Executive summary: Hackers are hiding JavaScript inside SVG attachments that pass as harmless images, and slipping past Secure Email Gateways (SEGs). To stay secure, organizations need to enforce a DMARC policy of p=reject, easily implemented with Red Sift OnDMARC, to stop compromised SVGs before they reach the end user. Key takeaways: Scalable Vector Graphics (SVG)…Continue Reading: SVGs with JavaScript are bypassing traditional email security: Learn how to stay secure
email security
More than 50% of US banks remain vulnerable to phishing attacks
Executive summary: Over half of major U.S. banks remain exposed to phishing attacks because of weak or absent DMARC enforcement, despite rising cybercrime losses and increasingly sophisticated email threats. Operational challenges, regulatory gaps, and underestimation of risk hinder stronger protections, putting customer trust and financial stability in jeopardy. Key takeaways Email remains the primary tool…Continue Reading: More than 50% of US banks remain vulnerable to phishing attacks
How the EU can mandate stronger email security
Executive summary: The article examines how the EU can proactively close email security gaps by leveraging the NIS2 Directive to mandate robust, harmonized standards like DMARC, DKIM, and SPF across all member states. By acting now, the EU not only protects its digital ecosystem but also sets a global benchmark for cybersecurity best practices. Key…Continue Reading: How the EU can mandate stronger email security
Healthcare and cybersecurity: 73% of breaches lack DMARC enforcement
The healthcare sector has become a target for both low-level and occasionally spectacularly successful cyberattacks. Hospitals, insurers, medical supply chains, service providers and medical organizations are prime targets for threat actors, with email phishing attacks, ransomware, and data breaches on the rise. In 2024, 94% of U.S. healthcare organizations experienced a cyberattack, with the average cost per…Continue Reading: Healthcare and cybersecurity: 73% of breaches lack DMARC enforcement
Why DMARC should top your MSP roadmap in 2025
Executive summary: Email remains the easiest way for criminals to reach customers, and major mailbox providers have decided that unauthenticated mail is no longer welcome. Google and Yahoo started rejecting bulk messages without DMARC in early 2024, and Microsoft 365 will follow in 2025. Yet only 9.7% of the world’s 73 million active domains even…Continue Reading: Why DMARC should top your MSP roadmap in 2025
Cloudflare selects Red Sift as a preferred partner to provide DMARC and advanced email security
AI-generated email attacks are rapidly growing in scale and sophistication, demanding stronger defenses from at-risk organizations. Starting today, Red Sift is excited to announce a new strategic partnership with Cloudflare, the leading connectivity cloud company, to deliver its market-leading email security application, Red Sift OnDMARC, to a broader global audience. Today’s alignment enhances Cloudflare’s capabilities…Continue Reading: Cloudflare selects Red Sift as a preferred partner to provide DMARC and advanced email security
