Tag Archive for: Phishing

Why is Phishing so effective?

Phishing is an effective and dangerous cybercrime because it relies on people’s inherent trust in the internet. The idea that criminals would be able to fool you into giving up private information is hard for most people to believe, which makes it easy for even well-meaning people to fall victim to a phishing attack.

Key Factors that make Phishing an effective and dangerous cybercrime

Phishing is a common cybercrime that can be easily committed and hard to detect. Although phishing has been around for decades, it’s still a major threat to both businesses and individuals.

  • Phishing is an effective cyber crime because it’s so simple. You send an email, or post something on social media, that looks like it’s from a legitimate company or person. It asks you to log in to your account and change your password or enter some other information—like credit card numbers or passwords for other accounts you have.
  • The reason why phishing is so effective is that the perpetrators can target specific individuals or groups of people. They also have a wide variety of methods they can use to trick their victims into giving up their information. 

For example, they may send an email that appears to be from a legitimate company (like Google) asking you to log into your account on their website. If you fall for this trick, your username and password are stolen!

  • Another reason why phishing is such an effective crime is that there are no actual laws against it yet—it’s just considered online harassment or fraud at this point in time. This means that victims have no legal recourse when someone steals their personal information through phishing scams like the ones mentioned above!
  • There is not much awareness regarding Phishing even in recent years. Most corporate employees, domain owners and individuals have only fleetingly heard the term “phishing” without a proper understanding of how it is executed and what they can do to protect themselves against it.
  • Part of the reason is that phishing is so easy to execute. All you need is a computer and some basic knowledge of how to use it. That makes phishings cheap and easy to pull off—and that’s why they’re so dangerous.
  • The other part is that human beings are really good at being tricked. Our brains are built to believe what our eyes tell us, and phishers have learned how to exploit this tendency in order to get people to act against their own interests. 

That’s why even though we know better than to open an email from someone we don’t know or click on links in emails sent by people we don’t know, we still do it sometimes—because our brains want us to believe that these things are safe!

How to detect Phishing Attempts?

Make sure the email sent to you is genuine

If you’re not sure whether it’s real or not, there are a few things you can do to check. First, if the person who sent it is someone you know (like your boss), just call them up and ask if they really sent it. If they say yes, then go ahead and do what they asked. But if they tell you no… well then, maybe something fishy is going on!

Second, look at the email address: does it look like an official address from the company? Often times these kinds of emails will be sent from an address that ends with “mailinator” or something similar—that means it isn’t actually from them!

Authenticate your messages

To keep the guesswork out, you can consider authenticating your email messages using reliable protocols like SPF, DKIM and especially, DMARC. Authentication can help domain owners prevent a wide range of cyber attacks including spoofing, phishing, ransomware and BEC

Look for telling signs

  1. Look for misspellings, bad grammar, and other errors in the email. Most phishing emails will have at least one error in them because they are created by scammers who aren’t native English speakers.
  2. Look for links in the email. If the link directs you to a website that isn’t associated with your bank or online store, then it’s probably not safe to click on it.
  3. Verify any phone numbers that are listed on the email using a trusted source like Google Voice or Skype before calling them back—even if they seem legitimate! You can also call your bank directly without sharing any sensitive information over the phone if you’re suspicious of an email request.”

Read our detailed guide on Common Indicators of a Phishing Attempt.

How to avoid getting phished?

To avoid being scammed, follow these tips:

  1. Never click on phishing links in emails or text messages unless you know where they’re coming from (and if they ask for personal information).
  2. Look at the email address of the sender and compare it with their real email address (if they’ve given this out). If it doesn’t look right or there are spelling mistakes or other errors, don’t open it!
  3. Enforce your DMARC policy to p=reject (note that shifting to DMARC enforcement should be a gradual process, and it is always recommended to start with p=none)
  4. Educate your employees about email attack vectors and best practices by undergoing a free DMARC training

Final Words

Not only do phishing attacks put your network at risk for data breaches and malware infections, but they also cost companies millions in lost revenue and reputational damage every year (according to IBM). The best way to prevent these attacks is through awareness, early detection and effective preventions. 

phishing

/by

Ransomware Vs Malware Vs Phishing

Ransomware, malware, and phishing are three types of online threats that have been around for years. All three can be deployed via email, are detrimental to an organization, and can lead to the loss of financial or informational assets. They can be difficult to tell apart, but our ransomware vs malware vs phishing guide is here to highlight some key differences between them. 

