile

In this free white paper (registration required), ValiMail co-founder Alexander García-Tobar explains why U.S. companies are slow to work on compliance with strict new privacy regulations from the European Union. 

09/13/2017 - MediaPost

Phishing On The Rise, CEOs Most Likely To Be Spoofed

CEO email addresses are the most likely to be spoofed, according to a Trend Micro report, and CFOs are the most targeted members of an organization. MediaPost's Jess Nelson quotes ValiMail CEO Alexander García-Tobar: “There's no malware to filter and no keywords to block,” he says. "Only email authentication stops these kinds of attacks.”

09/06/2017 - CSO Online

The incredible success – and utter failure – of email

There is a wonderful quality to email that’s easy to overlook in today’s overheated market for mobile, social, AI-powered, virtual reality, big-data apps. Email just works, and it works everywhere. But there's a downside, as ValiMail CEO Alexander García-Tobar explains.

08/31/2017 - MediaPost

OTA Submits CAN-SPAM Recommendations To FTC

The Online Trust Alliance (OTA), a non-profit and Internet Society (ISOC) initiative, submitted recommendations to the Federal Trade Commission on Wednesday to modify the United States’ anti-spam law. ValiMail was one of the companies that contributed to the OTA's suggested modifications.

08/21/2017 - The Huffington Post

Beyond Fake News: How to Spot Fake Email, Websites and Protect Yourself from Malware

The news media isn’t the only industry that is swamped by fakes, explains Alexander García-Tobar, CEO and co-founder of ValiMail, in this op-ed. Companies across a large swath of industries also have to deal with fake websites, emails and products. And even governments have to watch out for fake communications.

08/14/2017 -

This Week in Tech #627: Do You Inkwell?

ValiMail head of communications Dylan Tweney appears in this episode of the popular TWiT podcast, with Leo Laporte. ValiMail's anti-impersonation solution is discussed at 0:04:00, 1:43:30, 1:57:55, and 2:12:10. "I think every company should be using it," Leo says about ValiMail's solution.

07/31/2017 -

How CIOs can avoid the next ransomware attack

Petya and WannaCry are not unique: Analysis of cyberattacks suggest that 91 percent of all cyberattacks start with phish. This keeps happening because, while technical solutions are available to curtail phishing attacks, they are complex and opaque, which means most companies have challenges implementing them fully.

07/21/2017 - CIOReview

CIOReview Unveils 20 Most Promising Enterprise Security Solution Providers

CIOReview's “20 Most Promising Enterprise Security Solution Providers 2017” features the best products and most competent services in the security arena. In the last few months, a distinguished panel, comprising CEOs, CIOs, CISOs, and analysts including the CIOReview editorial board reviewed the top companies and shortlisted the ones that are at the forefront of bringing revolutionary changes to the enterprise security domain.

07/20/2017 - MediaPost

Senator Calls For U.S. Government To Adopt DMARC

Phishers often take advantage of how easy it is to forge the 'From' address in emails, which is exactly what DMARC prevents,” explains Alexander Garcia-Tobar, the CEO of ValiMail, in this story by MediaPost's Jess Nelson. “It’s time for all U.S. commercial and government organizations to do their part and lock down their domains, enforce industry standards like DMARC, and prevent their own brands from being used to attack anyone on the Internet, including employees, customers, partners and innocent bystanders.

07/05/2017 - ValiMail

Messaging Industry Group Names ValiMail CTO Peter Goldstein as Technical Committee Co-Chair

ValiMail CTO and co-founder Peter Goldstein has been appointed as a technical committee co-chair for M3AAWG, the Messaging, Malware and Mobile Anti-Abuse Working Group, an industry organization working against botnets, malware, spam, viruses, denial-of-service attacks and other online exploitation.

07/05/2017 -

What CIOs Need to Know About Authentication

Email is so critical to business communications today that many assume it's a safe and trustworthy medium, but recent cyberattacks prove it's not. What CIOs need to know about authentication and DMARC, a key tool to address this shortcoming.

07/03/2017 - The Drum

Phishing Are Tapping Into Pied Piper and Hooli in New Email Scams

If imitation is the sincerest form of flattery, HBO should perhaps be blushing.That’s because scammers are using domains for the fictional tech companies Pied Piper and Hooli from HBO’s Silicon Valley to try to trick unsuspecting consumers. The Drum details how ValiMail is now protecting these domains, so only messages sent by HBO on behalf of the fictional entities will be delivered.

07/01/2017 - MediaPost

Hackers Attempt Pied Piper And Hooli Phishing Scams

Media Post’s Jess nelson details how ValiMail stopped more than 5,000 phishing scams attempting to leverage and, fictional tech companies on HBO’s Silicon Valley, over the past month.

