The Cybersecurity Tech Accord and the Global Cyber Alliance endorse DMARC
A recent event in Washington D.C. brought together the Global Cyber Alliance (GCA), the Cybersecurity Tech Accord (CTA), the Department of Homeland Security (DHS), and the Department of Justice (DoJ) to acknowledge the importance of email authentication in securing the online world. The event coincided with the one year anniversary... Read more » Ecosystem NewsWebinar: The Evolution of Phishing & How We Fight It
Beyond the Nigerian Prince In 2017, the FBI estimated that losses due to business email compromise increased by 88% as compared to 2016. Yet many end users still associate phishing with the prototypical email from Nigeria. In this webinar, dmarcian founder Tim Draegen and GreatHorn CEO Kevin O’Brien will walk... Read more » Security InsightsWebinars and PodcastsGDPR’s Impact on DMARC Data Collection
When the EU passed the General Data Protection Regulation (GDPR) it triggered a worldwide examination of different types of data, including the data found in DMARC Aggregate (RUA) and Failure (RUF) reports. A legal analysis from ECO, the German Internet Industry group, breaks down all aspects of DMARC data and... Read more » Ecosystem NewsSecurity InsightsPhishing leaves a DMARC trail
Earlier this year The Anti-Phishing Working Group (AWPG) and dmarcian had the opportunity to look for patterns across data sets to see if anything interesting emerged. We decided to cross reference the IP addresses from APWG’s phishing and malicious IP data sets contained in their eCrime Exchange (eCX) threat data... Read more » Ecosystem NewsSecurity InsightsWhat to do About Non-DMARC Capable Email Sources
Non DMARC Capable Sources When deploying DMARC, you may occasionally encounter email vendors that do not support DMARC authentication on your outbound email. While most email service providers have implemented and adopted DMARC as a best practice, some vendors have not caught up. To help users deal with Non-DMARC capable sources,... Read more » DeploymentTechnical GuidanceFTC Releases DMARC Study
Press release from Federal Trade Commission—March 3, 2017 “The Federal Trade Commission’s Office of Technology Research and Investigation (OTech) reports that most major online businesses are using proper email authentication technology to prevent phishing emails, but few of these businesses are taking full advantage of the latest technologies to combat... Read more » Ecosystem NewsExpansion of DMARC is Now Critical
Press Release Reposted with Permission from The Global Cyber Alliance Expansion of DMARC Critical to Reducing Spread of Malicious Emails Global Cyber Alliance Calls on Leading Cyber Companies To Improve Email Protections SAN FRANCISCO, February 14, 2017 – There is a fix that can prevent a great amount of email-born attacks... Read more » Ecosystem NewsSubdomain Abuse Goes Mainstream
Last week, LinkedIn was the target of a massive, global cyber attack. The attack came in the form of phishing that looks almost exactly like real LinkedIn address confirmation emails. Only two things differed: The email was sent from spoofed sub-domains. The “Click Here” link of the HTML version of... Read more » Ecosystem NewsSecurity InsightsSubdomain Management Changes
As many of you may have noticed, there have recently been some changes to the UI regarding subdomains. After talking with people about how subdomains were being used and abused across the internet, we decided to spend some time rethinking how dmarcian process, sorts and displays subdomains. These new changes... Read more » Technical GuidanceToo many SPF lookups?
People sometimes run into the “too many DNS lookups” error when rolling out and managing SPF. It doesn’t help that there is a lot of bad guidance on the internet. This article describes how to fix this issue. SPF ships with a built-in limit to the number of “DNS-querying mechanisms” that a... Read more » Security InsightsTechnical Guidance
