PowerDMARC has now extended DMARC services in Bahrain in partnership with NGN. Mr. Yaqoob Al Awadhi, CEO of NGN International, a full-fledged systems integrator and IT consultant headquartered in Bahrain, has spoken out regarding email security and spoofing. In a statement, he said that emails have become one of the most common methods of internet fraud employed to steal money and sensitive data from individuals and organizations alike.

He revealed that his company will be partnering with PowerDMARC, a Delaware-based DMARC solutions provider, to launch an email authentication and anti-spoofing platform in Bahrain to provide the most powerful cybersecurity standards for email.

“If there’s one thing common to nearly all major data breaches and internet scams you’ve read about in the news, it’s that they start with email,” Mr. Al Awadhi said. “These breaches may cost companies and organizations losses amounting to tens or possibly hundreds of millions of dinars or dollars.”

He explained that the attackers use the organization’s domain to send emails to their associates and customers asking for login credentials, credit card details, or fake offers. He added that phishing emails are one of the easiest ways for cyber attackers to compromise an organization’s security, which called for adopting DMARC services in Bahrain.

“As a business owner, you want to make sure that your customers, partners and organizations you deal with only see emails you’ve sent yourself, not fake emails that appear to originate from your domain and can be used to steal information,” Mr. Al Awadhi added.

Extending DMARC Services in Bahrain

Mr. Faisal Al Farsi, Co-Founder and CEO of PowerDMARC explained that their partnership with NGN is to increase adoption of their email authentication platform in Bahrain and Saudi to protect brands from business email compromise (BEC). PowerDMARC builds on widely deployed email verification techniques: SPF (Sender Policy Framework) and DKIM (Domain Keys Identified Mail) along with newer protocols like BIMI, MTA-STS & TLS-RPT. To make their security systems even more airtight, they make use of an AI-driven threat intelligence engine to detect and take down IPs abusing your domain.

“PowerDMARC uses the latest email authentication protocols and monitoring from a 24/7 Security Operations Center to protect corporate domains from being compromised,” said Mr. Al Farsi. “The technology specialists at NGN will tailor security solutions specifically for organizations based on their needs. From configuring SPF, DKIM and DMARC records, to setting up the dashboard, to achieving full DMARC enforcement, NGN will take care of the heavy lifting for the client. The end result is a secure domain and a DMARC implementation that allows the client to monitor the email traffic easily.”

PowerDMARC and Mannai Trading Co. extend DMARC partnership in Qatar

PowerDMARC, an email security and DMARC solutions provider based in Delaware, USA, is announcing a new partnership with Mannai Trading Co., Qatar’s leading Cyber Security Solutions & Services Provider, to extend DMARC partnership in Qatar.

PowerDMARC’s email authentication platform leverages protocols like DMARC, MTA-STS, and BIMI to help organizations combat domain spoofing, secure their email channel and enhance their brand’s reputation. Real-time alerts and easy-to-read DMARC reports also mean that organizations have total visibility over the status of email in their domains.

“We’re very excited to expand our channel network in the region,” said Faisal Al Farsi, Co-Founder and CEO of PowerDMARC. “Qatar is a very important destination for us, and we have invested in setting up there by providing a local presence of our services to comply with the country’s data regulations.”

PowerDMARC recently joined hands with Disit360, the hub of virtual distribution as their value-added distributor for the Middle East. By partnering with Mannai, they hope to see better DMARC adoption rates in Qatar in the next few years.

Mannai currently offers a variety of technology services including IT Infrastructure, Cybersecurity, Network, Software Solutions and Cloud Services, among several others.

“Every new partnership is important to us,” said Abdullah Abu-Hejleh, Founder and CEO of Disti360. “Over the years, Mannai has built both a suite of end-to-end information technology solutions as well as a wide network of relationships throughout Qatar. Their experience and familiarity with the region will help us immensely to create inroads with businesses operating in Qatar.”

Maged Mohamed, Senior VP at Mannai Trading Co

 

As Qatar’s premier systems integrator, they have experience in helping organizations incorporate new technologies to fit their workflow. Leveraging this expertise, Mannai plans on integrating email authentication and reporting into their clients’ existing platforms. By offering PowerDMARC’s services, they aim to help Qatari organizations combat email phishing, spoofing, impersonation and CEO fraud attacks.

