Protecting email with DMARC

Joy Johnson at Intelliworx explains why it’s vital for businesses of all sizes to comply with DMARC

 

In an age where digital challenges persist, ensuring the security of communication channels is vital for businesses. 

 

For UK enterprises, safeguarding email systems with authentication protocols like domain-based message authentication, reporting and conformance (DMARC) represents a forward-thinking approach to protecting information.

 

DMARC is rapidly becoming critical for all UK businesses as the Cyber Security and Resilience Bill, announced during the King’s Speech in July, comes into force. 

 

Combined with how AI is changing the landscape in terms of the threats all organisations - even the smallest ones - face from cyber-attacks, the need to comply with security standards for something as key to operations as emails is more important than ever. 

 

Email threats businesses face everyday

A staggering 96% of phishing attacks start with an email, with cyber-criminals becoming increasingly adept and swift by the day.

 

This has been exacerbated by the rise of AI, with cyber-criminals - once reliant on manual tactics - now leveraging AI to orchestrate exploit attempts and scams with increased efficiency and sophistication. This evolution necessitates a strategic shift for all businesses, who must adapt their defences to address this evolving threat landscape.

 

AI empowers cyber-criminals to generate phishing emails that appear more polished and legitimate. Traditional red flags, such as poor grammar and spelling mistakes, are mitigated by large language models (LLMs) that create natural-sounding content. This lulls victims into a false sense of security.

 

Fraud detection software often relies on identifying specific keywords or phrases within emails. AI-generated content circumvents this approach as phishing attempts become free of traditional detection markers.

 

AI can leverage social media data and publicly available information to personalise phishing emails. This personalisation makes them more believable and difficult to distinguish from legitimate communications.

 

While real-time AI phishing scams that mimic targeted advertisements aren’t yet widespread, AI’s capabilities suggest they could become a future threat. Imagine receiving an email for VIP festival tickets, seemingly relevant because of your browsing history. This could be an AI-generated phishing attempt designed to steal your credit card details.

 

Why DMARC is vital for organisations

By implementing DMARC, domain owners can specify which mechanisms - a sender policy framework (SPF) and/or DomainKeys Identified Mail (DKIM) - are used when sending emails from their domain and determine how receivers should manage emails that fail these checks.

 

An SPF is an email validation system designed to prevent email spoofing. It allows domain owners to publish a list of IP addresses authorised to send emails on behalf of their domain. When an email is received, the recipient’s mail server checks the SPF record of the domain to verify if the email originated from an authorised IP address. 

 

While DKIM is an email authentication method that employs a digital signature for each outgoing email. This signature is generated using a private key unique to the sending domain. Upon receiving the email, the recipient’s mail server uses a public key, published in the sending domain’s DNS (Domain Name System) records, to verify the authenticity of the signature. 

 

If the signature is valid, it confirms that the email has not been altered during transit and that it genuinely originates from the claimed domain. This process helps maintain the integrity and authenticity of the email, reducing the risk of tampering and impersonation. 

 

DMARC policies can be configured to monitor, quarantine, or reject suspicious emails, thereby significantly reducing the risk of email-based attacks. 

 

DMARC helps businesses prevent email spoofing and phishing, verifying email authenticity to stop impersonation and protect your brand from fraud.  

 

It also boosts domain reputation, building trust with email providers and recipients by consistently authenticating emails, thereby enhancing credibility. 

 

In addition, DMARC enhances email deliverability and ensures legitimate emails bypass spam filters, improving the chances of reaching recipients. It also offers email ecosystem insights, providing reports to monitor email usage, identify unauthorised activity, and address vulnerabilities. 

 

Overcoming DMARC challenges

While DMARC is vital for businesses, it’s important to note that implementing it is not without its challenges.

 

One key challenge is managing multiple email sending sources, with organisations often employing various email services, such as marketing platforms and CRM systems. Businesses should ensure all authorised sending sources are included in their SPF record and have their DKIM signing properly configured to maintain consistent email authentication. 

 

It’s also worth highlighting that DMARC reports can be complex and extensive, making them difficult to interpret. This can present another challenge for businesses when implementing DMARC. To overcome this, organisations should look to leverage DMARC report analysis tools to parse and understand the data, turning it into actionable insights that can help improve email security posture. 

 

Email security is critical in communication 

Email security is a critical component of modern communication, given almost all phishing attacks starting with an email.

 

It’s imperative for businesses to ensure that their email security defences consistently operate at their utmost to thwart the potential financial and reputational repercussions stemming from phishing, spoofing, and other impersonation attacks that look to exploit a company’s domain.

 

Implementing DMARC can underpin a robust email authentication system for businesses, making it more challenging for criminals to exploit their domain. 

 

With DMARC, businesses can protect their domain from cyber-threats, enhance email credibility and ensure messages reach their intended recipients.

 

---

 

Joy Johnson is Manager - Client Services & Operations, UK/US at Intelliworx

 

Main image courtesy of iStockPhoto.com and D3Damon