Here’s a breakdown:

Ransomware Vs Malware Vs Phishing: Definitions

Ransomware Vs Malware

Ransomware is a type of malware that can encrypt your files and then make them inaccessible unless you pay the cybercriminals who sent it a ransom. The problem is that this isn’t just any old malware—it’s specifically designed to make you pay money by taking control of your computer and holding your files hostage until you pay up. Ransomware may also operate as a service commonly known as RaaS

 

Malware is another type of threat that can infect your computer and make it unusable. In most cases, malware doesn’t demand payment in exchange for removing itself from your device—instead, it will leave behind unwanted programs or files on your hard drive or laptop after it takes over your system.

Ransomware and Malware Vs Phishing

Phishing attacks involve sending emails with links or attachments that appear to come from trusted websites like Facebook or Gmail but lead to malicious sites controlled by cybercriminals who want to steal information about you or other people on the internet so they can commit identity fraud later down the road (like when trying to buy plane tickets).

Differences in Attack Prevention and Mitigation

Ransomware attack prevention 

Ransomware can be spread through email, social media, and other online services, or it can be downloaded from a website. It’s often used to extort money from victims, in what’s known as a “ransomware attack.”

The best way to prevent ransomware attacks is to use strong passwords and other security measures that protect your system and emails such as reliable anti-virus software and email authentication protocols like DMARC, respectively. 

Read our full guide on DMARC and ransomware.

Ransomware attack mitigation

If you’ve been affected by a ransomware attack, there are some things you can do right away:

  1. Make sure all the files on your PC are backed up and saved somewhere else (like an external hard drive)
  2. Remove any suspicious software from your computer and don’t install new software until the infection has been removed completely (or at least until there’s no risk)
  3. Don’t open any emails asking for money—don’t click on links in them either! 
  4. If possible, connect with friends or family members who have access to their computers so they can help clean up after you’re done 
  5. Consider having someone take over your account if possible so that only one person has access to it at once; this will make it easier for them to clean

Malware attack prevention

  1. The first step is to install antivirus software on your computer. Antivirus software can detect and remove viruses and other types of malicious software from your computer. This should be done as soon as possible after you have been infected with malware so that it can be removed before any damage has been done to your computer.
  2. Another way of preventing malware attacks is by keeping your operating system up to date. Most operating systems come with automatic updates that help keep them secure against new viruses and other types of malware by automatically downloading them when they become available online or through an update application on your computer. If there are no updates available for an operating system then it is best not to install anything until an update has been released for that particular version of the OS (Operating System).
  3. A third way of preventing malware attacks is by using strong passwords whenever possible instead of using simple ones like 12345.

Malware attack mitigation

If your computer is infected with malware, don’t wait! Run a full scan with an antivirus program before attempting any other steps. 

When a computer is infected with malware, it can spread quickly and cause more problems than just slowing down your computer. So make sure that you run a full scan before trying any other methods of recovering from a malware attack.

Phishing attack prevention

DMARC is one of the most effective ways to combat this type of attack because it can help prevent attackers from getting hold of your domain name, which would allow them to impersonate your site or service, and thus get access to your customer’s data. However, you need to be on an enforced DMARC policy of p=reject to prevent the attacks. 

Phishing attack mitigation

If your customers are receiving phishing emails that seem to be originating from your domain, you need a mechanism in place to track down these malicious IPs. DMARC reports are an excellent way to monitor your sending sources and track these IPs to blacklist them faster. 

We recommend configuring our DMARC report analyzer to view your reports in a human-readable (non-XML) format. 

Conclusion

In short, Ransomware is a type of malware that encrypts files on your computer, holding them hostage until you pay up to have them unlocked. Malware is any kind of software that alters or deletes data without your explicit consent. Phishing is when scammers pretend to be someone you know—like your bank or employer—and ask you to provide sensitive information like usernames and passwords. 

However, all three can be administered to a user via fake emails from a spoofed address pretending to be you! Protect your domain’s emails today with a DMARC analyzer and never worry about impersonation threats again!

phishing

/by

What is Credential Phishing and how does DMARC prevent it?

Credential phishing tactics are not new. In fact, this type of social engineering attack has been used to trick people into revealing secure information for as long as email has existed. The only difference now is the way cybercriminals are thinking about how to design these attacks. They’re relying on new technology and more believable social engineering tactics. But at its core credential phishing attacks work because they play on human’s trust in an organization.

DMARC is a viable solution that can be leveraged by domain owners to protect their organization against credential phishing attacks..

What is Credential Phishing?

