Domain spoofing is a very serious problem because it allows cybercriminals to conduct phishing and other malicious attacks. If a hacker manages to trick your customer into opening an email that looks legitimate they can potentially trick them into clicking on links that contain malware or ransomware, they might be able to steal their personal information or encrypt their computer until your customer pays them money (also known as a ransom).
This kind of fraud can also have more subtle consequences. Imagine if someone received an email from your company’s CEO asking them to open a document that contains hidden malware. There are many possible outcomes: the recipient might lose their job or get hit with legal liability for letting the malware slip through; the recipient might blame themselves for not verifying the authenticity of the email before opening it; and so on. The point is that domain spoofing has real-world ramifications, even though it happens mostly online.
How to Detect Authentic Sources of Your Email Campaigns and Protect Your Sender Reputation
If you’re a brand owner, it can be difficult to keep up with all the different ways people are trying to trick your customers. You may have heard about phishing emails and spam filters already, but what about domain spoofing?
Domain spoofing is actually quite common. According to a recent study, more than one in ten domains have been spoofed by cybercriminals. The term refers to when an email is sent from a fake address that looks similar to yours – often using the same company name and just slightly altering the domain name (for example: @googli.com.ai vs. google.com.au).
While you might assume these emails are easy for your subscribers to spot, nearly half of people surveyed confessed they had clicked on a link or opened an email from a seemingly suspicious domain. This is particularly true for consumers who receive numerous brand emails on a regular basis; it becomes much harder to tell which ones are legitimate and which ones are forged if they’re seeing so many names in their inboxes day after day.
Your Legitimate Email can also be mistaken as spoofing
An email campaign can be mistaken as spoofed if you don’t put your best foot forward when sending from your domain name. Email clients such as Gmail, AOL and Yahoo! have recently released comprehensive DMARC policies which authorize them to reject emails that fail their authentication tests – meaning, it’s easier for mail providers to recognize when an email is spoofed or not. On top of this, users are becoming more savvy about recognizing fraudulent content and are filtering out emails with suspicious senders. If your marketing messages continue to get caught up in these filters, then your reputation as a sender will suffer – leading recipients to delete or ignore your messages without giving them another glance.
How DMARC protects companies
DMARC is an open email authentication protocol that provides domain-level protection of the email channel. DMARC authentication detects and prevents email spoofing techniques used in phishing, business email compromise (BEC) and other email-based attacks. Building on existing standards—SPF and DKIM—DMARC is the first and only widely deployed technology that can make the header “from” domain trustworthy. The domain owner can publish a DMARC record in the Domain Name System (DNS) and create a policy to tell receivers what to do with emails that fail authentication.
For a message to pass DMARC authentication, it must pass SPF authentication and SPF alignment and/or pass DKIM authentication and DKIM alignment. If a message fails DMARC, senders can instruct receivers on what to do with that message via a DMARC policy. A goods pregame has two outcomes:
1) It detects third party domain name registrations that are identical or confusingly similar to your domains;
2) They allow other companies to verify that your email is legitimate.
Contact brandsec about how we can assist to set up your company’s email defence.
brandsec is a corporate domain name management and brand protection company that looks after many of Australia, New Zealand and Asia’s top publicly listed brands. We provide monitoring and enforcement services, DNS, SSL Management, domain name brokerage and dispute management and brand security consultation services.