Are you (accidentally) supporting phishing

One of the themes in some of my recent talks has been how some marketers teach their customers to become victims of phishing. Typically I’m talking about how companies register domains “just for email” and then use those for bulk messages. If customers get used to mail from company.ESP.com and companyemail.com they’re going to believe that company-email.com is also you.
There are other ways to train your customers to be phishing victims, too. Zeltzer security walks us through a couple emails that look so much like phishing that it fooled company representatives. Go take a read, they give a number of examples of both good and bad emails.
biohazardmail
I was a little frustrated that the examples don’t include headers so we could look at the authentication. But the reality is only a teeny, tiny fraction of folks even know how to check headers. They’re not very useful for the average user.
Security is something we should never forget. As more and more online accounts are tied to our email addresses those of us who market to email addresses need to think about what we’re teaching our recipients about our company. DMARC and other authentication technologies can help secure email, but marketers also need to pay attention to how they are communicating with recipients.

Related Posts

Internet security is national security?

This popped up on my FB feed yesterday.
2016-08-04_16-27-53
What say you? Do we need to create a major effort to improve online security? What challenges do you see to making it work?
Edit: After I published this, I found an article stating that 3.7 million people had their personal health information compromised in a recent attack.

Read More

Working around email security

One of the common things I see as a delivery consultant is that companies do their best to set effective policies about email, but make it difficult to comply with those policies. It happens all the time. It’s one of the reasons that the tweets Steve shared about Sec. Clinton’s email server rang so true to me.
Security.
One of the commenters on that post disagrees, and uses banks and health care as an example.
Erik says:

Read More

Email nightmare for some FSU students

shieldI mentioned yesterday that sometimes people and software screw up in ways that cause problems. Today I saw an article demonstrating just how bad these issues can be. Florida State University Housing Department sent detailed and confidential violation reports to tens of thousands of students.

Read More