We'll cover what DKIM for email is, why your company needs it, how it works, how to set DKIM up, and additional ways to prevent email spoofing attacks. What is DKIM? First, let’s clarify what DKIM is in email. DomainKeys Identified Mail is a technique that uses your domain name to sign your emails with a digital “signature” so your customers know it’s really you sending those emails and that they...

Are you protecting your remote workers against an endless barrage of COVID-19 related phishing attacks by requiring 2-factor authentication (2FA) to log into employee email accounts? Smart move—just don't let it give you a false sense of security.

Since the beginning of February, we have seen more than a 3,000% increase in Coronavirus-themed phishing attacks targeting our customers. The spike in attacks is as logical as it is repugnant. With an estimated 75 million employees more reliant than ever on email during the largest "work-from-home experiment" in history, phishing scammers and other threat actors seem hellbent on exploiting...

At Agari we often talk about the evolving nature of advanced email attacks and the identity deception tactics that go with them. These attacks bypass legacy controls and like a magician delighting a curious audience, they trick the human psyche by targeting core human emotions such as fear, anxiety and curiosity. Of course, the magic in this case comes with ill intent. A good example of a...

This post originally appeared on the Armadillo Blog and has been lightly edited for clarity. Most organisations have been successful in blocking malicious emails targeted at their employees, at least to some extent. Various on-premise and cloud providers exist to take care of anti-spam, anti-virus, reputation scores, and advanced features such as sandboxing of executables. As a service provider...

Every year, more than 5 million homes are bought and sold in the U.S. Given this volume, it should come as no surprise that the real estate industry is a prime target for email-based crimes. Cyber criminals are spoofing (and in some cases taking over) the email accounts of real estate agents, title companies, and others involved in the home buying process. Once the criminal gains access, he or she...

In the last five years, we’ve all become far too familiar with it – hackers spoofing a company’s domain and therefore tarnishing the brand, bad actors attempting to infect our computers with malware, and criminals sending millions of spam messages. As if this isn’t enough, now there is a whole group of people working to outsmart companies AND their customers by using cousin domains to fool...

When you begin to work with DMARC, you realize just how important identifier alignment is. Identifier alignment forces the domains authenticated by SPF and DKIM to have a relationship to the "header From" domain. Header From Domain and the MailFrom domain are different? Yes, they are! Hearing these terms can confuse people. They sound like the same thing, but in reality they are not. The...

This is the second in a new ongoing series for us that gives you the tips and tricks you need for successful DMARC deployment . Read the previous tip here . DomainKeys Identified Mail (DKIM) is the successor to Yahoo DomainKeys. Both share similarities, however DKIM has the additional aspects of Cisco's Identified Internet Mail standard (IIM). The enhancements to this standard gives more security...

The Benefits of Monitor Mode When a technology exists that can tell you if and when your domains are being spoofed (and by who), why would you not use it?! What is DMARC? DMARC was created to address some fundamental problems with existing email authentication technologies (SPF and DKIM). It provides feedback about your email authentication implementation and gives ISPs (Google, Yahoo!, Microsoft...