Email Security Blog

Can ‘Brand Indicators’ Stop Email Scammers from Posing as Your Brand?

Armen Najarian September 6, 2018 Online Brand Protection
brand indicators email

As email marketing turns 40, more than 90% of companies report fraudsters have impersonated their brand in phishing attacks targeting their customers. Can a new standard known as BIMI be the answer?

Forty-years-old and still the center of attention, despite younger competition. It’s true: Email marketing’s hotter than ever. But it’s also facing a growing threat from brand impersonation scams. Can a new email standard called Brand Indicators for Message Identification (BIMI) be the solution?

Let’s hope so. Brand impersonation fraud has spiked 11x since 2014. Just within the last few months, Citibank, Alaska Airlines, American Express, and Netflix have all seen email phishing scams hit consumer or business inboxes.

Usually projecting a sense of urgency—”Password Check Required,” “Your Payment Has Been Declined” or “Security Alert,” for instance—these emails are designed to fool recipients into responding quickly. Last year, consumers lost $172 billion through these and other types of ploys.

But even when a customer hasn’t been personally defrauded, publicity about sham emails bearing your brand identity can mean they’ll be hesitant to open the next email you actually do send. Email open rates can implode.

Welcome to the Age of Brandjacking

Almost from the moment Gary Thuerk of Digital Equipment Corporation sent out the very first marketing email blast back in 1978, this channel’s role in marketing communications has only grown. When consumer email usage ignited in the early 1990s, it became integral. Today it’s indispensable.

Indeed, despite texting, social media and other new platforms, email is 40X more effective at acquiring new customers than these other channels. And 72% of consumers say they prefer email as their primary mode of communication with brands. In all, companies generate $40 for every $1 spent—by far the highest ROI of any digital medium.

Unfortunately, businesses haven’t been the only ones making a fortune through email. So have fraudsters. And more times than not, their phishing campaigns involve impersonating brands spanning consumer packaged goods (CPG), media, retail, quick-service restaurants (QSR), real estate, banking, government and more.

The Great Pretenders

Brand imposters are surprisingly sophisticated. The clumsy, typo-laden spam of yesteryear? Long gone. Today’s most advanced phishing emails contain none of the telltale signs of fraud. There are no malware-infected attachments to detect, nothing in the email’s code to raise a red flag.

Instead, these filchers leverage social engineering tactics to exploit the relationships that consumers have with brands they know and trust. To complete the deception, fraudsters spoof the brand’s domain. More than 90% of brands report having their domain names spoofed by cybercriminals.

While brand impersonation on mobile and social media platforms seems to generate more buzz these days, 80% of attacks come through email. BIMI is designed to help mitigate this pernicious threat.

The New Brand Identity

BIMI is a new open standard for logo displays in emails that was first announced back in March.

Currently in beta, the standard was developed by the “Authindicators Working Group,” a standards group led by Agari, Oath (the holding company for Yahoo and AOL) and others. These are some of the same forces behind the development of the DMARC (Domain-based Message Reporting and Conformance) email authentication protocol.

To those familiar with it, DMARC stops billions of email-based brand impersonation attacks by enabling senders and receivers to exchange data that can help them detect and block scams. BIMI builds on this foundation, and it’s actually pretty cool.

In a nutshell, BIMI enables brands with DMARC reject or quarantine policies to add their logo to their outbound email messages. The logo is displayed in a space controlled by an email provider—usually next to the email subject line in the recipient’s email inbox and in the upper left corner of the email message itself, outside the email body.

Not only does this offer a visually impactful brand presence, but the logo itself is verified by both the sender and recipient’s email systems—so it can’t be faked. While it’s set up to work with a graphical image of a logo,  it could one day even support other types of media files—such as video, animation or audio—like animated logos or aural branding elements used as part of a brand ID, such as the Intel Chime, for instance.

Plenty of Phish to Fry

BIMI pilots are currently underway with brands such as Groupon. But details are being worked out. For instance, Martech reports that it’s possible domain owners will eventually use a third-party Mark Verifying Authority, or MVA, to establish brand and logo ownership, and to receive a BIMI certificate.

As consumers gain confidence in the authenticity of brand messages, it’s hoped that BIMI could help increase response rates and amplify the power of brand outreach via email. As our founder Patrick Peterson recently told Martec, DMARC implementation alone has been shown to boost open rates by 10% or more. BIMI could potentially push those levels higher. Organizations hoping to to be among the first to get their brand identified as a safe-email sender are welcome to join the beta.

Indeed, BIMI couldn’t come a moment too soon. With 22.9 new phishing attacks launched every minute, there are plenty of companies who’d love to put imposters out of business for good.

To learn more about how Brand Indicators for Message Identification (BIMI) can help put your brand front-and-center in email inboxes while protecting your customers from fraudsters, visit

Agari Blog Image

May 12, 2020 Chuck Holland

Hosted DMARC: Accelerating Protection Against Email-based Brand Jacking Scams

The coronavirus pandemic is shining a spotlight on the importance of hosted Domain-based Message Authentication,…

Agari Blog Image

October 25, 2018 Seth Knox

The ROI of Protecting Your Brand, Customers and Partners from Phishing

Over the past 6 months, 100% of Agari customer brands and more than 80% of…

Agari Blog Image

September 24, 2018 Armen Najarian

The CMO's Guide to Email Deliverability

The email channel has always been the linchpin of your digital marketing operations. But a…

Agari Blog Image

July 2, 2018 Armen Najarian

Brand Impersonation Scams Skyrocketing—is DMARC Email Security the Answer?

Don't look now, but a growing number of phishing attacks are luring in your customers—by…

Agari Blog Image

June 21, 2018 Armen Najarian

Identity is the New Perimeter. Do You Trust It?

The announcement that Agari has secured a $40 million growth capital round is all about…

mobile image