DMARC Benefits
- Brand Protection
It is only a matter of time before a criminal will use your domain for his own benefit. Whether the criminal activity is phishing, malware distribution, or nuisance spam, it harms your brand to be associated with these attacks.
- Increased Email Deliverability
Even legitimate messages may wind up in the spam folder if the receiver can’t tell the good from the bad.
By deploying DMARC, you can improve deliverability of your legitimate messages while eliminating the fraudulent.
- Service Calls
Customers don’t call or send email to ask about phishing messages if they never receive those messages in the first place! One Agari customer was able to redeploy 60 staff members after publishing a reject policy on a highly phished domain.
- Visibility Into Cyberattack Risk
Do you know every 3rd party company sending email on behalf of your company? While 3rd party senders are needed, each time you provide customer, employee, or partner details to a 3rd party, you increase the risk of cyberattacks. DMARC enables you to see every 3rd party sending on your behalf to ensure they comply with email best practices.
Inbound Benefits
Implementing DMARC can also prevent some inbound email threats like BEC.
What is BEC?
Business Email Compromise (BEC) is an inbound threat where attackers impersonate company officials and send deceptive emails requesting wire transfers to alternate, fraudulent accounts. Often results in successful intrusion and access to victims’ credentials.
Characteristics
- Driven by social engineering and digital deception.
- Contains no malicious links, malware or malicious content.
- Easily evades the leading secure email gateways.
DMARC and Inbound Threats: A Partial Solution
When configured correctly, DMARC stops phishing attacks where the attacker sends an email with a ‘From’ address that appears to originate from a protected domain. This makes it ideal for outbound phishing prevention, but is not an acceptable solution for inbound traffic.
Inbound Threats Stopped by DMARC policies:
| Inbound Deception Technique | Addressed by DMARC? |
|---|---|
| Direct / Same Domain Spoofing | Yes |
| Display Name Spoofing | No |
| Look-alike Domain Spoofing | No |
While DMARC partially addresses BEC and sophisticated inbound threats, you need to augment your gateway protections with a comprehensive layer that identifies all forms for sender identity deception.
DMARC Benefits: Before and After
Without DMARC, brands have limited visibility into how domains are being used to send email:
DMARC provides visibility into all email traffic and then instructs receivers how to handle unauthenticated emails, all outside of the mail flow:
