Email Security Blog

Hats off to Yahoo!

Patrick Peterson April 15, 2014 DMARC
Fallback Featured Image

On April 4, Yahoo! took one giant step forward for email-kind when they requested all Internet email receivers to stop receiving mail purporting to be From: Yahoo!, that is not authentic. This is done with a “DMARC reject” policy. More recently Yahoo! explained their stance in a blog post.

“And overnight, the bad guys who have used email spoofing to forge emails and launch phishing attempts pretending to come from a Yahoo Mail account were nearly stopped in their tracks.”

Every day, email is used for malicious purposes. Last year RSA reported there were 450k phishing attacks causing global losses of $6B, and the Verizon data breach report revealed 95% of state-sponsored espionage attacks use phishing emails to establish a foothold. These attacks are all enabled by email’s “original sin” – built in 1982, the 32 year-old technology did not enable anyone to determine if a message is really from the purported sender – be it yahoo.comagari.com or whitehouse.gov. Agari has been working on this problem for many years, and thanks to the new DMARC technology, we can take away email from the criminals.

To accomplish this, each company, like Yahoo!, has to take their domains back from the criminals. In Yahoo!’s case, there have been many different legitimate uses of yahoo.com that have developed over the last 20 years, but companies sending marketing email From: Yahoo.com or using mailing lists that don’t support DMARC are going to have to change. Change is never easy, but in this case it will leave us with a better Internet. For everyone.

Leave a Reply

Your email will not be published. All fields are required.

Agari Blog Image

June 26, 2019 Armen Najarian

Ticket to Fraud: Airline Industry Sees Increased Consumer Phishing Scams

For many, there are few things more satisfying than receiving an email confirmation for a…

Agari Blog Image

June 13, 2019 Fareed Bukhari

DMARC Adoption Worldwide Slows with Australia's ASX 100 Remaining Most Vulnerable

DMARC adoption rose a tepid 1% in the first quarter of the year, with the…

Agari Blog Image

May 23, 2019 Suela Vahdat

DMARC Remains Elusive with 86% of gov.uk Domains Open to Impersonation

More than three-quarters of UK government organisations haven't yet adopted Domain-based Message Authentication and Reporting…

Agari Blog Image

May 21, 2019 Armen Najarian

Why DMARC Could Make or Break Your B2B Email Marketing Programs

In B2B email marketing, nothing says amateur hour like a landing page with the words…

Agari Blog Image

April 17, 2019 Fareed Bukhari

The Time is Now: Underscoring the Importance of DMARC for State and Local Governments

Scammers know that impersonating a trusted government agency is an extremely effective way to trick…

mobile image