Email phishing and DMARC, DKIM and SPF protocols

What is Email Phishing?

Here is an example of email phishing.

Hi, Dear Marie,

Hope, everything is fine. Today I made some credit card updates. Here is my account number ***, and please transfer my money to this account today.

Sincerely,

David

CEO and Founder of an example company.

Would you like your accountant to send your money to another phisher guy by deception? Of course not. So, this is an amazing journey for you to understand the DMARC concept and learn how DMARC implementation can increase your business trust.

What can you do to stop email phishing attacks?

You can build a DMARC record to stop a phisher guy from stealing your private data, writing on your behalf, or using your personal email address for violation purposes. As well as, DMARC can help you increase your email deliverability and help your emails to reach customer's inbox. So, be responsible enough to use the DMARC record generator, because business data security is more than important.

If you are a businessman, a bank officer, a chief marketing specialist, or an engineer and you're worried about your data privacy, accounts information security then this article is really useful and helpful for you.

“According to research, 34.9% of all spear-phishing email was directed at an organization in the financial industry”. You can check urls at Openphish.

Why is protected email important?

In our age, protected email is important, because it helps you connect with your colleagues, friends, or family members at the highest level of security.

There are several benefits of protected or secured emails:

1. avoid business risks
2. protect confidential information
3. nullify message replay possibilities
4. avoid identity theft
5. repudiate sent messages

Is this issue so widespread?

As stated by Hubspot,  86% of professionals prefer to use email to communicate for business purposes. Other researches show that Email is the third most influential source of information for B2B customers. There is an interesting research by Themarketinghelpline, you can check it here. 

According to the Global IT Security Risks Survey of 2014, the typical damage of a breach (including the costs of hiring professional services, increased downtime, and lost business opportunities) was $35,000 for small-to-mid-sized businesses and $690,000 for enterprises”.

If you want to avoid email phishing then, you will say “I want advanced email protection for my business domain”.  

Additionally, DMARC email protection can help increase your domain authority and enhance email deliverability. These are some of the vital benefits of DMARC.

“E-Mail phishing rate is 1 in 1,846”.

What is SMTP?

In 1982, when people discovered the simplest mail transfer protocol they couldn't anticipate that email phishing would become a global issue for a lot of companies and users, but year by year the number of spam emails started to grow increasingly.

Simple Mail Transfer Protocol or SMTP is designed as a mail transmission system that allows you to deliver your message to another person. This simple protocol is responsible for email transmission. MTA (mail transfer agent) and MUA (mail user agent) are email agents. MTA is an email transportation agent. This simple protocol helps you send and receive emails. MUA is an email client. It allows users to read your messages.

There are lots of Softwares which are responsible for email delivery. Microsoft Outlook, Eudora store your emails on your computer. Others, such as Yahoo and Hotmail store and collect your emails on its mail server. So, the SMTP protocol is a simple mail format that allows people to send and receive emails.

According to the research, 76% of organizations said they experienced phishing attacks in 2017.

The growing numbers of phishing attacks make people dig deep into this problem to find appropriate email protection solutions.  

DKIM AND SPF protocols

SPF protocol is an address validation tool that can check email address origin. Everybody has unique, authorized DNS records from where they can send an email. DKIM is a component of email authentication that uses an encrypted signature to check the sender's DNS records in order to verify the source of the mail. I can compare SPF and DKIM protocols with a matching necklace of couples, where a boy wears a key and a girl wears a heart. DKIM is that key, he can open the SPF source.

So, what is DMARC?

DMARC is an email authentication or validation protocol that is based on SPF and DKIM protocols.

In this scene, you can refer to DMARC as a policeman that detects a guy who wants to send an email to David's accountant. The policeman, who is DMARC, can even send you the reports of failed emails. There you can see both the IP addresses and information about the phisher.

DMARC (Domain-based Message Authentication, Reporting Conformance)  helps you control the way people send another person an email from you by your name. You can generate or configure your DMARC record with EasyDMARC free tools. 

If You don't have any DMARC policy every single person and spambot can send an email on your behalf to another person without letting you know about that.  Although DMARC can't prevent someone from making a phishing attack, it can send reports to you which will let you investigate phishing facts. In this case, it maintains the conversation between you and a recipient. So DMARC as a policeman is always sending a signal about violation acts. These fines are called DMARC policies.

DMARC has 3 different types of policies. You can apply as your DMARC policy now!

• P= none: "None" DMARC policy helps you to analyze DMARC reports, but the spoofed emails are still going to the receiver's inbox, although,
• p=quarantine:  You can choose a "Quarantine" policy if You want to deliver a failed email as a junk email or spam.
• p=reject:  "Reject" DMARC policy never ever allows the spoofed emails to be delivered.

DNS records keep all information of your IP address and your domain. So it looks like your passport, which belongs to only. Imagine, that there are written your birth date and time, age, and other information.  DMARC as a policeman is going to check the archives and the documents of a sender to know whether it is a spambot, a criminal, or the owner of the domain. DMARC checker verifies the IP address consistency with a real domain.

What are Email Spoofing and Phishing?

According to Kaspersky Lab, 2016 report "Phishing emails include fake notifications from banks, e-payment systems, email providers, social networks, online games, etc".

Email phishing is a cyber act of data theft. Phishers can steal your sensitive data, username, and password, bank account information, and email address to send an email to someone from your email address. The purpose of a phishing attack is to pretend to be a person with whom you're in email communication. So, a phisher is a person who is good at creating real-looking and spoofed emails.

According to Microsoft's Justin Rao and Google's David Reiley, spammers make $200 million per year, while it costs $20 for companies globally.

So, let's conclude!

The scenario is like this. Imagine, that a phisher guy wants to send an email to David's accountant. A DKIM's role is to check David's IP address and see if it is private or matches with the private and public keys. DKIM and SPF have a healthy and good relationship with each other and they work together as close friends to conquer with the phishers or bots.

If David's Domain had an SPF record it is less likely that a phisher can send an email from his email address. If the accountant has a DKIM signature it means he can verify an active directory domain name.

SPF and DKIM protocols are the basis of email authentication but this doesn't mean that a phisher can't send a spoofing email or spam from someone's IP address if he/she added SPF and DKIM DNS records. If David uses a DMARC record generator and has his Dmarc record published a phisher guy can again send an email from David to Marie, but this way, David can apply his DMARC policy.

DMARC policies in a nutshell

For example, send it to Marie but send me the records about it-” NONE” policy.

Send it to Marie's junk folder and send me the records- “Quarantine” policy.

Never send it to Marie but send me the records- “Reject” policy.

For a lot of businesses, it is important not only to send email but also to ensure email protection. So, secure email marketing is the best way to gain customers' interest, raise business authority, increase email deliverability rate, and stop phishing scams. (For deliverability best practices you can check Sender.net's blog ) No one can say he/she doesn't need a protected email, for email information leakage and not protected email can cause huge and irreversible damages to your company.