The first email was sent almost 50 years ago in 1971 on the ARPANET, a US military network that is the forefather to the modern Internet. Today, according to Security Magazine, 3.4 billion fake emails are sent every day, with most industries remaining vulnerable to spear-phishing and “spoofing” cyberattacks.
Julio Melo, CISO at Imperium Markets explains, “Imperium Markets places a heavy emphasis on cyber security, protecting both ourselves and our customer’s data. DMARC is another important layer on our cyber security stack and zero trust strategy. We check everything! We have implemented DMARC to prevent criminals from using our company’s name and brand to commit scams and fraud”.
DMARC (Domain-based Message Authentication Reporting & Conformance) reinforces email security and protection. DMARC is an email authentication mechanism, a set of policies and rules that uses the SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) to detect and prevent fraud. DMARC standardizes the way emails are scanned by servers. This means more protection against spam and phishing attacks.
By using authentication mechanisms, DMARC plays an important role in defining whether an email is legitimate or fake. In addition, it determines what should be done with an email, whether it should be delivered or not.
DMARC works by alerting email servers that the sender’s messages are protected by SPF and / or DKIM and if one of these authentication protocols fails, an action must be taken, such as rejecting the email.
By implementing DMARC, Imperium Markets’ customers gain protection from criminals using our address and reputation for email spoofing, phishing and spam attacks from the imperium.markets domain.
Like all cyber security defences, DMARC doesn’t solve everything. Information security professionals should note that :
- DMARC informs receiving mail servers what to do when they get a message that appears to be from your organization, but doesn’t pass authentication checks, or doesn’t meet the authentication requirements DMARC policy record. Messages that aren’t authenticated might be impersonating your organization, or might be sent from unauthorised servers.
- DMARC protects Imperium emails against direct domain spoofing, so that an email from the domain @imperium.markets can be trusted
- DMARC does not guarantee protection against display name spoofing and similar domains, also called prime domains.
A final tip for email recipients, always check that the sender of all emails received from Imperium is sent from the @imperium.markets domain, and contact us if you see anything suspicious.
Digitising Money Markets and Fixed Income Securities