“This is a new frontier for us at Mannai,” said Maged Mohamed, Senior VP at Mannai Trading Co. “DMARC is still an emerging standard in Qatar, which means we’ll be among the first to get seriously involved with it. We’ll be laying down much of the path we take moving forward, but that’s only going to make it that much more exciting for all of us. Our vision is to ensure that the Qatari organizations and their domains are safer than ever before.”

New Zealand’s top 200 companies and government departments are facing serious DMARC compliance issues, putting them at 36th spot worldwide.

In recent years, many major countries around the world have begun to recognize the importance of email security to prevent phishing attacks. In this climate of rapid change in cybersecurity practices, New Zealand has been lagging behind its peers in its levels of awareness and response to global security trends.

We conducted a study of 332 domains of organizations both in the public and private sectors. Among the domains we surveyed were:

  • Deloitte Top 200 List (2019)
  • New Zealand’s top energy companies
  • Top telecom companies
  • NZ registered banks
  • The New Zealand Government (excluding Crown entities).

By studying their public DNS records and gathering data on their SPF and DMARC statuses, we were able to gather data on how well-protected major New Zealand organizations are against spoofing. You can download our study to find out the details behind these numbers:

  • Only 37 domains, or 11%, had enforced DMARC at a level of quarantine or reject, which is required to stop domain spoofing.
  • Less than 30% of Government domains had implemented DMARC correctly at any level.
  • 14% of organizations observed had invalid SPF records and 4% had invalid DMARC records — many of them had errors in their records, and some even had multiple SPF and DMARC records for the same domain.

Our full study contains an in-depth exploration of the biggest hurdles New Zealand companies face in effectively implementing DMARC.

 

PowerDMARC, a leading DMARC and email security services provider based in Delaware, USA, is joining hands with the security experts at Huntmetrics. As a leading cybersecurity services provider in India and Qatar, Huntmetrics is signing on as a value-added reseller of DMARC and related products.

“We’re really looking forward to this partnership,” said Faisal Al Farsi, Co-Founder and CEO of PowerDMARC. “As we expand our operations around the world, we rely more on experienced and well-connected partners. The people at Huntmetrics have been in security for decades now, and we couldn’t think of anyone better to help us bring DMARC to more businesses globally.”

Huntmetrics specializes in cybersecurity, application security and risk assessment, offering a plethora of services including security testing, vulnerability management, and security compliance. Headquartered in Mumbai, India, they have a strong presence across the subcontinent as well as Qatar and Kuwait. Their driving business philosophy is not to pitch products based on profitability, but rather offer “practical solutions that work”.

Through this partnership, they seek to expand their catalogue of services and help businesses combat domain spoofing. By integrating PowerDMARC’s products into their ecosystem, they’re looking to push DMARC compliance rates across Asia and secure brands against impersonation and phishing attacks.

“Email security is an exciting frontier for us,” said Huntmetrics Founder and CEO, Ayub Shaikh. “With domain spoofing attacks growing more frequent, the PowerDMARC platform is exactly what brands need to protect themselves. We already have a mature roster of cybersecurity offerings, and we’re looking forward to a fresh new addition to keep giving our clients the best experience possible.”

Ayub Shaikh

 

One of the easiest ways to put yourself at risk of losing your data is to use email. No, seriously — the sheer number of businesses that face data breaches or get hacked because of an email phishing scam is staggering. So why do we still use email, then? Why not just use a more secure mode of communication that does the same job, only with better security?

It’s simple: email is incredibly convenient and everyone uses it. Pretty much every organization out there uses email either for communication or marketing. Email is integral to how business works. But the biggest flaw of email is something that’s unavoidable: it requires humans to interact with it. When people open emails, they read the contents, click on links, or even enter personal information. And because we don’t have the time or ability to carefully scrutinize every email, there’s a chance that one of them ends up being a phishing attack.

