DMARC

Domain-based Message Authentication Reporting and Conformance (DMARC)

  1. Home
  2. chevron_right
  3. DMARC

2FA and DMARC

folder_openDMARC, phishing
2-factor authentication has become more vulnerable to attacks, making DMARC even more important. Recently, a researcher in named Piotr Duszyński released an open source project that allows attackers to automate a phishing attack that bypasses 2-factor authentication. The new tool,…
Read More

The Value (and Risk) of DMARC Quarantine

folder_openDMARC, phishing
Protect your paycheck! Direct deposit make depositing your paycheck automatic and simple… Until something goes wrong. That’s what recently happened to several Wichita State University (WSU) employees. They received an email with a link prompting them to login using their…
Read More

Email Spoofing and your Bank

folder_openDMARC, phishing
Alert!! STCU is warning members about a phishing email that is circulating in an attempt to steal login credentials from members. Phishing and Your Bank According to the report, there is an “official-looking” email claiming to be from STCU (Spokane…
Read More

DMARC in Higher Education

folder_openDMARC, phishing
There was another news article about universities that became the targets of a phishing attack. Unfortunately, it wasn’t a very big headline since it is all too common for a university to be targeted. An article from bleepingcomputer.com stated that…
Read More

How to Verify an Email’s Sender

folder_openDMARC, phishing
You have an email. It looks legit and you really want to click that link, but how do you verify that it’s not a phishing scam (and you’re about to give away personal information, money, or access to your accounts or…
Read More
DMARC forensic/failure reports

Failure/Forensic Report? What’s that?

folder_openDMARC, For Users
What is a forensic report? There are two types of DMARC reports. The aggregate reports and the failure reports (also called forensic reports). Data from aggregate reports are included most basic DMARC reports and can be viewed in Fraudmarc’s DMARC…
Read More
how to send a spoofed email

How to send a Spoofed Email

folder_openDMARC, phishing
Sending an email from an email account that you don’t control is called email spoofing. The problem with spoofed messages compared to other phishing messages (e.g. Nigerian Prince schemes) is that spoofed emails usually impersonate someone the recipient trusts. Essentially,…
Read More
Why you have to wait for DMARC Reports

Why You have to Wait for DMARC

folder_openDMARC, For Users
You just finished setting up DMARC for your domain. Congratulations! You’re on your way to securing your domain. Now, you have to… wait a little… We all hate waiting, but it this case it’s necessary to wait at first. DMARC…
Read More
A brief history of DMARC

A Brief History of DMARC

folder_openDMARC
Fraudmarc is changing the way business think about email authentication by providing universal access to DMARC through free tools, free and paid options of hosted plans, and Fraudmarc CE, the open source version of Fraudmarc’s DMARC report processing. Fisrt the…
Read More
Fraudmarc CE- Open Source DMARC reporting

Fraudmarc CE: Open Source DMARC

folder_openDMARC
 DMARC has been around since 2012, yet adoption is still below 0.1% across the Internet… and spoofed emails still plague many businesses, damaging brand reputations and cause substantial loss. DMARC’s value as a security measure is widely recognized; governments have…
Read More

What DMARC Can (& Can’t) Do for Domains

folder_openDMARC
Click to Enlarge Every domain should implement DMARC; it solves many email security problems. However, like all solutions, it has some limitations. It can’t completely protect domains from every type of phishing scheme or social engineering attack. As an open…
Read More

How to Implement a Reject Policy

folder_openDMARC
Click to Enlarge Image If you don’t have a DMARC Reject policy on your domain, you’re not alone—97% of Fortune 500 companies don’t have a Reject policy, either. Following some basic guidelines can make implementing a Reject policy easier. Here’s…
Read More
DMARC and state governments

DMARC and State Governments

folder_openDMARC
You may have heard that the DHS mandated DMARC for all federal agencies last year. Many federal agencies are still working on it, despite the expired deadline. But what about state governments? There has been no mandate for state governments.…
Read More

Understanding Fraudmarc’s Email Security Scores

folder_openDMARC, SPF
Fraudmarc ranks the security of every domain’s email using an Email Security Score. You check the Email Security Score of any domain here. Why Evaluate Email Security? As phishing attacks  become more sophisticated and frequent, email security is more important…
Read More
Menu