Brian Krebs posted about a tech firm that lost $46M dollars due to fraud. The company reported in its SEC filings that the money was lost when someone impersonated an employee and directed the finance department to transfer money to outside accounts.
This is becoming more common. In some cases, DMARC authentication may stop this kind of fraud. But DMARC has a lot of deployment challenges and can cause real mail to fail delivery. In other cases, criminals are using lookalike domains and they can be authenticated and pass DMARC.
This isn’t really a bulk mail issue. And it’s certainly not a deliverability issue. But it is a security issue and I think it’s important that folks are aware of this kind of online crime. Coincidentally, as I’m writing this, I’m chatting online with a compliance person at a cloud hosting company who is brainstorming policies to block phishing URLs on their site. Email is a major vector for abuse and those of us who manage sending need to be a part of the solution.
Phishing costs company $46 million
P
RSS - Posts
Hi Laura
Could you elaborate on those deployment challenges in regard to DMARC you mention ?
Considering DMARC can be deployed in Monitoring mode (don reject anything) I’m having a hard time figuring out how you can loose legit email unless you really don’t know what you’re doing.
/Henrik Schack
DMARC deployed in monitoring mode won’t result in lost mail. But also won’t protect a company from this sort of phishing. If you’re going to use DMARC as phishing projection you have to set p=reject, which will result in the loss of real mail in most cases.