Just like spear-phishing and whaling, credential phishing is a popular form of phishing attack launched by attackers wherein they use digital manipulation, often combined with the force of psychological pressure to break a user’s defenses and make them fall prey to their tactics. In recent times, 96% of all phishing attacks start with fraudulent emails that are often sent in the garb of trusted organizations. Credential phishing is no different in that aspect.

Often perpetrated using fake emails, it creates a sense of urgency among receivers with eye-catching subject lines. These emails are designed using sophisticated social engineering tactics that can easily evade spam filters and generic security gateways by spoofing valid organizational domains. Inside the email body, there is often a malicious link which when clicked on redirects the receiver to a page asking for either of the following credentials:

  • Banking credentials which the attacker then uses to wire money transfers into an attacker-controlled bank account
  • Corporate credentials (in case the victim is an employee of the spoofed company) which the attacker then uses to gain access to company databases and steal sensitive information and assets

Either way, credential phishing campaigns instigates a sense of exigency among email receivers, while launched by attackers while impersonating a reputed organization can drastically impact the company’s credibility and good name. It can lead to the loss of data and financial assets, as well, and hurt email marketing efforts.

For a business that specializes in custom websites, such a phishing attack can be particularly devastating as it can damage the reputation of the business and make it difficult to attract new clients. It’s important for any company offering online services to take steps to protect their clients’ data and assets and to be vigilant about phishing attempts that may target their clients or their own organization.

How Does DMARC Prevent Credential Phishing?

DMARC is a powerful email validation system that was created to address phishing attacks and improve email security across the Internet. DMARC builds on pre-existing protocols like SPF and DKIM. They help validate your outbound emails by checking email headers for domain alignment. DMARC allows domain owners to set down a policy for fake emails, and choose whether they want to quarantine them or block them out. Subsequently, it keeps credential phishing attacks at bay and minimizes its success rate.

Configuring DMARC involves changing a few DNS configurations by publishing a DMARC record in your domain’s DNS. Manually creating a record can leave room for human error, hence, you can use a DMARC record generator to serve the purpose. DMARC helps reduce the risk of fraudulent activities on your domain while improving your email deliverability rate by almost 10% over time.

How to Read Your DMARC Reports Easily?

When configuring DMARC for your domains, you have the choice to enable DMARC reporting for them.  DMARC aggregate reports provide granular details on email sending sources helping you view your authentication results, measure email performances and track malicious senders faster. Webmasters, email service providers, and sending domains use DMARC aggregate reports to monitor and evaluate whether the emails they send are being authenticated and how those email messages are performing. These reports help them monitor non-compliant domains and senders, measure the success rate of their authentication and identify any new threats in a timely manner.

However, DMARC reports are sent in Extensible Markup Language, which can appear indecipherable to non-technical individuals. A DMARC report analyzer provides you with a platform where these XML files are parsed into a simpler, readable, and organized format that helps you view your reports on a colorful dashboard. It also allows you to view the results for multiple domains and sending sources at the same time, and filter results by:

Per sending source 

Per host

Per result 

Per country 

Per organization 

Geolocation

Detailed stats

Give your organization the boost of email security it rightfully deserves, by signing up for your DMARC analyzer today!

phishing

/by

5 Important Phishing Terms All Marketers Should Know

Marketers are the designers of brand image, hence they need to be aware of these 5 famous Phishing terms, that can wreak havoc on a company’s reputation.  Phishing is a type of attack vector that involves a website or email that looks as if it is from a reputable organization but is actually created with the intent of gathering sensitive information such as usernames, passwords, and credit card details (also known as Card Data). Phishing attacks are common in the online world.

When your company falls victim to a phishing attack, it can cause brand name harm and interfere with your search engine ranking or conversion rate. It should be a priority for marketers to protect against phishing attacks because they are a direct reflection of your company’s consistencies. Hence, as marketers, we need to proceed with extreme caution when it comes to phishing scams.

Phishing scams have been around for many years. Don’t worry if you didn’t hear about it before, it isn’t your fault. Some say that the cyber scam was born 10 years ago but phishing officially became a crime in 2004. As Phishing techniques continue to evolve, encountering a new phishing email can quickly become confusing, and sometimes it’s hard to tell if the message is legitimate or not. You can better protect yourself and your organization by being alert to these five common phishing techniques.

