Return Path is an email data company, helping the world’s leading companies promote and

protect their brands. Through our global network of mailbox and security partners, Return

Path detects and eliminates more email fraud than any other company in the world,

analyzing over 7 billion messages every day.

Learn more at returnpath.com/stopemailfraud.

[1] "The Economics of Spam," Journal of Economic Perspectives

[2], [3] Symantec

[4] DMARC Intelligence Report - February 2015

[5] Return Path Customer (US financial services company)

SOURCES

DMARC in Action[5]

500,000

1,000,000

Jan Mar May Jul

DMARC Block Deployed

Feb Apr Jun Aug

Suspicious Messages

US Financial Services Leader sees email fraud flatline a�er implementation

Want to learn more about implementing DMARC?

GET STARTED

35%Of messages received by large

mailbox providers are from domains protected by DMARC

50%More sending domains publishing DMARC records over the course

of 2014

200%Increase in messages protected by a

DMARC “reject” policy over the course of 2014

6xMore sources sending DMARC reports over the course of 2014

DMARC by the Numbers[4]

The Problem

DMARC is the best weapon companies have to protect their brands and customers from cyber criminals trying to spoof their domains.

Here Comes DMARC

And it’s ge�ing worse.

Phishing costs brands around the globe

$4.5 billion each year[1]

1MINRSA identifies a phishing

a�ack every minute5 out of 6 big

companies are targeted with phishing a�acks[2]

Phishing a�acks rose 40% in 2014[3]

40%5/6$4.5B

Email fraud costs companies billions every year, and violates the critical trust between the consumer and the brand.

Thanks to DMARC

Suspicious message volume from a US retail

giant dropped by 99% over one year.

4 of the top 10 global credit card issuers rely on DMARC for email

fraud protection.

Publishers Clearing House blocked over 100,000

unauthenticated messages in a 90 day period.

Prevent Email Fraud with DMARC

How Does It Work?

With DMARC, companies can instruct mailbox providers like Gmail on what to do if a message appearing to come from their brand fails authentication.

The maibox providers then send failure reports detailing the actions they took and why.

Email received by mailbox provider

Has DMARC been implemented for “header from” domain?

Does email fail DMARC authentication?

Mailbox providerruns filters

YES NO

Delete

Apply domain owners policy

YES

Send to Junk

NO

NONE

Deliver Reportto Sender

DMARCControl & Visibility

QUARANTINEREJECT

Domain-basedMessageAuthenticationReporting &Conformance

Open email authentication standard

Launched in 2012

Founded by over 20 companies,including Bank of America, Google & Return Path

“Simply put, the DMARC standard works. In a blended approach to fight email fraud, DMARC represents the cornerstone of technical controls… to

rebuild trust and retake the email channel for legitimate brands and consumers.”

-Head of Cybersecurity, Her Majesty’s Revenue & Customs