Chat +1-888-563-5277 [email protected]

Email Security Best Practices For 2020

Email security is always a top priority as email is the main infection vector for a personal device. Whether it is opening attachments containing malware or a misguided click on a link redirecting towards a site that is, itself, malicious. The only fact that 94% of malware is delivered via email is the important hint to think.

Over the past two weeks, your email inbox was likely flooded with messages detailing what brands were doing to mitigate the COVID-19 outbreak. At EasyDMARC we have detected 2x increase of daily average email sending volume and on average 3x increase of phishing/threat emails volume. The Internet is drowning in COVID-19-related malware and phishing scams. Working from home transition opens the door to more attacks and email security becomes more challenging.

3x increase of phishing/threat emails volume

Users must be especially aware of these issues:

  • Do you know the sender of the email?
  • Was I expecting this e-mail?
  • Are proposed links consistent with the subject mentioned?
  • Does this e-mail employ the emotional content of fear, greed, or curiosity, or, most important, does it try to get me to take an action?

If any doubt, check the message authenticity by another channel (telephone, SMS, etc.) and apply organizational measures to prevent scams. Fraudulent transfer requests, that seem to come from a manager is a widespread type of cyberattack, also called “CEO fraud”. Moreover, the redirection of professional messages to a personal email must be prohibited.  It may constitute an irremediable information leak from the organization. If necessary, controlled and secure methods for remote access to professional email must be offered.

Phishing email example

Whether the organization hosts or has their email system hosted, to provide best email security it must ensure:

  1. that it has an anti-virus analysis system upstream of the mailboxes of users to prevent the receipt of infected files
  2. that it has activated TLS encryption for exchanges between email servers (from the organization or public) as well as between the user devices and servers hosting the mailboxes.
  3. not directly exposing the mailbox servers to the Internet is preferable. In this case, a relay server dedicated to send and receive messages must be implemented in case the Internet is cut off.
  4. while spam – whether malicious or not – accounts for the majority of email exchanges on the Internet, the deployment of an anti-spam service must be able to remove this source of risks.

Finally, the email expert will ensure the implementation of authenticity verification mechanisms. The correct configuration of public DNS records linked to its email infrastructure

  • MX
  • SPF
  • DKIM
  • DMARC

Check Your Domain

 

Understanding DMARC Reports

DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a policy that protects organizations from Business Email Compromise attacks and allows to receive DMARC reports from mail service providers.  DMARC is an email authentication protocol, that is designed to give email domain owners the ability...

Read More

How To Optimize SPF Record?

Creating a new or modifying an existing SPF record If you have a domain that sends emails, you would probably have some default SPF record, already set by the hosting provider.  That record usually consists of either A or IP4 / IP6 and MX mechanisms, if you have dedicated hosting, or of MX and INCLUDE mechanisms,...

Read More

DMARC and Microsoft

Why Microsoft stopped sending DMARC aggregate reports? When checking your domain's DMARC reporting, you probably notice that among aggregate reports from other major well-known email providers like Google, Yahoo, Mail.Ru, etc. you do not see reports from Microsoft. There is no problem with your DMARC record...

Read More