Email Security Blog

Spear Phishing Prevention

Agari October 10, 2013 Email Security
Fallback Featured Image

Perhaps you saw an article from Forbes on the increasing prevalence of spear phishing attacks that we included. The article, entitled “Spear Phishing 101 – Who Is Sending You Those Scam Emails And Why?” examines the social engineering aspect of these attacks and how they have morphed from more obviously fake emails to sophisticated attacks that exactly mimic the kind of email that you see everyday and are socially trained to respond to quickly, with little to no thought. No wonder that companies are spending time and money on programs to train their employees to avoid being victims of spear phishing attacks and accidentally leaking organization information in the process. However, as we have seen from other studies, it is often the top executives at a company, and thus the biggest targets of spear-phishing attacks (whaling, it’s called at the exec level) that are the most lax about following security protocols.

So what else can be done?

There is an important emerging standard called Domain based Message Authentication, Reporting and Conformance (DMARC) which utilizes long standing email authentication mechanisms of Sender Policy Framework (SPF) and Domainkeys Identified Mail (DKIM) to virtually eliminate unsolicited email. Currently ~80% of US consumer email receivers, and ~65% worldwide, respect a published DMARC policy, removing hundreds of millions of malicious emails daily from consumer mailboxes. Corporations are increasingly adopting this protocol and working with Agari and their third party vendors that send email on their behalf to implement it as well. Anyone who wants to take a proactive approach to eliminating all types of malicious email, including spear-phishing, should investigate and implement DMARC immediately.

Leave a Reply

Your email will not be published. All fields are required.

Agari Blog Image

July 16, 2019 Seth Knox

Microsoft Office 365 + Agari Secure Email Cloud: All You Need in a Cloud-First World

You’ve heard the statistics… more than 70% of all business users will be provisioned with…

Agari Blog Image

July 11, 2019 Armen Najarian

Restoring Trust to Digital Communications: How Smart Communities Model the Good

Legacy email security systems are failing, as more enterprises migrate their emails to the cloud…

Agari Blog Image

June 27, 2019 Siobhan McNamara

The 4 Fundamentals of AI-Based Email Security

Predictive, AI-based email security is proving to be remarkably effective at protecting against today's most…

Agari Blog Image

June 20, 2019 Michael Cichon

Email Security: Using ML to Prevent Advanced Attacks

The statistics are astounding. Email remains the number one threat vector for data breaches, the…

Agari Blog Image

June 19, 2019 Patrick Peterson

From Secure Email Gateway to Secure Email Cloud

The secure email gateway (SEG) worked for decades, no doubt. It was truly the first…

mobile image