Dark Reading -
You have the latest antivirus program. The firewall is turned on. Passwords are strong and frequently updated. Now you can sleep at night knowing your organization is safe from cyberattacks, right?
Well, at least until John from HR decides to log in from a link he received in an email. He probably knew not to click on suspicious emails, but what is considered suspicious? That email could have arrived from your own domain.
Attackers can spoof your domain to trick employees or your customers into divulging confidential information or downloading a malicious file attachment. Phishing emails are arriving with smarter baiting tactics, becoming harder to identify. Defenses need to catch up as well.
Security teams, especially those responsible for domain integrity, should make sure to correctly implement the three anti-phishing standards: SPF, DKIM, and DMARC.
The ABCs of DMARC
Earlier this year, Congress passed the National Defense Authorization Act, which
The post DMARC 101: How to Keep Phishing Attacks Out of Your Inbox first appeared on Dark Reading.