5 Common Phishing Terms You Need to Know

1) Email Phishing 

Phishing emails are usually sent out in bulk from a domain that mimics a legitimate one. A company might have the email address [email protected], but a phishing company might use [email protected]. The goal is to fool you into clicking on a malicious link or sharing sensitive information by pretending to be a real company you do business with.  A fake domain often involves character substitution, like using ‘r’ and ‘n’ next to each other to create ‘rn’ instead of ‘m’.

Phishing attacks are constantly evolving and getting more and more undetectable with time. Threat actors are using social engineering tactics to spoof domains and send fraudulent emails from a legitimate domain, for malicious ends.

2) Spear Phishing 

A spear phishing attack is a new form of cyberattack that uses false information to gain access to accounts that have a higher level of security. Professional attackers have a goal of compromising a single victim, and in order to carry out this idea, they research the company’s social profile and the names and roles of employees within that company. Unlike phishing, Spear phishing is a targeted campaign against one organization or individual. These campaigns are carefully constructed by threat actors with the sole purpose of targeting a specific person(s) to gain access into an organization.

3) Whaling

Whaling is a highly targeted technique that can compromise the emails of higher-level associates. The objective, which is similar to other phishing methods, is to trick employees into clicking on a malicious link. One of the most devastating email attacks to pass through corporate networks is the whaling scam. These attempts at personal gain using powers of persuasion to lower victims’ resistance, tricking them into handing over company funds. Whaling is also known as CEO fraud, as attackers often impersonate people in authoritarian positions such as the CEO of a company.

4) Business Email Compromise 

Business Email Compromise (BEC) is a form of cyber crime which can be extremely costly to businesses. This type of cyber attack uses email fraud to influence organizational domains into partaking in fraudulent activity resulting in the compromise and theft of sensitive data. Examples of BEC can include invoice scams, domain spoofing, and other forms of impersonation attacks. Each year an average organization can lose up to $70 million dollars to BEC scams, learn more about 2020 BEC attack statistics. In a typical attack, fraudsters target specific employee roles within an organization by sending a series of fraudulent emails that claim to be from a senior colleague, customer, or business partner. They may instruct recipients to make payments or release confidential data.

5) Angler Phishing 

Many corporations have thousands of customers and receive hundreds of complaints daily. Through social media, companies are able to escape the confines of their limitations and reach out to their customers. For this, corporations often use community management and online reputation management tools. This enables a corporation to be flexible and adjust to the demands of its customers. Angler phishing is the act of reaching out to disgruntled customers over social media and pretending to be part of a company. The angler phishing scam is a simple ploy used to trick casual social media users into thinking that a company is trying to remedy their problems when in reality, the person on the other end is taking advantage of them.

How to Protect Your Organization from Phishing and Email Fraud

Your email service provider may come with integrated security packages as a part of their service. These however act as spam filters that offer protection against inbound phishing attempts. However, when an email is being sent by scammers using your domain name to recipient inboxes, like in the case of BEC, whaling, and other forms of impersonation attacks listed above, they won’t serve the purpose. This is why you need to avail of email authentication solutions like DMARC, immediately and shift to a policy of enforcement.

  • DMARC authenticates your emails by aligning them against SPF and DKIM authentication standards.
  • It specifies to receiving servers how they should respond to emails failing authentication checks.
  • DMARC aggregate (RUA) reports provide you with enhanced visibility into your email ecosystem and authentication results and helps you monitor your domains easily.
  • DMARC forensic (RUF) reports give you an in-depth analysis of your DMARC failure results, helping you respond to impersonation attacks faster.

How Can PowerDMARC Help Your Brand?

PowerDMARC is more than just your DMARC service provider, it is a multi-tenant SaaS platform that provides a wide range of authentication solutions and DMARC MSSP programs. We make email authentication easy and accessible for every organization, from small businesses to multinational enterprises.

  • We help you move from p=none to p=reject in no time, so as to protect your brand from impersonation attacks, domain spoofing, and phishing.
  • We help you easily configure DMARC reporting for your with comprehensive charts and tables and RUA report views in 6 different formats for ease of use and amplified visibility
  • We cared about your privacy, so you can encrypt your DMARC RUF reports with your private key
  • We help you generate scheduled PDF reports on your authentication results
  • We provide dynamic SPF flattening solution like PowerSPF so that you never exceed the 10 DNS lookup limit
  • We help you make TLS encryption mandatory in SMTP, with MTA-STS to protect your domain from pervasive monitoring attacks
  • We help you make your brand visually identifiable in your recipient inboxes with BIMI

Sign up with PowerDMARC today to get your free DMARC analyzer tool trial, and shift from a policy of monitoring to enforcement to provide your domain maximum protection against BEC, phishing, and spoofing attacks.

phishing

/by

This is What Email Phishing Can Do to Your Brand Image

Let’s talk about spoofing for a minute. When you hear words like ‘phishing’, ‘business email compromise’ or ‘cybercrime’, what’s the first that pops into your head? Most people would think about something on the lines of email security, and chances are, you did, too. And that’s absolutely right: each of the terms I just mentioned are forms of cyberattack, where a criminal uses social engineering and other techniques to gain access to sensitive information and money. Obviously that’s bad, and organizations should do everything they can to protect themselves against it.

