There are certain fundamental pillars in cyber security. If you own your own domain, DMARC is one of them.
DMARC is a tool that helps prevent hackers from impersonating and pretending to be you or your organisation when sending malicious emails (known as Spoofing).
DMARC (Domain-Based Message Authentication, Reporting & Conformance) is a protocol that helps protect your domain’s email identity, improves email security, and improves delivery of emails into Inboxes instead of Spam/Junk folders.
It’s alarmingly easy for malicious actors to disguise their identity and make emails look like they’re coming from your domain (e.g., your CEO’s or Finance Department’s email address). Criminals often use Spoofing to conduct attacks like Phishing, Malware, Ransomware, and Business Email Compromise (BEC) fraud. These attacks could target the domain owner’s employees, but more commonly, criminals exploit the trusted domain to go after the company’s customers.
DMARC protects the outbound mail from your domain and can save a business from reputational damage, financial losses, loss of customer trust, and regulatory fines.
A lot of businesses aren’t aware of the threat of spoofing or the importance of implementing DMARC. They also don’t understand the risks and the potential consequences of not having proper email authentication in place.
Those that are aware of the DMARC protocol, know that it’s quite complex to set up and maintain, especially for organizations with large email volumes and complex email infrastructure. Therefore, without the technical expertise or resources, it is often not implemented.
ARMD.digital, in partnership with Sendmarc, offers a solution that automates the DMARC implementation process and will have you fully protected within 90 days, with ongoing monitoring and user-friendly reporting.
Don’t allow a digital fraudster to misuse your trusted brand – book a meeting with us.
DMARC is a tool that helps prevent hackers from impersonating and pretending to be you or your organisation when sending malicious emails (known as Spoofing).
DMARC (Domain-Based Message Authentication, Report & Conformance) is a protocol that helps protect your domain’s email identity, improves email security, and improves delivery of emails into Inboxes instead of Spam/Junk folders.
It’s alarmingly easy for malicious actors to disguise their identity and make emails look like they’re coming from your domain (e.g., your CEO’s or Finance Department’s email address). Criminals often use Spoofing to conduct attacks like Phishing, Malware, Ransomware, and Business Email Compromise (BEC) fraud. These attacks could target the domain owner’s employees, but more commonly, criminals exploit the trusted domain to go after the company’s customers.
DMARC protects the outbound mail from your domain and can save a business from reputational damage, financial losses, loss of customer trust, and regulatory fines.
A lot of businesses aren’t aware of the threat of spoofing or the importance of implementing DMARC. They also don’t understand the risks and the potential consequences of not having proper email authentication in place.
Those that are aware of the DMARC protocol, know that it’s quite complex to set up and maintain, especially for organizations with large email volumes and complex email infrastructure. Therefore, without the technical expertise or resources, it is often not implemented.
ARMD.digital, in partnership with Sendmarc, offers a solution that automates the DMARC implementation process and will have you fully protected within 90 days, with ongoing monitoring and user-friendly reporting.
Don’t allow a digital fraudster to misuse your trusted brand – book a meeting with us.
Know your score
Quickly assess your company’s cyber security vulnerabilities to fraudulent email practices like Spoofing and Phishing.
Frequently Asked Questions
DMARC checks that the sender of the email is legitimate, that the message hasn’t been compromised, and if it passes the authentication process, delivers the email to the receiver’s Inbox. And if it doesn’t pass, it rejects the email.
There are 3 stages to successfully implementing a DMARC policy and the ‘p=’ values stand for “policy”.
- p=none – In this first phase, emails are monitored but the policy means no action is taken and all emails are processed
- p=quarantine – In this second phase, unauthorised emails will go to the receiver’s SPAM/Quarantine folder
- p=reject – In this third phase, unauthorised emails are blocked from reaching recipients
Until your DMARC policy is set to ‘reject’ your domain will remain at risk.
DMARC is an acronym for Domain-based Message Authentication, Reporting & Conformance.
DMARC combines two standard authentication and encryption tools, and an added layer of telemetry.
DMARC is always used with SPF (Sender-Policy Framework) and DKIM (Domain Keys Identified Mail).
- Stops spoofing attacks & impersonation on your domain.
- Protects your domain from being used in Phishing, Malware, Ransomware, or Business Email Compromise (BEC) fraud.
- Improves email deliverability, increasing the likelihood of legitimate messages being delivered to an Inbox rather than a Spam folder. (Think about an important email you think your client’s seen but hasn’t, or a marketing mail you hope will boost sales).
- Helps you comply with in-house company regulations, as well as industry and statutory regulatory requirements.
- Protects your finances, brand reputation, staff, customers, and suppliers.
Setting up DMARC is complex and providing detailed reporting that’s meaningful and helpful is even more difficult (ask any IT consultant!).
We take care of all of this –
- We take control of the entire implementation and have you fully protected within 90 days.
- We use a carefully planned 5-stage process to ensure all bases are covered and that legitimate mails aren’t affected.
- There’s no downtime and no DMARC user-training required.
- Our systems ensure your email ecosystem is proactively monitored and protected.
- We provide detailed reporting that’s user-friendly, helpful and meaningful.
- We’ll alert you if any malicious activity is detected and help you resolve it.
Full implementation costs will be provided upfront – we’ll send you a link with your Quote – if you accept, you can pay directly online.
Microsoft will provide two key roles when it comes to DMARC, sending DMARC aggregate reports and enforcing DMARC policies. However, companies require more to achieve full DMARC compliance and here’s why:
Reporting: Sendmarc collects DMARC data from Microsoft plus the many other email providers which your company may use to send out mail (e.g. systems like CRM, Payroll, Email Marketing, Website Forms, etc). Microsoft doesn’t offer a way for customers to see all the other data, but Sendmarc does; and, importantly, it does so in an easy to understand visualized format. Without this reporting, companies are often unaware of the systems they actually use to send out emails and therefore they don’t configure them.
