Data Privacy & Regulations

Combating email phishing and preserving authentication with DMARC

We all receive enough phishing emails into our inbox to know that cybercrime and email security concerns are on the rise. Whether it’s a spoofed financial service trying to gather your personal information, or a fake social media email prompting you to click to a bogus website, it’s a scam that all senders want to avoid. Today, most major cybercrimes start out with a simple email and consequently, marketers are increasingly worried about having their own email spoofed.

In an ongoing effort to combat email phishing and preserve email authentication, the email industry has established effective authentication protocols such as DKIM and SPF. But as abuse attempts become more sophisticated, DMARC was designed specifically as an added layer of protection to block unauthenticated emails from reaching customers’ inboxes.

What is DMARC?

DMARC stands for “Domain-based Message Authentication, Reporting & Conformance.” It allows email senders to decide how email providers (AOL, Gmail, Outlook) treat unauthenticated emails coming from their domain.  By defining a policy, senders can help prevent phishing to protect their email subscribers and safeguard their sending reputation.

What does this mean for marketers and consumers?

Financial disruptions as a result of email phishing cost organizations and email subscribers millions of dollars every year. DMARC implementation prevents unauthenticated emails from appearing in a consumer’s inbox in the first place, thus significantly reducing the risk of subscribers mistakenly revealing personal information to questionable sources. For marketers, safer emails build customer trust and ultimately encourage long-term loyalty and repeat purchases.

What are the key benefits of DMARC for email senders?

Increased Visibility – DMARC allows senders to identify all sources of an email program quickly and efficiently. It allows a sender to see where exactly their domain(s) are being used online, and to take complete control over where emails are coming from. Senders are then able to identify unknown sources that are spoofing their domain (to potentially attempt phishing scams or other forms of cybercrime). This form of proactive monitoring allows senders to protect their brand reputation and maintain positive customer confidence levels.

Domain Protection – DMARC allows senders to dictate how receivers and email providers accept mail from their domain. A sender can use DMARC to tell a receiving email provider to either:

  • Monitor – Provide visibility back to the sender on where their domain is being used
  • Quarantine – Filter or quarantine any unauthenticated mail coming from their domain
  • Reject – Block any mail coming from their domain that is not properly authenticated

With this flexibility, senders can determine action based on a number of factors including individual program goals, organizational security policy, and available deliverability resources.

Improved Deliverability – DMARC is a form of email authentication referenced by some of the major email providers including Gmail, AOL, Cloudmark, Comcast, and Yahoo. By collaborating with mailbox providers to implement DMARC, senders are able to reach higher reputation at receiving providers, which helps overall inbox placement and drives higher program ROI.

Want to learn more?

At Data Axle, we help marketers overcome challenges that affect email security and deliverability, including guidance on SPF, DKIM, and DMARC implementation. Through Data Axle Deliverability, marketers get comprehensive metrics for each email campaign and actionable strategies for improving inboxing rates and overall campaign performance. Click here to learn more.

Brad Van Der Woerd
VP Professional Services, Inboxable

Brad provides global email deliverability leadership and management for Data Axle’s Inboxable team. His expertise includes providing digital marketing strategies, email deliverability consulting and best practices to a wide variety of Fortune 500 companies including eBay, Visa, Gap, US Bank and many more. Brad holds 10 years of experience within digital marketing and is passionate about team engagement, people development and driving results for clients.