06/21/2017 - ValiMail

Online Trust Alliance Names ValiMail to the 2017 Online Trust Honor Roll

This is the second year that the OTA has recognized ValiMail's website for adhering to the highest levels of consumer protection, data security, and privacy protection.

06/07/2017 -

After a Cyberattack, Companies Remain Vulnerable. What CIOs Can Do To Protect Their Brands

ValiMail CEO Alexander García-Tobar explains how a recent cyberattack on a well-known tech company reveals that even when the toughest anti-phishing policies are in place, 70% of companies that attempt email authentication leave the final configuration incomplete.

06/01/2017 - Security Magazine

Ransomware Outbreak Underscores the Need for Increasingly Essential Cybersecurity Practices

The ransomware crisis that swept the world last month highlights what we’ve known for years: The global IT infrastructure is incredibly vulnerable. Valimail CEO Alexander García-Tobar explains what security professionals can do.

05/23/2017 -

To Stop Ransomware Attacks, CIOs Must First “Swat the Mosquitoes”

All too often IT departments can miss the the crucial signs of an incoming ransomware attack. What CIOs can do to avoid becoming the victim of the next global malware hack.

05/23/2017 - KQED News

Stopping Ransomware Starts with Your Inbox

One of the country's most-listened-to public radio stations profiles ValiMail as just one of a handful of companies that provide email authentication services to businesses, and examines how email authentication could have stopped the global WannaCry ransomware attack.

05/16/2017 - MediaPost

DocuSign Hacked, Still Threatened

ValiMail CEO Alexander García-Tobar is interviewed about the recent DocuSign data breach resulting in the theft of 100 million customer emails, and how email authentication could have thwarted  the resulting phishing campaign that leveraged the stolen credentials.

05/15/2017 - CSO Online

Ransomware Makes Healthcare WannaCry

ValiMail CEO Alexander García-Tobar is interviewed about the implications of the global WannaCry ransomware attack on health care organizations, explaining that the sector is particularly vulnerable to these attacks because awareness about email authentication is still quite low in the healthcare industry.

04/07/2017 - Future of Everything

What’s The Future of Cybersecurity?

As we become increasingly dependent on technology in our daily lives we open ourselves up to an entirely new kind of threat, cyberattacks. In an effort to ease our fears and gain a better perspective Future of Everything decided to ask a group of cybersecurity experts, "what's the future of cybersecurity?"

03/01/2017 - SC Magazine

Closing email’s 40-year trust gap

ValiMail CEO Alexander García-Tobar offers a brief history of email and it’s inherent weaknesses, and how the recent rise in email authentication adoption is successfully addressing those flaws.

02/23/2017 - CSO Online

Salted Hash: RSAC 2017 Recap

ValiMail's research surrounding the domains of RSA's top sponsors is featured in security journalist Steve Ragan's popular "Salted Hash" column in CSO.

02/23/2017 - LinkedIn

Even Cyber Security Leaders Struggle with Email Safety

In a dispatch from RSA, ValiMail CEO Alexander García-Tobar reveals new data that shows only one of RSA's 62 sponsors had a correctly configured DMARC record that's set to enforcement, and urges the industry to do better on email authentication.

02/21/2017 - IT World

8 Steps to regaining control over shadow IT

ValiMail CEO Alexander García-Tobar provides a step-by-step process for uncovering shadow IT services and bringing them back under control.

02/06/2017 - CIO Dive

7 Cybersecurity Trends for 2017

ValiMail CEO Alexander García-Tobar explains why DMARC and email authentication are among the top trends on CIO radars for cybersecurity in 2017.

02/03/2017 - Security Magazine

For email safety, complement training with authentication

ValiMail CEO Alexander Garcia Tobar shares key tips on how enterprises can improve e-mail safety by complementing employee training with authentication.

01/31/2017 - CSO Online

Security execs voice concern over Trump travel ban

Senior security industry professionals, including ValiMail CEO and co-founder Alexander García-Tobar, weigh in on the implications of the travel ban imposed by President Trump.

01/24/2017 - Dark Reading

The Trouble With DMARC: 4 Serious Stumbling Blocks

Popularity for the Domain-based Message Authentication, Reporting and Conformance email authentication standard is growing. So why are enterprises still struggling to implement it?

01/19/2017 - Huffington Post

An Open Letter to the Trump Administration

Our founder & CEO Alexander García-Tobar wrote an open letter to President Trump with a modest proposal: make email great again.

12/27/2016 - LinkedIn

How the Russians hacked into U.S. institutions using a fake Harvard email

The attack shows how effective it can be for phishers to use the exact domain name of organizations that are unprotected by email authentication, and how simple it is to stop these attacks in the future.

