The criminal practice of phishing is rampant, with both attacks and compromises running at all-time highs.
In June 2016 the FBI reported a 1300% increase in losses from Business Email Compromise (BEC) scams since January 2015. In that period criminals stole an estimated $3.1 billion from 22,000 companies, typically through impersonated email communication purporting to be from a trusted internal employee.
Known as an email impersonation attack, this type of identity spoofing victimizes organizations of every sort. Compromises affect businesses large and small, government, schools, religious institutions, and non-profits. You may also read about these attacks under the names spear phishing, whaling, or W-2 scams.
Email authentication is key to protecting any business from these attacks. Using the open industry standard DMARC (Domain-based Message Authentication, Reporting & Conformance), email authentication can ensure that receiving inboxes deliver only legitimate mail messages using your domain name.
Email receivers automatically block fraudulent messages before end users can be fooled by them. All major ISPs support DMARC, protecting 2.7 billion inboxes globally.
Fixing Email’s Original Sin Through DMARC
Email’s original sin is that there is no way to authenticate the sender of a mail message. So criminals can impersonate your identity to attack your employees, brand, and consumers.
DMARC addresses this weakness by eliminating messages appearing to be from your domain except those from specifically approved senders. These senders can include your own email systems as well as cloud services like marketing automation platforms or CRM instances that need to send email on your behalf. Receiving mailboxes will refuse delivery of messages from unauthorized senders for more than 99% of recipients, even if neither senders nor receivers are inside your network.
Unfortunately configuration and maintenance of correct DNS for DMARC is difficult, requiring frequent DNS changes and carrying severe consequences for getting it wrong. In fact, over 70% of all DMARC records are not fully implemented, failing to protect the domain owner. Worse, incorrect configuration can block your legitimate emails instead.
And as your business and the services you use evolve, your DMARC records will need constant maintenance to stay current – with each change requiring error-prone editing of text-based DNS entries. After going through difficult and time-consuming DMARC configuration for each domain, you might find yourself taking on the whole process again.
Easily View, Configure, and Manage Mail Senders
Developed from the ground up to be a full-service, automated system, ValiMail Pro™ solves the hardest issues of email authentication. ValiMail’s cloud service takes over configuration, monitoring, and update of DMARC records for all your domains. Simply access the intuitive ValiMail dashboard to view and manage your approved sending services.
You choose which senders can email using your domains and which cannot. When you add or remove new services in the future, just update their permissions in the ValiMail console and you’re ready to send.
Meanwhile, ValiMail Pro automatically configures DMARC error free, improving deliverability for legitimate email and blocking unauthorized senders from using your domain. That means the spear phishing gangs can’t send emails to your executives pretending to be from inside your company. It means they can’t abuse your identity mailing your partners, vendors, and agencies. And it means they can’t abuse your brand trust with your consumers.