Fake Email Dies Under DMARC Regime

Authentication and cooperation, made possible by the DMARC framework, cut down on email domain abuse.

A year ago, some of the worlds largest email services began ordering the
quarantine or deletion of messages
sent in their names. The result of this mass execution is being hailed as a resounding success.
On Wednesday, DMARC, an industry group founded by leading technology, financial service, social and media companies in early 2012 to fight email fraud, announced that its message authentication technology now
protects almost 2 billion
of the worlds 3.3 billion consumer inboxes and 80% of the consumer inboxes in the United States.
Some of the companies that have implemented DMARCs technology include Amazon, American Greetings, Apple, Bank of America, Blizzard Entertainment, Booking.com, eBay, Facebook, FedEx, Fidelity Investments, Google, Groupon, JP Morgan Chase, LinkedIn, LivingSocial, Microsoft, Netflix, PayPal, Tagged, Twitter, Western Union, Yelp, YouTube and Zynga.
[ Want new ideas on securing customer information? Read
6 Steps To Better Customer Data Protection
. ]
DMARC stands for domain-based message authentication, reporting and conformance. Supported by email security providers Agari, Cloudmark, Return Path and Trusted Domain Project, it is a framework by which email senders can authenticate legitimate messages and can exchange information with receiving entities about how to handle unauthenticated messages -- monitor them, quarantine them or delete them.
In just the last two months of 2012, 325 million messages were rejected by mailbox providers for being unauthenticated. Such messages are often spam, phishing attacks or other forms of brand or domain spoofing -- in this case, 49 million of the rejected messages were from highly phished domains. Some of these messages may come from within an organization, via unsecured mail servers, while others may carry forged header information or come from confusingly similar domains.
What brands are doing is shutting down these avenues of large-scale, orchestrated attacks, said Trent Adams, chair of DMARC.org and senior policy advisor at PayPal, in a phone interview. The mailbox providers finally have a way to take definitive action on fraudulent mail.
Though based on authentication technologies, like SPF and DKIM, DMARCs value comes from combining message security with collaboration and business intelligence. Email senders that publish DMARC policies receive feedback reports from DMARC-compliant message recipients about unauthenticated messages purporting to come from any of the sending organizations domains.
These reports provide visibility into an organizations email stream and allow the organization to take enforcement action if necessary, explained Adams.
Such data matters to businesses because its often a surprise. Reviewing a case study provided by Message Bus, Adams described how an unnamed, large, international conglomerate decided to test whether its domains were being spoofed. The company deployed a DMARC monitor record to gather information about unauthenticated email messages that people were receiving from its domains. It found that only 36% of messages that purported to come from the company actually originated from company servers. About 61% of the messages were from unknown and possibly malicious senders, while 3% was forwarded, through discussion lists or other mechanisms.
That kind of business intelligence is a wakeup call to any organization, said Adams. This is not an edge case. We hear this time and time again. Companies put out a monitor policy to see what the waters look like and they find they have a much larger problem.
Adams also cited the example of an unnamed, large, online auction company that saw a 32% decrease in phishing attempts and 62% less unauthorized account access following DMARC deployment. Coincidentally, eBay was an early DMARC adopter.
Krish Vitaldevara, principal group program manager for Microsofts Outlook.com, said that the need for the security DMARC provides is reflected in how rapidly email senders and receivers are adopting the framework.
While 100% adoption and an end to domain spoofing may be too much to hope for, Adams likens DMARC to an inoculation campaign. If you can get a large enough percentage of the population inoculated, then everyone will be protected, he said.

Last News
▸ Crime Scene Investigation: Atlanta? No, its Phone Fingerprinting. ◂ Discovered: 26/12/2024 Category: security	▸ Why do we take so long to detect data breaches? ◂ Discovered: 26/12/2024 Category: security	▸ Microsoft introduces reward programs for Windows 8.1, IE11 preview security flaws. ◂ Discovered: 26/12/2024 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Fake Email Dies Under DMARC Regime