It takes years to build trusted relationships with your customers — but as all-too-familiar headlines and recounted tales of woe from IT departments tell us, cybercriminals can abuse that trust to trick your customers, employees, and partners into opening their malicious emails in a matter of minutes.  DMARC, or Domain-Based Message Authentication, Reporting, and Conformance, is an essential email...

Do-it-yourselfers abound everywhere in these days – from YouTube stars demonstrating the latest hacks through tutorials to entire cable channels and streaming networks devoted to DIY, average laypeople have become self-proclaimed experts in a variety of areas and skills. But should you take a do-it-yourself approach when it comes to technology and email security, or more specifically to DMARC...

In 2021, Gartner includes DMARC, or known by its full name as Domain-based Message Authentication, Reporting & Conformance, in its list of top 10 security projects . With very few exceptions, the best way for organizations to prevent getting impersonated in email attacks is to integrate DMARC into their Office 365-based email ecosystems. To understand why, let’s consider the benefits of deploying...

There’s no question, Microsoft 365 is a production powerhouse used by millions worldwide. It offers a multitude of robust products that allow easy collaboration and efficiency, and many organizations believe the email security features are adequately protecting them. The harsh truth is that it’s probably not protecting them as much as they think. The proverbial saying goes: “Don’t put all of your...

Have you ever received a blank email from someone you don’t know? If you have, it may have been from a cybercriminal making sure your email account is legitimate prior to a Business Email Compromise (BEC) attack. Agari and PhishLabs define BEC as any response-based spear phishing attack involving the impersonation of a trusted party to trick victims into making an unauthorized financial...

It’s not news that cybercrime is a constant battle—large enterprises and small businesses everywhere are susceptible to a myriad of advanced email threats and socially engineered attacks , such as executive or brand impersonation. According to IC3’s Internet Crime Report, over $44 million in losses in 2021 were a direct result of malicious phishing and advanced email scams. Despite billions having...

On 19 July, the UK will finally lift the final social distancing measures that were put in place during the pandemic. Although concerns about the pandemic still exist, many people will now be contemplating a tentative return to the office. Although the benefits of homeworking are well-documented and recent events have proven that people can work just as effectively from home as they can from the...

What is the difference between SMTPS and SMTP? SMTPS uses additional SSL or TLS cryptographic protocols for improved security, and the extra "S" stands for SECURE! By default, SMTP to send email lacks encryption and can be used for sending without any protection in place, leaving emails with an SMTP setup susceptible to man-in-the-middle attacks and eavesdropping from bad actors while messages are...

There isn’t a CEO or board member in the world that would publicly state that their organization believes cybersecurity doesn’t matter. A Cybersecurity Ventures report has forecast that cybercrime will cost businesses worldwide an astonishing $10.5 trillion annually by 2025, so it’s an evident and sizable area of concern. Any CEO not taking this seriously would be roundly criticized by customers...

With email attacks contributing to billions of lost dollars each year, a growing number of organizations are adopting Domain-based Message Authentication, Reporting & Conformance (DMARC) in an effort to protect themselves and their customers from fraudsters. Adoption of DMARC has steadily gained traction since the onset of the pandemic, and the original email authentication protocols at the heart...

Central to many cyber security strategies are technologies, processes and procedures designed to prevent sensitive data from leaving the organization. Avoiding data breaches is something most companies avidly work to avoid especially in the wake of several high-profile non-compliance cases reported in the media recently. The damage to reputation alone is usually enough of an incentive for...

Understanding the What, How, and Why of DMARC You probably already know this, but it bears repeating: Email by itself is NOT secure; anyone can use someone else’s identity to send emails. In fact, email is the #1 way cyberattackers can target your customers and your email ecosystem. No brand is untouchable when it comes to attackers using or spoofing email domains to send spam, phishing attempts...

Social media threats targeting enterprises more than doubled last year. Attacks on the retail industry specifically have grown, as threat actors are targeting victims with impersonation and counterfeit ad campaigns. Purchasing behavior is increasingly influenced by social media, making it an attractive vector for these kinds of campaigns. The tendency of social media users to consume information...

When it comes to the true ramifications of a data breach, suffering a financial penalty imposed by the ICO is just the tip of the iceberg. Although significant, fines are only one aspect financial organizations have to deal with as part of the aftermath. We saw the media frenzy that surrounded the Capital One data breach , and most of us heard when First American exposed 885 million sensitive...

We recently wrote a blog about the Clearswift Information Governance Server and using Microsoft’s File Server Resource Manager (FSRM) to add custom document properties to documents which the Clearswift Secure Gateways can act upon. These properties are also called ‘meta-data’, and in a recent article published in the media , there was a discussion about how malware has been found hidden inside the...