Imagine you get to work one day, settle down at your desk, and open up your computer to check the news. Then you see it. Your organization’s name is all over the headlines — and it’s not good news. Someone launched an email spoofing attack from your domain, sending phishing emails to people all over the world. And many of them fell for it. Your company just became the face of a huge phishing attack, and now no one trusts your security or your emails.

This is exactly the situation that employees of the World Health Organization (WHO) found themselves in during the Covid-19 pandemic in February, 2020. Attackers were using the WHO’s actual domain name to send emails requesting people to donate to a coronavirus relief fund. This incident is hardly an isolated one, however. Countless organizations have fallen victim to very convincing phishing emails that innocuously ask for sensitive personal information, bank details or even login credentials. These can even be in the form of emails from within the same organization, casually asking for access to a database or company files.

As much as 90% of all data loss incidents have involved some element of phishing. And yet, domain spoofing isn’t even particularly complex to pull off. So why is it able to do so much damage?

How Does Domain Spoofing Work?

Domain spoofing attacks are pretty simple to understand.

  • The attacker forges the email header to include your organization’s name and sends fake phishing emails out to someone, using your brand name so they trust you.
  • People click on malicious links or give away sensitive information thinking it’s your organization asking for them.
  • When they realize it’s a scam, your brand image takes a hit, and customers will lose trust in you

 

You’re exposing people outside (and inside) your organization to phishing emails. Even worse, malicious emails sent from your domain could really hurt your brand reputation in the eyes of customers.

So what can you do about this? How can you defend yourself and your brand against domain spoofing, and avert a PR disaster? Here are X ways you can avoid email spoofing:

1. Optimize Your SPF Record

One of the biggest mistakes with SPF is not keeping it concise. SPF records have a limit of 10 DNS Lookups to keep the cost of processing each email as low as possible. This means that simply including multiple IP addresses in your record could make you exceed your limit. If that happens, your SPF implementation becomes invalid and your email fails SPF and might not get delivered. Don’t let that happen: keep your SPF record short and sweet.

2. Keep Your List of Approved IPs up-to-date

If your organization uses multiple third party vendors approved to send email from your domain, this is for you. If you discontinue your services with one of them, you need to make sure you update your SPF record, too. If the vendor’s email system is compromised, someone might be able to use it to send ‘approved’ phishing emails from your domain! Always make sure only third party vendors still working with you have their IPs on your SPF record.

3. Implement DKIM

DomainKeys Identified Mail, or DKIM, is a protocol that gives every email sent from your domain a digital signature. This allows the receiving email server to validate if the email is genuine, and if it’s been modified during transit. If the email has been tampered with, the signature doesn’t get validated and the email fails DKIM. If you want to preserve the integrity of your data, get DKIM set up on your domain!

4. Set The Right DMARC Policy

Far too often, an organization implements DMARC but forgets the most important thing — actually enforcing it. DMARC policies can be set to one of three things: none, quarantine, and reject. When you set up DMARC, having your policy set to none means even email that fails authentication gets delivered. Implementing DMARC is a good first step, but without enforcing it, the protocol is ineffective. Instead, you should preferably set your policy to reject, so emails that don’t pass DMARC are automatically blocked. It’s important to note that email providers determine the reputation of a domain name when receiving an email. If your domain has a history of spoofing attacks associated with it, your reputation goes down. Consequently, your deliverability takes a hit too.

5. Upload Your Brand Logo To BIMI 

Brand Indicators for Message Identification, or BIMI, is a email security standard that uses brand logos to authenticate email. BIMI attaches your logo as an icon next to all your emails, making it instantly recognizable in someone’s inbox. If an attacker were to send an email from your domain, their email wouldn’t have your logo next to it. So even if the email got delivered, the chances of your customers recognizing a fake email would be much higher. But BIMI’s advantage is twofold. Every time someone receives an email from you, they see your logo and immediately associate you with the product or service your offer. So not only does it help your organization avoid email spoofing, it actually boosts your brand recognition.

 

32 replies

Trackbacks & Pingbacks

  1. … [Trackback]

    […] Here you will find 57330 more Information on that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  2. … [Trackback]

    […] Find More on to that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  3. … [Trackback]

    […] Read More on that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  4. … [Trackback]

    […] Read More here to that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  5. … [Trackback]

    […] Here you can find 86088 more Info to that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  6. … [Trackback]

    […] Find More on on that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  7. … [Trackback]

    […] Find More Info here on that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  8. … [Trackback]

    […] Read More here to that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  9. … [Trackback]

    […] Read More to that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  10. … [Trackback]

    […] Info on that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  11. … [Trackback]

    […] Here you can find 13151 additional Info to that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  12. … [Trackback]

    […] Find More to that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  13. … [Trackback]

    […] Read More on to that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  14. … [Trackback]

    […] Read More on that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  15. … [Trackback]

    […] Read More on on that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  16. … [Trackback]

    […] Find More Information here on that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  17. w88club says:

    … [Trackback]

    […] Information to that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  18. … [Trackback]

    […] There you can find 62789 additional Information to that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  19. … [Trackback]

    […] Here you can find 20442 more Information on that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  20. w88 says:

    … [Trackback]

    […] Info to that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  21. … [Trackback]

    […] Find More here to that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  22. … [Trackback]

    […] Find More to that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  23. … [Trackback]

    […] Info on that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  24. … [Trackback]

    […] Read More here on that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  25. … [Trackback]

    […] Read More on on that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  26. … [Trackback]

    […] Find More on that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  27. Small child says:

    … [Trackback]

    […] Info on that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  28. … [Trackback]

    […] Info to that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  29. … [Trackback]

    […] There you will find 77892 more Info on that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  30. … [Trackback]

    […] Find More on to that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  31. … [Trackback]

    […] There you can find 25332 more Information on that Topic: powerdmarc.com/ways-to-stop-email-spoof/ […]

  32. […] Message Authentication, Reporting and Conformance) is an email authentication protocol designed to combat domain spoofing. It uses two existing security protocols—SPF and DKIM—to protect users from receiving […]

Comments are closed.