You’ve read the headlines–privacy breaches and phishing scams have increasingly become front-page news. Microsoft’s anti-phishing filters are showing monthly deltas of up to 44% increase in phishing emails received between 2018 and 2019. These attacks target major bank brands, payment processors, health care providers, e-tailers, and individual consumers. According to Statista, 55% of email traffic in 2019 was spam. Despite its importance, ubiquity, and resilience, email has never been 100% secure. Email fraud costs companies around the world millions every year, and fraud can permanently destroy brand reputation.
New delivery tools have emerged to assist with brand and consumer protection; the most important of these tools is DMARC (Domain-based Message Authentication, Reporting, & Conformance). DMARC is an open email standard published in 2012 by the industry consortium DMARC.org to enable domain-level protection of the email channel. It works in conjunction with the more well-known email standards (SPF and DKIM), and it is the only way for email senders (like you!) to tell email receivers (i.e. Outlook, AOL, Yahoo, Gmail) that the emails you are sending are truly from you.
Companies that have adopted DMARC see greater preservation of brand equity, elimination of customer support costs related to email fraud, and renewed trust and engagement in the company’s email channel. Despite the unparalleled insight and brand protection DMARC offers, not all email marketers have adopted DMARC, and it is hurting their bottom line.
7 Reasons Why DMARC Can Help Protect Your Brand:
- DMARC is enabled on 70% of the world’s inboxes and has been adopted by the most security-forward brands (i.e. Facebook, Apple, JPMorgan, Chase, and PayPal). By the end of 2019, DMARC.org was tracking ~1.89 million DMARC policies deployed to protect domains.
- DMARC is the only solution that enables Internet-scale email protection and prevents fraudulent use of legitimate brands for email cyberattacks.
- DMARC enables you to authenticate all legitimate email messages and sources for your email-sending domains, including your-company-owned and third-party domains.
- DMARC is designed to fit into your organization’s existing inbound email authentication process and helps email receivers determine if a message “aligns” with what the receiver knows about the sender.
- DMARC allows you to publish an explicit policy that instructs mailbox providers on what to do with email messages that are determined illegitimate. These messages can either be sent to a junk folder or rejected outright, protecting unsuspecting recipients from exposure to attacks.
- DMARC provides you, the domain owner, with regular reports on how your mail domains are being used and how ISPs are interpreting their authentication records. This domain-level data can help you identify threats against your customers, and it can help you discover legitimate senders of which you are not aware–for instance, if other teams/departments are also using the domains.
- DMARC also allows you to receive feedback from global ISPs regarding any potential misuse of your corporate brand. These misuses can include fraud or phishing for a recipient’s personal information.
How DMARC Works
By using DMARC, you are able to gain unprecedented visibility into the legitimate and fraudulent use of your domains. This visibility enables you to protect your customers, employees, and brands from email-based cybercrime. The overall impact on companies that have adopted DMARC is the preservation of brand equity, elimination of customer support costs related to email fraud, and renewed trust and engagement in the company’s email channel.
If you’d like one of Trendline’s deliverability strategists to take a look at your email program, find us here.