You can’t seem to go through a single workweek without hearing about a new spear phishing attack. These attacks are becoming more prevalent and unfortunately, law firms are often prime targets. This is because firms protect confidential information. Domain spoofing appears to be the latest of this trend.
Cybercriminals are targeting firms with domain spoofs in two different methods. Using the first method, cybercriminals spoof the domain of the firm to impersonate a firm employee. The second method has cybercriminals using domain spoofing to send emails on behalf of the targeted firm. Emails are sent pretending to be the firm to clients and partners in an attempt to steal sensitive information. Thus, without a firm’s knowledge, a cybercriminal could be posing as a firm employee through email as you read this.
What is DMARC?
So how does a firm protect from such an attack? Good news is, that there is software available to prevent this very type of spear phishing. This software is called DMARC (Domain-based Message Authentication Reporting & Conformance) and it exists to monitor emails sent from your firm’s domain. DMARC would catch the attempt to impersonate chase.com with chasee.com before the email reaches the targeted recipient.
DMARC works with both SPF (Sender Policy Framework) and DKIM (DomianKeys Inspection) to protect a company’s email chain at the domain level. SPF and DKIM also operate as email authentication but work independently of one another making communication of authentication results impossible. DMARC allows SPF and DKIM to operate as intended but has the benefit of reporting authentication results to other parties in an email message.
Check Your Inbox
Having DMARC in place makes it easier to determine if an email message is legitimate, and notifies the receiver what to do if the message is fake. Also, it informs a firm if someone is spoofing the firm’s domain.
There are several programs available to begin protecting your firm from domain spoofing. The best way to understand where the problem is coming from is by taking a look at your current email inbox since there is a chance domain spoofing is already happening. Click our FREE email threat scanner below to get started and help combat such a common problem.