Skip to main content
Three Steps for Basic BEC Defense

Three Steps for Basic BEC Defense

Email Security InsightsEmail TechnologyTechnical Guidance

Business Email Compromise attacks hurt. Here’s how to deal.

Weaponized fake emails are fooling businesses around the globe. When combined with easy access to information from business-facing social networks, BEC attacks now indiscriminately target everyone—from the smallest shops to the largest organizations in the world.

The following three steps will put basic BEC defense in place at your organization:

Step 1: Turn the lights on

Use DMARC to get visibility into the scope of your potential BEC problem. DMARC will show you which servers around the Internet are sending email using your email domains—even the bad ones. Using DMARC to get visibility is not the same activity as using DMARC to put into place protection.

  1. Create a free trial with dmarcian. The free trial provides the technology needed to quickly make the most of DMARC.
  2. Follow the directions to start collecting DMARC data from around the world. You will only be passively collecting data—no impact to production email at this point.
  3. While DMARC data is being collected (a day or two is usually good enough), continue with the next step.

Step 2: Flag External Email

As simple as it sounds, flag email that comes from the outside world. Add something like “” to the subject lines of email that does not originate from within your organization. This tiny addition gives people a chance to treat fake email with the suspicion it deserves.

Figure out what you’re using for your inbound email. Microsoft Office 365 and Google Suite are two popular services. If you need help figuring this out, contact us. Most inbound email systems can be configured to append “” to email subject lines.

  1. Instructions for Microsoft Office 365
  2. Instructions for Google Suite
  3. Contact us for help with your own system

Let everyone at your organization know that email from the outside world will be flagged.

The danger of BEC is real; give people a chance to avoid being fooled.

Step 3: Implement DMARC

DMARC keeps outsiders from using your email domain. In the context of BEC, DMARC is used to protect your employees from receiving malicious email that pretends to be from fellow employees. The rest of the world benefits from your DMARC implementation by being able to block fake email that pretends to be from one of your email domains.

To implement DMARC, legitimate email senders using your email domains must be identified and modified to send DMARC-compliant email. Your dmarcian trial account will contain exact information regarding your level of BEC exposure and steps needed to implement the technical aspects of DMARC.

For most organizations, the process of implementing DMARC is a rare chance to focus on their Internet security posture. The experts at dmarcian are happy to share how your organization’s security posture can be radically improved. Contact us to learn more.


By using dmarcian to gain visibility into your BEC exposure, flagging email from the outside world, and implementing DMARC to keep malicious email out of your email domains, you’ll have put into place significant protections against BEC. As a bonus, you’ll have the basics in place and the breathing room needed to take the next steps of BEC protection, like phishing training and sophisticated email security technologies.

Want to continue the conversation? Head over to the dmarcian Forum.