But there’s another side to this, one that some organizations simply don’t consider, and it’s one that’s equally important to them. Phishing doesn’t just put you at a higher risk of losing data and money, but your brand stands an equally large chance of losing out, too. In fact, that chance is as high as 63%: that’s how many consumers are likely to stop shopping a brand after just a single unsatisfactory experience.

How Do Email Phishing Attacks Harm Your Brand?

Understanding how phishing can compromise your organization’s systems is fairly straightforward. But the long-term effects of a single cyberattack? Not so much.

Think about it this way. In most cases, a user checking their email is likely going to click on an email from a person or brand they know and trust. If the email looks realistic enough, they wouldn’t even notice the difference between one that’s fake and one that’s not. The email might even have a link leading to a page that looks exactly like your organization’s login portal, where they type in their username and password.

Later on, once they hear that their credit card details and address have been leaked to the public, there’s nowhere to turn to but your organization. After all, it was ‘your email’ that caused the disaster, your lack of security. When your own customers totally lose faith in your brand and its credibility, it can cause huge problems for the optics of your brand. You’re not just the company that got hacked, you’re the company that allowed their data to be stolen through an email you sent.

It’s not hard to see how this could seriously hurt your bottom line in the long run, especially when new, potential customers are turned off by the prospect of being another victim of your emails. Cybercriminals take the trust and loyalty that your customers have in your brand, and actively use it against you. And that’s what makes Business Email Compromise (BEC) so much more than a technical security issue.

What Are Some of the Worst-Hit Industries?

Pharmaceutical companies are some of the most frequently targeted businesses for phishing and cyberattacks. According to a study of Fortune 500 pharmaceutical companies, in just the last 3 months of 2018, each company faced on average 71 email fraud attacks. That’s because drug companies hold valuable intellectual property on new chemicals and pharmaceutical products. If an attacker can steal this information, they can sell them on the black market for a hefty profit.

Construction and real estate companies aren’t too far behind, either. Stealing real estate brochure design ideas is the most common. Financial service companies and financial institutions in particular face the constant threat of having sensitive data or large sums of money stolen from them through carefully planned Business as well as Vendor Email Compromise (VEC) attacks. 

All these industries benefit greatly from customers trusting their brands, and their relationship with the brands directly influences their business with the companies. If a consumer were to feel like that company wasn’t capable of keeping their data, money or other assets safe, it would be detrimental to the brand, and sometimes, irreparably so.

Learn more about email security for your specific industry.

How Can You Save Your Brand?

Marketing is all about building your brand image into something that audiences won’t just remember, but associate with quality and reliability. And the first step towards that is by securing your domain.

Cybercriminals spoof your organization’s domain and impersonate your brand, so when they send an email to an unsuspecting user, it will appear like it’s coming from you. Rather than expecting users to identify which emails are real and which ones aren’t (which very often is almost impossible, particularly for the layman), you can instead prevent those emails from entering users’ inboxes entirely.

DMARC is an email authentication protocol that acts like an instruction manual for a receiving email server. Every time an email is sent from your domain, the receiver’s email server checks your DMARC records (published on your DNS), and validates the email. If the email is legitimate, it ‘passes’ DMARC authentication, and gets delivered to the user’s inbox.

If the email is from an unauthorized sender, depending on your DMARC policy, the email can be either sent directly to spam, or even blocked outright.

Learn more about how DMARC works here.

DMARC can almost completely eliminate all spam emails that originate from your domain, because instead of blocking fake emails as they leave your domain, it instead checks for authenticity as the email arrives in the receiver’s server.

If you’ve already implemented DMARC and are looking for ways to take your brand security even further, there’s Brand Indicators for Message Identification (BIMI). This new email security standard affixes your brand’s logo next to every email from your domain that’s been authenticated by DMARC.

Now, when your customers see an email you’ve sent, they’ll associate your logo with your brand, improving brand recall. And when they see your logo, they’ll learn to only trust emails that have your logo next to them.

