Yolande D'Mello summarizes the findings of our 2017 Email Fraud Landscape and follows it with an extensive interview with ValiMail co-founder and CEO Alexander García-Tobar.
SANS editors note ValiMail's 2017 Email Fraud Landscape research, and adding discussion of the significance of DMARC in light of the recent DHS directive mandating DMARC usage for government agencies, and pointing to resources on the subject.
Freelance tech writer and analyst David Strom reviews his experience using ValiMail to implement DMARC on his domains. This is a detailed account of what it's like to be a customer of ValiMail, from an experience enterprise tech reviewer.
Study: One In Five Emails Sent Today Are From Unauthorized Senders, Highlighting Rampant Email Impersonation
ValiMail's 2017 Email Fraud Landscape Report shows that most domain owners have not attempted to implement fraud protection through the latest and most complete form of protection, DMARC ("Domain-based Message Authentication, Reporting & Conformance"), a widely used standard that ensures only authorized senders can use an organization's domain name in their emails.
Ray Schultz writes, for Email Marketing Daily: One in five email messages landing in inboxes come from unauthorized senders, according to a new study by ValiMail. And companies are failing to protect themselves with proper use of Domain-based Message Authentication, Reporting & Conformance (DMARC).
Nearly all of the top million most popular domains are inadequately protected from "weaponized" email impersonation by hackers, formerly known as spear phishing, according to a new study released today by San Francisco-based email authentication service provider ValiMail. Shirley Sulik reports for the NewsFactor Network.
Adoption of the email security standard known as DMARC — the best way to stop fraudulent email like phishing messages — remains low, even among large banks and other major corporations, according to new figures from ValiMail, as Shaun Waterman reports in this feature story on our latest research.
ValiMail CEO Alexander García-Tobar is quoted in this story about a ransomware attack that took the KQED newsroom offline. Months later, the news organization is still struggling.
ValiMail CEO Alexander García-Tobar offers five tips for companies struggling to prepare for GDPR in this op-ed for Forbes.
Advice for small business owners #4 -- Take advantage of email authentication. "The most destructive [type of fraud] and hardest to detect is a message coming from a fake email address," says ValiMail CEO Alexander García-Tobar. "The only way to avoid this is to use email authentication with DMARC."
Shasta's Jason Pressman asks, in this guest post: "Today, when most companies have switched their websites to HTTPS by default, locked down their Wi-Fi networks, and insist on access cards to identify and grant access to every employee who wants to come in through the front door, can we really still be relying on non-authenticated emails? Everything else is authenticated. Why aren’t we doing the same with email?"
The U.S. Department of Homeland Security will now require all federal agencies to deploy DMARC within 90 days. Dawn Kawamoto reports on the development, quoting Peter Goldstein, who applauds the move, but adds, "You have to get to enforcement to get real value out of DMARC."
Warwick Ashford reports that about 4.8 billion email accounts are now covered by DMARC, writing: "This means DMARC use has reached a tipping point."
More than three-quarters of the world’s email inboxes are secured against spammers and scammers with DMARC, Shaun Waterman reports.
CEO email addresses are the most likely to be spoofed, according to a Trend Micro report, and CFOs are the most targeted members of an organization. MediaPost's Jess Nelson quotes ValiMail CEO Alexander García-Tobar: “There's no malware to filter and no keywords to block,” he says. "Only email authentication stops these kinds of attacks.”
There is a wonderful quality to email that’s easy to overlook in today’s overheated market for mobile, social, AI-powered, virtual reality, big-data apps. Email just works, and it works everywhere. But there's a downside, as ValiMail CEO Alexander García-Tobar explains.
The Online Trust Alliance (OTA), a non-profit and Internet Society (ISOC) initiative, submitted recommendations to the Federal Trade Commission on Wednesday to modify the United States’ anti-spam law. ValiMail was one of the companies that contributed to the OTA's suggested modifications.
The news media isn’t the only industry that is swamped by fakes, explains Alexander García-Tobar, CEO and co-founder of ValiMail, in this op-ed. Companies across a large swath of industries also have to deal with fake websites, emails and products. And even governments have to watch out for fake communications.
ValiMail head of communications Dylan Tweney appears in this episode of the popular TWiT podcast, with Leo Laporte. ValiMail's anti-impersonation solution is discussed at 0:04:00, 1:43:30, 1:57:55, and 2:12:10. "I think every company should be using it," Leo says about ValiMail's solution.
Petya and WannaCry are not unique: Analysis of cyberattacks suggest that 91 percent of all cyberattacks start with phish. This keeps happening because, while technical solutions are available to curtail phishing attacks, they are complex and opaque, which means most companies have challenges implementing them fully.
CIOReview's “20 Most Promising Enterprise Security Solution Providers 2017” features the best products and most competent services in the security arena. In the last few months, a distinguished panel, comprising CEOs, CIOs, CISOs, and analysts including the CIOReview editorial board reviewed the top companies and shortlisted the ones that are at the forefront of bringing revolutionary changes to the enterprise security domain.
