Defend your email perimeter with DMARC protocol
Are you next?
Scams and phishing are inescapable risks as more people do business online, with the losses caused rising significantly. For example, from January 1 to September 19 this year, Australia’s Scamwatch reported a 261% increase in losses to phishing scams, while identity theft and remote access scams created 234% and 144% increases in losses, respectively.
Businesses are increasingly aware of cyber threats and are becoming more vigilant, with many re-evaluating their defence mechanisms. James Morrow, The Missing Link’s Senior Project Consultant, recently spoke with Tech Wire Asia about the issue. He said there were two main motivating factors for people to start cybersecurity conversations. First, experiencing a minor breach and being concerned, therefore, that something worse might be next. Second is being aware that “their time” could be soon, even if no notable attack has occurred.
“People feel like they are overdue. They have not had a cyber breach, they have not had an attack, they have not had anyone mistakenly hand over their passwords, and that almost makes them more concerned,” Morrow said.
Scams damaging Australian businesses
Last year, payment redirection scams, part of a larger attack type termed business email compromise (BEC), were incredibly damaging for Australian businesses, costing a total of $128 million in losses, according to an Australian Competition and Consumer Commission (ACCC) report. Scammers typically duped people into making payments to fraudulent accounts by impersonating a business or its employees via email – so-called phishing.
“The most common way for threat [actors] to reach end-users is through email. There are a few different ways of mitigating the risk so you can protect both your end-users and your brand to make sure you are not the victim. That you are [either] the one getting hijacked [or] sending out the phishing emails,” Morrow said. One way to help prevent either is by verifying the email sender and checking the recipient via the DMARC protocol (Domain-based Message Authentication, Reporting, and Conformance).
DMARC for all businesses
It sounds complex and the underlying concepts may well be, but Morrow said DMARC is not just for big enterprises. Small and medium-sized businesses can use it to confirm senders and recipients of emails. That means all parties can be sure that emails are from who they purport to be, and will be sent to the correct and intended recipient.
“Almost all major ISPs support DMARC records. So, you will get sent reports of who is using your domain and where they are using it,” Morrow said, explaining that DMARC validates the authenticity and legitimacy of emails, even those used in the context of mass-marketing, surveys, and the like. In addition, DMARC verification helps prevent third parties pretending to represent the business. Setting up DMARC is relatively trivial, but alone it is not enough.
“DMARC on its own is only half the battle. The more complicated part is what to do with that information once you have it,” Morrow told us, adding that raw DMARC reports are presented in XML format which can be difficult to read without some form of presentation layer. “You can do it if you sit there and you are persistent enough, but it is essentially just reading machine code. It’s not meant to be read by a person; it’s meant to be read by an automated process.”
DMARC analysis tools
“I would strongly recommend anyone who is looking to go down the road of DMARC to have something to translate [the output],” he said. That is where the Mimecast DMARC Analyzer comes in – The Missing Link’s go-to solution for DMARC management and oversight. It takes the hard-to-read information and turns it into human-readable formats. “Then it categorizes the information and puts much intelligence behind it – faster than if you are filtering through a wall of text for two hours looking for something that might be out of place.”
Implementing DMARC may sound daunting to achieve without expert guidance, which is why investing in specialist email security and configuration professionals is an intelligent decision. It’s essential that DMARC protocols are set up properly; to that end, it is worth working with a reliable team like The Missing Link.
With a 97.7% customer satisfaction score, The Missing Link can help at any stage of DMARC deployment – whether setting up, applying security updates, or monitoring and acting on reports.
The Missing Link – a specialist in email security
“We can get involved in all stages. If someone is taking those first steps or has started their DMARC journey and got their record set up, but is not sure what to do with it, then we can come on and help set up the Analyzer, some dashboards, and intelligence around it,” Morrow elaborated. “If you just want to make sure you are aligning with the best practice and making the most out of it, we can do [that] too.”
The team at The Missing Link can keep checking the security reports generated by DMARC so that the businesses can focus on their actual work. “We can do the monitoring and take that load off and free up resources [from the business]. As far as I am aware, I have never met someone who has DMARC Analyzer in their job title,” he said, smiling.
While it is challenging to prove any solution’s effectiveness when something doesn’t happen (“there have been no cyber attacks on my business…yet”), having DMARC protocol protection live can give you greater confidence in your email security (and know your brand’s reputation is safer). Prevention is better than cure, and being lax in protecting the most compromised business system, email, can be costly.
Why not reach out to The Missing Link to discuss whether DMARC is right for your needs? If you use email in the course of business, then the answer’s probably “yes”!
For those businesses looking to protect their organisation, users and brand but unsure where to start, The Missing Link’s Security Controls Review can help. The company provides a personalised series of recommendations to resolve your security issues and keep your IT environment free from potential breaches.
Get in touch to find out how you can keep emails flowing, business operations running, employees productive, and data accessible and recoverable.