• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar

Red Sift Blog

Democratizing technology essential for cybersecurity.

Red Sift Blog
  • redsift.com
  • Featured
  • About
  • Get in touch
You are here: Home / Email / DMARC / Email security means being a meerkat, not an ostrich

Email security means being a meerkat, not an ostrich

by gino
August 12, 2018September 7, 2018Filed under:
  • DMARC
  • Email

“Is it ok if I send an email from your email address?”

That’s always a surefire way I can grab someone’s attention in a meeting.

Some people don’t think it’s possible and are rather surprised when it is. However, most people with a technical background, who know how the SMTP email protocol works, know that not only is it possible, but it’s been possible since the creation of email.

I don’t think the forefathers of email ever foresaw how widely used email would become. They saw it as a messaging solution among individuals within a few trusted networks, such as universities.

Today we use email for a lot of our communications, especially between separate organisations. The open nature and widespread adoption of email makes it the simplest way to communicate, whilst messaging solutions like Slack and the collaboration features found in most modern applications may replace email to some extent they are far from replacing it completely.

So wouldn’t you want to know if something was wrong with this vital communication channel?

This I suppose, is the ostrich behaviour I refer to in the title of this blog.

Don’t bury your head in the sand…

Some people would rather not know if their email is open to impersonation, because then it becomes a problem they need to fix.  

But email impersonation is a very common problem. In fact, when organisations first start their DMARC journey with us we find that most are experiencing some level of email impersonation, anything like 20 to 30% of emails being sent from a domain can be illegitimate traffic. Worryingly some of these emails are straight-up spam which risks putting your domain in a black list or direct spoofing attacks to you or your business network.

Instead, I encourage the people I speak to, to be more meerkat.

Always be on the look out! Photo by Lance Anderson on Unsplash

With a solution like the DMARC open protocol you can keep a constant watch out for these impersonation attacks. DMARC allows the receiver to validate if an email is legitimate or not. For every validation, legitimate or not, a report is generated which allows you to see the level of impersonation that your email domain is being subjected to.

However the most powerful aspect of DMARC is the fact that it can stop these spoof emails entirely. By setting a p=reject DMARC policy an organisation that owns the spoofed email account can instruct any receiver, in real time, to block and bin the fake email.

So, if our paths cross in the future, and I ask you, “Is it ok if I send an email from your email address?” Say yes, as it might be the most useful fake email you’ll ever receive!

Awareness is the first step to solving the problem so if you’re more meerkat than ostrich and are interesting in learning about how secure your email really is, drop us a line at team@ondmarc.com and we’ll be in touch!

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)

Related

Tagged:
  • Cybersecurity
  • DMARC
  • Email

Post navigation

Previous Post Byline: For the love of email
Next Post B2B Growth and Sales: What AI Can Do For You

Primary Sidebar

Recent Posts

  • 2021 The Threat Landscape: Brand protection and BEC attacks lead the charge
  • OnDMARC Wins “Best-Of DMARC” Award On Review Platform Expert Insights
  • The case for embracing DORA
  • Red Sift – Closing the Net on the Phishing Problem
  • Beware of this common NHS Covid-19 Vaccine email scam

Archives

  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • November 2016
  • October 2016
  • February 2016

Categories

  • AI
  • BEC
  • Coronavirus
  • Cybersecurity
  • Deliverability
  • DMARC
  • Email
  • Finance
  • Labs
  • News
  • OnINBOX
  • Partner Program
  • Red Sift Tools
  • Uncategorized
  • Work @ Red Sift

Copyright © 2021 · Milan Pro on Genesis Framework · WordPress · Log in