Configuration: While Microsoft will definitely follow email security rules (DMARC, SPF, and DKIM), it’s up to the domain owner to set them up correctly (for all the email sending systems the company utilises). Sendmarc helps with this setup to prevent legitimate emails from being rejected, avoiding delivery issues.
If you have a DMARC record but score below 4 out of 5 on our ‘Know your score calculator’, then you’re on what is called p=none and you are not protected at all.
If you score 4 out of 5, then you’re on what is called p=quarantine. This is better, but you are still at risk of being spoofed. A lot of companies offering DMARC might get you to this stage but no further (find out how long you’ve been on this level).
If you score 5 out of 5, then you’re on what is called p=reject. This means you are fully DMARC compliant. Well done! (Just ensure your reporting has covered all the email sending systems your company uses, otherwise you’ll have delivery issues).
So, if you’re not on 5 out of 5 and have been at a lower level for a long time, your current provider is not doing what you need them to do. We’ll have you fully protected within 90 days.
- Hackers use spoofing to appear legitimate and trustworthy.
- The trust that people have in email communications makes spoofing a powerful tool, and one of the most effective techniques used in their attack approach.
- Hackers target people within your organisation, your customers, or your suppliers, to try and trick the recipient into:
- Providing sensitive information about your company, customers, or suppliers. This is called Phishing.
- Installing malicious software in order to steal information or disrupt systems. This is called Malware.
- Installing malicious software in order to block access to a computer system or network until a ransom is paid. This is called Ransomware.
- Transferring money to the criminal instead of the legitimate account by changing bank details. This is called Business Email Compromise (BEC) fraud.
Yes and no…
Email Impersonation: criminals set up an email address that looks like your email address, but has a slight variation; e.g., instead of elon.musk@twitter.com they replace the m with r n, so it looks like elon.rnusk@twitter.com
There’s little one can do about this type of approach, except to say that users of email need to be alert for this potential.
Email Spoofing: criminals modify the email, so the receiver sees a legitimate email address, even though it’s being sent from the criminal’s email account.
Spoofing is a form of impersonation, but a more dangerous and sophisticated version. Unfortunately, it’s easy to do and is now widely used in attacks.
No, when hackers spoof / impersonate your email domain they will send it from a different server (location) using a different IP address, meaning you’ll be unaware of the fraudulent mail being sent on your behalf.
When you have DMARC in place it will not only prevent spoofing / impersonation but will also allow you to have visibility and insight on any spoofing / impersonation attacks. i.e., which IP address is using your domain from which server (location).
Yes, but only as long as there is no internal breach to delete or redirect the email.
Along with having DMARC, to prevent internal breaches it’s important to put internal security measures in place.
No, because of the carefully planned DMARC implementation process we’ve developed, there is no business downtime.
No, there’s no user-training required.
DMARC will run quietly in the background.
Our meetings are conducted on Microsoft Teams.
When you click to book a free meeting, you’ll be taken to a Calendly page.
Select a date and time that suites you.
You’ll receive an email with a meeting link.
P.S. if there are no meeting slots available for the week ahead and you want to get the show on the road, please email us.
The consequences of an email impersonation attack, be it theft of confidential information or financial fraud, can be devastating to a business of any size in terms of both financial loss and damage to their brand and reputation.
Implementing DMARC could help prevent a single click from compromising an entire organisation.
Use the global best practice for email security to protect against impersonators hijacking your email.
Book a free 30-minute meeting with no obligations – at the very least you’ll learn a lot, we promise!
About the Supplier
Sendmarc was formed in 2018 with the simple desire of its founders, Sam Hutchinson, Keith Thompson and Sacha Matulovic to help make the internet safer. Their team is fully focused on building a state-of-the-art, innovative platform that stands apart from any others in the market.
Sendmarc joins forces with partners like ARMD.digital to combat cyber-crime and restore user trust in email while protecting brands from financial and reputational damage.
As of October 2023, Sendmarc processes over 860 million emails per month. This makes them the largest email security platform of its kind in Africa.
Sendmarc is trusted by leading companies of different sizes and industries.
Cyber Stats
Cybercriminals typically compromise or Spoof a legitimate email account to send fraudulent emails.
By appearing to be the legitimate owner of an email account, recipients are often tricked into their scam.
In other words, hackers use spoofing because it makes their attacks statistically more successful.
Their attacks usually involve Phishing, Malware, Ransomware, and BEC (Business Email Compromise) fraud.
91% of all cyber attacks begin with an email.
Case Studies
An IT Consultancy firm implemented DMARC themselves for their own domain and were confident they were protected.
To their surprise their domain was still spoofed and this was found to be a result of missing configurations required for their mail platform.
After implementing DMARC correctly through Sendmarc they were no longer at risk and they were provided proof of protection.
Key Takeaways
- There are complexities in setting up DMARC properly and safely and expertise is required – companies benefit from working with specialists.
A school who was sending out hundreds of emails found that they were often going into Spam / Junk folders. After a proper implementation of DMARC through Sendmarc this problem was solved.
However, one day a low-level IT assistant at the school mistakenly changed the DNS settings for the school, putting them at risk from spoofing and marking their mail as Spam again. Sendmarc’s monitoring immediately picked this up and a notification was sent out to the relevant people for the issue to be rectified.
Key Takeaways:
- Having DMARC in place means that your emails will reach Inboxes instead of Spam / Junk folders.
- A simple configuration change might go unnoticed without monitoring, influencing your DMARC status.
- Implementing DMARC without monitoring may prove ineffective and lead to a false sense of security.