DMARC authentication – is it enough?

Email is one of the most common gateways that cyber scammers use to attack you personally or your company. Phishing, spear phishing, social engineering and malware distribution can all be carried out easily over email with the perpetrator remaining largely untraceable. Many companies, organizations and government agencies around the world spend billions of dollars on various cybersecurity solutions that can protect them from email attacks. One of the technologies widely used by private and public companies and even the U.S. Government is DMARC or Domain-based Message Authentication, Reporting and Conformance.

What is DMARC?

DMARC or Domain-based Message Authentication, Reporting and Conformance is an email authentication system the main goal of which is to detect spoofed emails and prevent them from reaching their intended recipient. Essentially, this is an automated technology that’s meant to prevent email phishing, spam and spoofing to protect your business or organization without you even knowing about it. One example of DMARC in action is when the technology blocks an email that’s been forged to look like it’s coming from an organization when it’s, in fact, coming from a scammer.

What are the shortcomings of DMARC authentication?

DMARC is a great email authentication service that can help prevent many cyber attacks but it’s not perfect and there are a few flaws. First of all, it’s important to remember that DMARC technology only protects your domain from being used to impersonate someone from your company in a phishing attack. So it protects your reputation but it doesn’t really protect your employees from falling victim to a spoofed email. In order for your company to be fully protected from spoofing by DMARC, domains of all the companies and individuals you and your employees communicate with need to be protected with DMARC, which presents an issue because only a little over 30% of companies use DMARC, so some of the vendors and organizations your employees communicate with might not have DMARC enabled.

Secondly, DMARC only protects your domain from being spoofed directly. This means that if your company has a .com domain and someone wants to spoof the same .net domain, they will be able to do it. DMARC also can’t prevent attacks that are carried out using domains that look similar to yours but not the same, for instance, if the domain has misspellings or similar symbols instead of certain letters.

Frequently asked questions about DMARC technology

What technologies does DMARC use?

DMARC is a relatively new technology that uses two older mechanisms – DKIM, or DomainKeys Identified Mail and SPF, or Sender Policy Framework.

What happens to emails that don’t pass DMARC authentication?

If an email doesn’t pass DMARC authentication it’s simply blocked by the system so that the recipient doesn’t see it.

What portion of cyberattacks happens over email?

You might be surprised to find out that over 90% of all cyber-attacks are carried out by email using social engineering to trick the target of the attack. There’s more than a 60% chance that your business will become a victim or a social engineering attack in any given year.

Contact us