Attackers impersonate well-known, trusted brands to send emails to unsuspecting individuals. This is called domain spoofing. The recipients believe the messages to be genuine and click on malicious links or enter their login information, putting themselves at the attacker’s mercy. As long as these phishing emails continue entering people’s inboxes, email won’t be totally safe to use.

How Does DMARC Make Email Secure?

DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication protocol designed to combat domain spoofing. It uses two existing security protocols—SPF and DKIM—to protect users from receiving fraudulent email. When an organization sends email through their domain, the receiving email server checks their DNS for a DMARC record. The server then validates the email against SPF and DKIM. If the email successfully authenticates, it gets delivered to the destination inbox.

 

 Look up and generate records for DMARC, SPF, DKIM and more with Power Toolbox for free!

 

Only authorized senders are validated through SPF and DKIM, which means if someone tried to spoof their domain, the email would fail DMARC authentication. If that happens, the DMARC policy set by the domain owner tells the receiving server how to handle the email.

What is a DMARC Policy?

When implementing DMARC, the domain owner can set their DMARC policy, which tells the receiving email server what to do with an email that fails DMARC. There are 3 policies:

  • p=none
  • p=quarantine
  • p = reject

If your DMARC policy is set to none, even emails that don’t pass DMARC get delivered to the inbox. This is almost like not having a DMARC implementation at all. Your policy should only be set to none when you’re just setting up DMARC and want to monitor the activity in your domain.

Setting your DMARC policy to quarantine sends the email to the spam folder, while reject outright blocks the email from the receiver’s inbox. You need to have your DMARC policy set to either p=quarantine or p=reject in order to have full enforcement. Without enforcing DMARC, users receiving your emails will still receive emails from unauthorized senders spoofing your domain.

But all of this raises an important question. Why doesn’t everyone just use SPF and DKIM to verify their emails? Why bother with DMARC at all? The answer to that is…

DMARC Reporting

If there’s one key shortcoming of SPF and DKIM, it’s that they don’t give you feedback on how emails are being processed. When an email from your domain fails SPF or DKIM, there’s really no way to tell, and no way to fix the issue. If someone’s trying to spoof your domain, you wouldn’t even know about it.

That’s what makes DMARC’s reporting feature such a game-changer. DMARC generates weekly Aggregate Reports to the owner’s specified email address. These reports contain detailed information about which emails failed authentication, which IP addresses they were sent from, and lots more useful, actionable data. Having all this information can help the domain owner see which emails are failing to authenticate and why, and even identify spoofing attempts.

So far, it’s pretty clear that DMARC benefits email recipients by protecting them from unauthorized phishing emails. But it’s the domain owners that are implementing it. What advantage do organizations get when they deploy DMARC?

DMARC For Brand Safety

Although DMARC wasn’t created with this purpose, there’s one major advantage organizations stand to gain by implementing it: brand protection. When an attacker impersonates a brand to send malicious emails, they’re effectively co-opting the brand’s popularity and goodwill to peddle a scam. In a survey conducted by the IBID Group, 83% of customers said that they’re concerned about purchasing from a company that was previously breached.

The intangible elements of a transaction can often be as powerful as any hard data. Consumers put a lot of trust in the organizations they buy from, and if these brands become the face of a phishing scam, they stand to lose not only the customers who got phished, but many others who heard about it in the news. Brand safety is fragile, and must be guarded for the sake of the business and the customer.

 

There’s more to brand safety than just DMARC. BIMI lets users see your logo next to their emails! Check it out:

 

DMARC enables brands to take back control of who gets to send emails through their domain. By shutting out unauthorized senders from exploiting them, organizations can ensure only safe, legitimate emails go out to the public. This not only boosts their domain’s reputation with email providers, but it also goes a long way in ensuring a relationship built on trust and reliability between the brand and consumers.

DMARC: Making Email Safe for Everyone

DMARC’s purpose has always been greater than helping brands safeguard their domains. When everyone adopts DMARC, it creates an entire email ecosystem inoculated against phishing attacks. It works exactly like a vaccine — the more people that enforce the standard, the smaller the chances of everyone else falling prey to fake emails. With each domain that gets DMARC-protected, email as a whole becomes that much safer.

By making email safe for ourselves, we can help everyone else use it more freely. And we think that’s a standard worth upholding.