To protect citizens against email impersonation fraud and to stop scammers from impersonating government agencies via email, the U.S. Department of Homeland Security recently directed all federal agencies to implement DMARC within 90 days (by January 15, 2018) and to get to a policy of enforcement within 12 months.
ValiGov™ from ValiMail is an email authentication product for all U.S. federal government domains, enabling them to quickly come into compliance with the DHS mandate.
ValiMail offers the only guaranteed enforcement email authentication product on the market today. ValiGov is available for U.S. government agencies to use for a nominal charge until they achieve enforcement (a DMARC policy that instructs receiving mail servers to delete or quarantine messages that fail authentication).
To get started, agencies simply delegate a DMARC record to ValiMail, and they gain instant visibility over all email activity on the domain. After a short monitoring period, federal agencies can identify all legitimate vs. suspicous senders on the domain and move towards enforcement of an authentication policy that blocks all email impersonation attacks.
91% of Security Breaches Start with Email Impersonation Fraud
Spear phishing attacks can cause agencies to unknowingly release citizens' data, exemplified by the recent wave of W-2 scams where criminals obtain employee Personally Identifiable Information (PII). Email is inherently insecure, and there is no guarantee that when citizens interact with a federal agency that they are interacting with who they think they are.
Federal agencies and the general public alike stand to benefit with increased trust in government email. Senator Ron Wyden (D-Oregon) first called for the federal government to adopt DMARC in his open letter, when he noted that in 2016 the IRS had seen a 400% increase in impersonation attacks. Senator Wyden also pointed out that the UK government required all government agencies to enable DMARC, and the UK tax authority said, "it reduced the number of phishing emails purporting to come from that agency by a staggering 300 million messages in one year."
96% of .Gov Domains Are Not Ready for DHS Deadlines
ValiMail’s analysis shows that 96 percent of government domains (.gov) are easy to impersonate with fake emails that appear to come from their domains. While many .gov domains have attempted DMARC, few have succeeded in using it to stop fraud. Find out more in our detailed Government Report.
How ValiMail Works
Only ValiGov automates email authentication and DMARC enforcement, providing control over who’s allowed to send email from .gov domains and protecting against impersonation attacks.
With ValiGov, you can:
- Comply with DHS mandates, instantly
- Get into compliance immediately, then move towards enforcement over time (within 12 months)
- Protect against the costly loss of citizens’ PII and other information requiring breach notification
- Control which third-party services are allowed to send on your behalf
- Maintain compatibility with all common regulatory compliance requirements
- Shield your agency employees and citizens from spear phishing and stop phishing attacks based on domain impersonation
To learn more, request a demo.Request Demo