Upload
return-path
View
63
Download
1
Tags:
Embed Size (px)
Citation preview
Return Path is an email data company, helping the world’s leading companies promote and
protect their brands. Through our global network of mailbox and security partners, Return
Path detects and eliminates more email fraud than any other company in the world,
analyzing over 7 billion messages every day.
Learn more at returnpath.com/stopemailfraud.
[1] "The Economics of Spam," Journal of Economic Perspectives
[2], [3] Symantec
[4] DMARC Intelligence Report - February 2015
[5] Return Path Customer (US financial services company)
SOURCES
DMARC in Action[5]
500,000
1,000,000
Jan Mar May Jul
DMARC Block Deployed
Feb Apr Jun Aug
Suspicious Messages
US Financial Services Leader sees email fraud flatline a�er implementation
Want to learn more about implementing DMARC?
GET STARTED
35%Of messages received by large
mailbox providers are from domains protected by DMARC
50%More sending domains publishing DMARC records over the course
of 2014
200%Increase in messages protected by a
DMARC “reject” policy over the course of 2014
6xMore sources sending DMARC reports over the course of 2014
DMARC by the Numbers[4]
The Problem
DMARC is the best weapon companies have to protect their brands and customers from cyber criminals trying to spoof their domains.
Here Comes DMARC
And it’s ge�ing worse.
Phishing costs brands around the globe
$4.5 billion each year[1]
1MINRSA identifies a phishing
a�ack every minute5 out of 6 big
companies are targeted with phishing a�acks[2]
Phishing a�acks rose 40% in 2014[3]
40%5/6$4.5B
Email fraud costs companies billions every year, and violates the critical trust between the consumer and the brand.
Thanks to DMARC
Suspicious message volume from a US retail
giant dropped by 99% over one year.
4 of the top 10 global credit card issuers rely on DMARC for email
fraud protection.
Publishers Clearing House blocked over 100,000
unauthenticated messages in a 90 day period.
Prevent Email Fraud with DMARC
How Does It Work?
With DMARC, companies can instruct mailbox providers like Gmail on what to do if a message appearing to come from their brand fails authentication.
The maibox providers then send failure reports detailing the actions they took and why.
Email received by mailbox provider
Has DMARC been implemented for “header from” domain?
Does email fail DMARC authentication?
Mailbox providerruns filters
YES NO
Delete
Apply domain owners policy
YES
Send to Junk
NO
NONE
Deliver Reportto Sender
DMARCControl & Visibility
QUARANTINEREJECT
Domain-basedMessageAuthenticationReporting &Conformance
Open email authentication standard
Launched in 2012
Founded by over 20 companies,including Bank of America, Google & Return Path
“Simply put, the DMARC standard works. In a blended approach to fight email fraud, DMARC represents the cornerstone of technical controls… to
rebuild trust and retake the email channel for legitimate brands and consumers.”
-Head of Cybersecurity, Her Majesty’s Revenue & Customs