How DMARC can help banks win back trust

How often does your insurer ever run special offers, incentive programs, provide useful advice, or launch new customer service initiatives? Not sure?

We can’t say that we’re surprised, after all, why would you? Unless you’ve had to change or renew one of your insurance policies there’s no reason to know. Most of us don’t spend our precious spare time checking our insurers’ websites or Facebook feeds to see what they’re up to.

As a rule of thumb, this logic applies to the majority of the financial services industry. Even if customers are logging into their online banking, they’re doing it to check their balance or transfer money, not to investigate their secure messages inbox in the hope of receiving some special banking offer.

The problem with financial services emails

The problem with emails from financial services started years ago when savvy internet users learned to ignore and delete email correspondence from anyone purporting to be a financial service provider.

Chances were, of course, that these emails were fraudulent and highly likely to be phishing attacks aimed at getting hold of confidential details like passwords or bank account details.

To make matters worse, back in the old days of spam and phishing messages, these emails weren’t even properly targeted. This meant that people would regularly receive messages from banks that they had no relationship with, and so they’d hit that delete button even faster, sealing the fate of emails from financial services and banks everywhere.


Secure messaging inboxes are too clunky for customers

So far, so familiar right? Fast-forward to the present day, and financial services firms are beginning to admit defeat, they know that the clunky, in-app, ‘secure messaging inboxes’ don’t really work, and it’s time to start properly engaging with customers via email.

And herein lies the problem. From digital natives to digital novices and even digital latecomers, we’ve all spent the last 10 years or more avoiding email correspondence claiming to be from our ‘trusted financial services providers.’

Even if messages don’t get marked as spam on the way into the inbox, we often still assume they’re fraudulent once they arrive. From PayPal to HSBC Bank of Ireland, all of these brands are being consistently tarred by phishing scam brush.

Sure, they’re successful businesses, but that doesn’t take away from the fact that they receive a daily, global reputation bashing that prevents them from running their business more efficiently and profitably.

Why all financial services firms need to implement DMARC

Financial services firms have genuinely embraced the digital age  –  just look at internet and mobile banking. Gone are the days of trekking out on your lunch break to your local bank branch, there’s been a raft of services revolutionized in recent years.

So why are some banks still failing to address the email authenticity and deliverability issue that still plagues them across the entire web? We’re referring to the anti-phishing solution DMARC (Domain-Based Message Authentication, Reporting, & Conformance). This email authentication protocol not only protects domains against exact impersonation (otherwise known as spoofing) but also improves email deliverability too. You can find out more about how it works here.

By implementing DMARC at a policy of p=reject, banks, insurance companies, and financial services as a whole can make sure they’re getting into the inbox and begin to rebuild trust in the emails they’re sending out to customers. Being DMARC-authenticated also makes businesses eligible for BIMI too. This new standard shows trademarked logos on DMARC-validated emails, and has been found to have a significant positive impact on how consumers interact with them too.

Enjoy a free OnDMARC trial

There’s a whole host of security and business benefits to be gained by implementing DMARC, particularly for a sector that relies so heavily on consumer trust. Interested in seeing how it could help your business? Why not sign up for a 14-day free OnDMARC trial. OnDMARC is Red Sift’s award-winning DMARC tool that makes implementing and monitoring DMARC quick and easy.

free trial red sift


Clare Holmes

7 Sep. 2017


Recent Posts


The best tools to protect yourself from SubdoMailing

Francesca Rünger-Field

In late February 2024, ‘SubdoMailing’ became a trending search term overnight. Research by Guardio Labs uncovered a massive-scale phishing campaign that had been going on since at least 2022. At the time of reporting, the campaign had sent 5 million emails a day from more than 8,000 compromised domains and 13,000 subdomains with several…

Read more
Product Release

Red Sift’s Spring 2024 Quarterly Product Release

Francesca Rünger-Field

This early into 2024, the cybersecurity space is already buzzing with activity. Emerging standards, such as Google and Yahoo’s bulk sender requirements, mark a new era of compliance for businesses reliant on email communication. At the same time, the prevalence of sophisticated cyber threats, such as the SubdoMailing campaign, emphasizes the continual hurdles posed…

Read more

Navigating the “SubdoMailing” attack: How Red Sift proactively identified and remediated a…

Rebecca Warren

In the world of cybersecurity, a new threat has emerged. Known as “SubdoMailing,” this new attack cunningly bypasses some of the safeguards that DMARC sets up to protect email integrity.  In this blog we will focus on how the strategic investments we have made at Red Sift allowed us to discover and protect against…

Read more

Where are we now? One month of Google and Yahoo’s new requirements…

Rebecca Warren

As of March 1, 2024, we are one month into Google and Yahoo’s new requirements for bulk senders. Before these requirements went live, we used Red Sift’s BIMI Radar to understand global readiness, and the picture wasn’t pretty.  At the end of January 2024, one-third of global enterprises were bound to fail the new…

Read more