Learn more about BIMI here. 

phishing

/by

How Phishing Scams Are Using Office 365 to Target Insurance Firms

Email is often the first choice for a cybercriminal when they’re launching because it’s so easy to exploit. Unlike brute-force attacks which are heavy on processing power, or more sophisticated methods that require a high level of skill, domain spoofing can be as easy as writing an email pretending to be someone else. In a lot of cases, that ‘someone else’ is a major software service platform that people rely on to do their jobs.

Which is what happened between 15th and 30th April, 2020, when our security analysts at PowerDMARC discovered a new wave of phishing emails targeting leading insurance firms in the Middle East. This attack has been just one among many others in the recent increase of phishing and spoofing cases during the Covid-19 crisis. As early as February 2020, another major phishing scam went so far as to impersonate the World Health Organization, sending emails to thousands of people asking for donations for coronavirus relief.

phishing

In this recent series of incidents, users of Microsoft’s Office 365 service received what appeared to be routine update emails regarding the status of their user accounts. These emails came from their organizations’ own domains, requesting users to reset their passwords or click on links to view pending notifications.

We’ve compiled a list of some of the email titles we observed were being used:

  • Microsoft account unusual sign-in activity
  • You have (3) Messages Pending Delivery On Your e-Mail [email protected]* Portal !
  • user@domain You Have Pending Microsoft Office UNSYNC Messages
  • Re-activation Summary Notification for [email protected]

*account details changed for users’ privacy

You can also view a sample of a mail header used in a spoofed email sent to an insurance firm:

Received: from [malicious_ip] (helo= malicious_domain)

id 1jK7RC-000uju-6x

for [email protected]; Thu, 02 Apr 2020 23:31:46 +0200

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;

Received: from [xxxx] (port=58502 helo=xxxxx)

by malicious_domain with esmtpsa (TLSv1.2:ECDHE-RSA-AES2  56-GCM-SHA384:256)

From: “Microsoft account team” 

To: [email protected]

Subject: Microsoft Office Notification for [email protected] on 4/1/2020 23:46

Date: 2 Apr 2020 22:31:45 +0100

Message-ID: <[email protected]>

MIME-Version: 1.0

Content-Type: text/html;

charset=”utf-8″

Content-Transfer-Encoding: quoted-printable

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname – malicious_domain

X-AntiAbuse: Original Domain – domain.com

X-AntiAbuse: Originator/Caller UID/GID – [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain – domain.com

X-Get-Message-Sender-Via: malicious_domain: authenticated_id: admin@malicious_domain

X-Authenticated-Sender: malicious_domain: admin@malicious_domain

X-Source: 

X-Source-Args: 

X-Source-Dir: 

Received-SPF: fail ( domain of domain.com does not designate malicious_ip_address  as permitted sender) client-ip= malicious_ip_address  ; envelope-from=[email protected]; helo=malicious_domain;

X-SPF-Result: domain of domain.com does not designate malicious_ip_address  as permitted sender

X-Sender-Warning: Reverse DNS lookup failed for malicious_ip_address (failed)

X-DKIM-Status: none /  / domain.com /  /  / 

X-DKIM-Status: pass /  / malicious_domain / malicious_domain /  / default

 

Our Security Operation Center traced the email links to phishing URLs that targeted Microsoft Office 365 users. The URLs redirected to compromised sites at different locations around the world.

By simply looking at those email titles, it would be impossible to tell they were sent by someone spoofing your organization’s domain. We’re accustomed to a steady stream of work or account-related emails prompting us to sign into various online services just like Office 365. Domain spoofing takes advantage of that, making their fake, malicious emails indistinguishable from genuine ones. There’s virtually no way to know, without a thorough analysis of the email, whether it’s coming from a trusted source. And with dozens of emails coming in everyday, no one has the time to carefully scrutinize every one. The only solution would be to employ an authentication mechanism that would check all emails sent from your domain, and block only those that were sent by someone who sent it without authorization.

phishing

That authentication mechanism is called DMARC. And as one of the leading providers of email security solutions in the world, we at PowerDMARC have made it our mission to get you to understand the importance of protecting your organization’s domain. Not just for yourself, but for everyone who trusts and depends on you to deliver safe, reliable emails in their inbox, every single time.

You can read about the risks of spoofing here: https://powerdmarc.com/stop-email-spoofing/

Find out how you can protect your domain from spoofing and boost your brand here: https://powerdmarc.com/what-is-dmarc/

phishing

/by