Created to fight spam, phishing
and other e-mail fraud, the DMARC protocol, which is celebrating its 10th anniversary, provides real protection against domain name theft.
Ten years ago now, on January 30, 2012, digital players came together to offer a worthy scope to the DMARC protocol, then adopted to detect and prevent identity theft. the Domain-based Message Authentication Reporting and Conformance remains, a decade later, one of the most effective weapons to guard against various email-based attacks. Its adoption has even accelerated in France in recent years.
The DMARC protocol, an effective protection against e-mail theft, but which does not sufficiently curb the spread of cyberattacks
DMARC is therefore an open email authentication protocol which aims to prevent a hacker from usurping the identity of an organization and its domain, by purely and simply discarding messages that are not authenticated. This is still the only massively deployed technology to date to make the header of an e-mail reliable.
There is no shortage of examples of using DMARC. The protocol combats domain spoofing (when a cybercriminal spoofs a company’s domain to make email appear legitimate), email address spoofing, impostor email, phishing email, consumer phishing, partner impersonation, email scam and Business email compromised (BEC), which consists of an e-mail that appears to be from a high-level employee of a company or company, and asks the recipient to send him money or sensitive information (a technique often used in the context of social engineering).
Despite the adoption and effectiveness of the protocol, e-mail remains the major vector for the spread of cyberattacks in the world, with more than 9 out of 10 threats initiated by messaging. Every month, hundreds of brands remain hijacked by phishers.
A necessary pedagogy, to make the best use of the properties of the DMARC protocol
Over the past four years, the adoption of the DMARC protocol has accelerated in France. More and more CISOs are adopting the standard, and in January 2022, no less than 30 CAC40 companies have a DMARC registration. They were only 23 in 2020, 18 in 2019. When we talk about a “registration”, it refers to the procedure carried out by the owner of the domain, who can publish a DMARC record in the domain name system (DNS), and then create a policy explaining to recipients what to do in the event that they receive an email that fails authentication.
And yet, behind this certain enthusiasm, there is an unmistakable reality. Because of the 31 CAC40 companies with a DMARC record, only six proactively block fraudulent emails and therefore comply with the DMARC protocol, Proofpoint tells us. There is also a real gap between the private and public sectors. Five French ministries out of 14 have implemented DMARC. Admit that it is very little.
Still on the French side, the National Information Systems Security Agency (ANSSI) strongly encourages the adoption of the DMARC protocol. Similarly, the government offers a diagnostic tool for a domain (eg gmail.com) which is good to use, especially in the professional world. ” Without DMARC, cybercriminals have a powerful tool to trick employees into making a mistake and giving away confidential information that can have serious consequences. “, explains Loïc Guézo, director of cybersecurity strategy EMEA at Proofpoint.
The DMARC standard is now supplemented by the BIMI (Brand Indicators for Message Identification), which makes it easier to identify the sender of an email. BIMI has the particularity of being open only to domain names protected by DMARC, and reinforces the authentication protocol globally.
On the same subject :
Europe wants its own DNS infrastructure, in search of independence from the American giants
Source: Proofpoint
5