Protecting Charities with DMARC

The majority of us donate money to charity and in turn, charities do some truly inspiring and amazing work that benefits the wider community. But the vast amount of money that charities receive on a daily basis combined with the fact they are generally slower to adopt the latest cybersecurity defenses makes them a prime target for cybercriminals.

In 2017 99% of charities were vulnerable to impersonation

In 2017, Red Sift conducted research into the charity sector and analyzed more than 78,000 charity domains in the UK. The results showed that less than 1% of charities in the UK were protected against email impersonation/fraud.

This means that 99% of UK charities aren’t taking sufficient measures to make sure the donations they receive and the information they hold are protected against phishing. You can read and download the full Charity Industry Report here.

How DMARC can help protect charities worldwide

A simple way for charities to protect themselves from exact domain impersonation and fraud is by implementing a strong DMARC policy. DMARC is an email security protocol that when implemented at p=reject protects your domain from being impersonated by cybercriminals and used in some of the most advanced phishing attacks.

In the past, implementing DMARC was difficult, expensive, and time-consuming. But with OnDMARC, it’s become a straightforward process. OnDMARC guides users to full DMARC protection with simple step-by-step actions and easy-to-use dashboards.

The Turing Trust stopped more than 50 malicious senders with OnDMARC

Thanks to Red Sift’s OnDMARC, The Turing Trust successfully blocked over 50 malicious sources from sending phishing emails on their behalf, protecting their organization and anyone communicating with them. They also managed to increase the deliverability of their authorized emails, massively benefitting their work. You can read the full story here.

Free basic OnDMARC membership for all charities

Following the findings from Red Sift’s Charity Industry Report, we’re offering OnDMARC Basic plans to all charities for free. We believe the work that charities do for the wider community is essential and the price of security software, as well as the difficulty of implementation, has been a barrier to DMARC adoption for many charities.

We hope that through our Free for Charities program we will be able to encourage higher adoption of the DMARC protocol in the charity industry and ultimately help reduce the number of successful cyberattacks targeted at this sector.

Why not get in touch below, to find out if you’re eligible? You can also find out more about our Free for Charities program here.

Get in touch


Red Sift

25 Jul. 2017



Recent Posts


Introducing DNS Guardian: Stop impersonation and spam caused by domain takeovers 

Rahul Powar

tl;dr: We’re thrilled to announce DNS Guardian — a new feature in Red Sift OnDMARC that can swiftly identify and stop domain takeovers that lead to malicious mail. Back in February, we shared updates with the community about SubdoMailing – an attack discovered by Guardio Labs. The attack was a form of subdomain takeover,…

Read more

Navigating the Information Security Landscape: ISO 27001 vs. SOC 2

Red Sift

As cyber threats evolve, so do the standards and frameworks designed to combat them. Two of the most recognized standards in information security are ISO 27001 and SOC 2. What sets them apart, and which one is right for your organization? Let’s delve into the key differences. Purpose and Scope: Global Framework vs. Client-Centric…

Read more

G2 Summer 2024 Report: Red Sift OnDMARC’s Winning Streak Continues

Francesca Rünger-Field

We’re delighted to announce that Red Sift OnDMARC has again been named a Leader in G2’s DMARC category for Summer 2024. This recognition is based on our high Customer Satisfaction scores and strong market presence. Red Sift appeared in 11 reports – 5 new ones since Spring 2024! – earning 5 badges: A few…

Read more

Google will no longer trust Entrust certificates from October 2024

Red Sift

Tl;dr: Google has announced that as of October 31, 2024, Chrome will no longer trust certificates signed by Entrust root certificates. While there is no immediate impact on existing certificates or those issued before 31st October 2024, organizations should start reviewing their estate now. On Thursday 27th June 2024, Google announced that it had…

Read more

Understanding the domain attack

Francesca Rünger-Field

tl;dr: The recent compromise of the domain has triggered a broad-reaching web supply chain attack, impacting over 100,000 websites across various sectors including finance, healthcare, non-profits, academia, and more. To ensure the security of your website, we strongly advise you immediately remove any reference to Latest update: 27th June 2024 Sansec, a…

Read more