Phishers often take advantage of how easy it is to forge the 'From' address in emails, which is exactly what DMARC prevents,” explains Alexander Garcia-Tobar, the CEO of ValiMail, in this story by MediaPost's Jess Nelson. “It’s time for all U.S. commercial and government organizations to do their part and lock down their domains, enforce industry standards like DMARC, and prevent their own brands from being used to attack anyone on the Internet, including employees, customers, partners and innocent bystanders.
ValiMail CTO and co-founder Peter Goldstein has been appointed as a technical committee co-chair for M3AAWG, the Messaging, Malware and Mobile Anti-Abuse Working Group, an industry organization working against botnets, malware, spam, viruses, denial-of-service attacks and other online exploitation.
Email is so critical to business communications today that many assume it's a safe and trustworthy medium, but recent cyberattacks prove it's not. What CIOs need to know about authentication and DMARC, a key tool to address this shortcoming.
If imitation is the sincerest form of flattery, HBO should perhaps be blushing.That’s because scammers are using domains for the fictional tech companies Pied Piper and Hooli from HBO’s Silicon Valley to try to trick unsuspecting consumers. The Drum details how ValiMail is now protecting these domains, so only messages sent by HBO on behalf of the fictional entities will be delivered.
This is the second year that the OTA has recognized ValiMail's website for adhering to the highest levels of consumer protection, data security, and privacy protection.
ValiMail CEO Alexander García-Tobar explains how a recent cyberattack on a well-known tech company reveals that even when the toughest anti-phishing policies are in place, 70% of companies that attempt email authentication leave the final configuration incomplete.
The ransomware crisis that swept the world last month highlights what we’ve known for years: The global IT infrastructure is incredibly vulnerable. Valimail CEO Alexander García-Tobar explains what security professionals can do.
All too often IT departments can miss the the crucial signs of an incoming ransomware attack. What CIOs can do to avoid becoming the victim of the next global malware hack.
One of the country's most-listened-to public radio stations profiles ValiMail as just one of a handful of companies that provide email authentication services to businesses, and examines how email authentication could have stopped the global WannaCry ransomware attack.
ValiMail CEO Alexander García-Tobar is interviewed about the recent DocuSign data breach resulting in the theft of 100 million customer emails, and how email authentication could have thwarted the resulting phishing campaign that leveraged the stolen credentials.
ValiMail CEO Alexander García-Tobar is interviewed about the implications of the global WannaCry ransomware attack on health care organizations, explaining that the sector is particularly vulnerable to these attacks because awareness about email authentication is still quite low in the healthcare industry.
As we become increasingly dependent on technology in our daily lives we open ourselves up to an entirely new kind of threat, cyberattacks. In an effort to ease our fears and gain a better perspective Future of Everything decided to ask a group of cybersecurity experts, "what's the future of cybersecurity?"
In a dispatch from RSA, ValiMail CEO Alexander García-Tobar reveals new data that shows only one of RSA's 62 sponsors had a correctly configured DMARC record that's set to enforcement, and urges the industry to do better on email authentication.
ValiMail CEO Alexander Garcia Tobar shares key tips on how enterprises can improve e-mail safety by complementing employee training with authentication.
Senior security industry professionals, including ValiMail CEO and co-founder Alexander García-Tobar, weigh in on the implications of the travel ban imposed by President Trump.
Popularity for the Domain-based Message Authentication, Reporting and Conformance email authentication standard is growing. So why are enterprises still struggling to implement it?
The attack shows how effective it can be for phishers to use the exact domain name of organizations that are unprotected by email authentication, and how simple it is to stop these attacks in the future.
Cybersecurity experts, including ValiMail CEO Alexander Garcia-Tobar, discuss some basic facts on cyber that President-Elect Trump has gotten wrong.
In a study of 1 million corporate domains, only 60,000 had made any attempt at DMARC email authentication, and of those, only a quarter actually had enforcement mechanisms in place, according to a new report from ValiMail.
“Shadow IT” sounds like something you might see in a thriller starring Matt Damon, but it’s a clear and present danger for IT pros.
XM Sirius Radio in collaboration with the Wharton Business School Interviews Alexander Garcia-Tobar, the founder and CEO of ValiMail.
ValiMail announces its series A round led by Shasta Ventures with follow-on investment from Flybridge Capital Partners and Bloomberg Beta.
Recent news about Walmart customers getting phished for their password information and Russian hackers breaking into the email servers of American politicians has a lot of companies worried about how to avoid an e-mail-based hack. Here's a few tips.
The FBI reports the number of this type of cyberattack has grown 1,300 percent since January 2015, resulting in $3.1 billion in losses across the world. What can be done to avoid scams?
This article on the status of DMARC deployment points to ValiMail’s DMARC status checker to determine deployment on popular websites.
ValiMail CEO Alexander Garcia-Tobar explains how Business Email Compromise works, why its growth is so explosive, and what companies can do to stop it.
MediaPost’s EmailMarketing Daily describes recent attacks, including the loss of employees’ W-2 records by the Milwaukee Bucks, and explains how automated DMARC from ValiMail could have prevented them.