12/16/2016 - MediaPost

Most Enterprises Fail To Correctly Authenticate Emails With DMARC

This article covers the recent ValiMail industry report on DMARC adoption.

12/12/2016 - Mashable

Cybersecurity experts shut down Trump in 140 characters or less

Cybersecurity experts, including ValiMail CEO Alexander Garcia-Tobar, discuss some basic facts on cyber that President-Elect Trump has gotten wrong.

2/01/2016 - Dark Reading

DMARC Continues To Confound Users, Report Says

Almost three-quarters of those who deploy email authentication standard fail to get its full benefits, ValiMail says.

12/01/2016 - CSO Online

Only 6% of businesses use DMARC email authentication

In a study of 1 million corporate domains, only 60,000 had made any attempt at DMARC email authentication, and of those, only a quarter actually had enforcement mechanisms in place, according to a new report from ValiMail.

11/30/2016 - InfoSecurity Buzz

Shadow IT & the Challenge of Controlling the Cloud

“Shadow IT” sounds like something you might see in a thriller starring Matt Damon, but it’s a clear and present danger for IT pros.

11/21/2016 - SiriusXM Radio

ValiMail CEO explains the basics of email authentication

XM Sirius Radio in collaboration with the Wharton Business School Interviews Alexander Garcia-Tobar, the founder and CEO of ValiMail.

11/09/2016 - CircleID

Government Guidance for Email Authentication Has Arrived in USA and UK

US and UK governments issue guidance for adoption of email authentication protocols.

11/03/2016 - WSJ PRO

Funding Snapshot: ValiMail Raises $12M Series A to Secure Communications

Subscription-only article for professional investors covers ValiMail funding event.

11/03/2016 - MediaPost

ValiMail Recruits $12M Series A Funding For DMARC Authentication

MediaPost describes email authentication, ValiMail's funding event, and the difference between DMARC and SPF.

11/02/2016 - TechCrunch

ValiMail raises $12M Series A round for its email authentication service

ValiMail announces its series A round led by Shasta Ventures with follow-on investment from Flybridge Capital Partners and Bloomberg Beta.

10/24/2016 - Dark Reading

Deleting Email’s Original Sin: An Historical Perspective

Can DMARC do for email security what SSL certificates did for e-commerce?

08/10/2016 - LinkedIn

On Walmart, Russians and Layered Security

Recent news about Walmart customers getting phished for their password information and Russian hackers breaking into the email servers of American politicians has a lot of companies worried about how to avoid an e-mail-based hack. Here's a few tips.

07/28/2016 - Huffington Post

A Revolutionary Approach to Defeating Russian Hackers

CEO Alexander Garcia-Tobar explains how email authentication combats the fastest rising form of cybercrime today.

07/27/2016 - Mashable

How not to get hacked by Russians (or anyone else)

This article explores recent high-profile hacks and what potential victims can do to protect themselves from spear phishing.

07/26/2016 - BetaNews

Email is still king despite the threats it poses

ValiMail’s email authentication infographic published in BetaNews.

07/17/2016 - Becker’s CIO Review

Corporate email phishing scams increased 1,300% in 18 months, global losses total $3.1B

The FBI reports the number of this type of cyberattack has grown 1,300 percent since January 2015, resulting in $3.1 billion in losses across the world. What can be done to avoid scams?

07/16/2016 - Krebs on Security

Trump, DNC, RNC Flunk Email Security Test

In the wake of highly publicized hacks of Democratic political bodies, Brian Krebs exposes that the DNC, RNC, and Trump campaign all fail to protect their email from spoofing.

06/23/2016 - MediaPost

Majority of Top Web Sites Vulnerable to Email Spoofing

This article on the status of DMARC deployment points to ValiMail’s DMARC status checker to determine deployment on popular websites.

06/18/2016 - Infosecurity Magazine Announces Supporter Program

ValiMail joins

06/16/2016 - The Wall Street Journal

FBI Says Corporate Email ‘Impersonation’ Scams Growing

ValiMail CEO Alexander Garcia-Tobar explains how Business Email Compromise works, why its growth is so explosive, and what companies can do to stop it.

06/02/2016 - American Banker

Uber's Phishing Tale Can Teach Banks a Lot About Security

How Uber used DMARC email authentication to fight back against phishing.

05/25/2016 - MediaPost

How ValiMail Could Have Protected The Milwaukee Bucks

MediaPost’s EmailMarketing Daily describes recent attacks, including the loss of employees’ W-2 records by the Milwaukee Bucks, and explains how automated DMARC from ValiMail could have prevented them.

05/05/2016 - VentureBeat

Email authentication startup ValiMail comes out of stealth with $1.5 million

VentureBeat introduces ValiMail to the world.