What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-06-27 12:12:56 | DMARC: Pourquoi il passe d'une meilleure pratique à un incontournable DMARC: Why It\\'s Moving from a Best Practice to a Must-Have (lien direct) |
It is widely understood that email is the number one threat vector for cyberattacks. This stems from the fact that email was not designed with security in mind, and cybercriminals do not need highly technical skills to exploit it. In this blog, we\'ll look at how threat actors exploit human vulnerabilities by impersonating people and brands, why DMARC is becoming mandatory, and how Proofpoint can help. Are you for real? Looking legitimate to gain trust Most cyberattacks today are initiated via email. As a result, many users have started to block or delete emails from unknown sources as a precautionary measure. Cybercriminals realize this and have learned that their best chance is to fool the receiver into believing that they are dealing with a known source-ideally, a trusted source. And this is where sender impersonation comes into play. Spoofing is a common form of sender impersonation. There are two main types: Domain spoofing. This is when a bad actor forges a sender\'s domain in an email to make it appear as if the email is from a trusted source. Header spoofing. In this case, an attacker manipulates the email\'s header information-including various fields such as “From,” “To,” “Reply-To” and others-so that it looks like the email is from a different source than its true source (the attacker). Both tactics are designed to make recipients believe that they are interacting with a trusted source and can appear very legitimate. If someone believes they are communicating with a trusted person, they are more likely to divulge sensitive information or perform actions that compromise their security, such as handing over their credentials. If an attacker is spoofing your company to target your partners or customers, it can cause significant damage to your brand\'s reputation. To prevent this type of brand abuse, some companies have implemented email authentication technology as a “best practice.” But this trend is not as widespread as you might expect. An overview of email authentication technology To combat domain spoofing, Sender Policy Framework (SPF) was introduced, followed by Domain Key Identified Mail (DKIM), with the goal of validating that email is coming from an approved sending IP address and the message hasn\'t been tampered with en route. A company can create an SPF record that contains a list of all the “approved” IP addresses that can send email on the organization\'s behalf. This allows a system receiving an email to do a quick check to determine if the email is coming from an authorized server. If the sending IP address isn\'t on the SPF list, it fails authentication. DKIM goes a step further by using public and private keys, allowing a receiving system to compare the keys in the email to confirm that it came from who it says it did and that nothing in the email was changed after it was sent. Someone sending a domain-spoofed email would fail both SPF and DKIM authentication. Email authentication is becoming mandatory Email authentication tools have been available for years, so you would think that all companies would have implemented them by now. However, some businesses have been slow to act for various reasons, including: Resource limitations Budget limitations Concerns about legitimate email being blocked Whatever the cause for the lag in implementing these tools, the delay has allowed cybercriminals to continue to exploit the lack of security to initiate their attacks. Major email providers are making moves to force companies to catch up and use email authentication. Some highly publicized examples include the October 2023 announcements from Google, Yahoo and Apple around mandatory email authentication requirements (including DMARC) for bulk senders sending email to Gmail, Yahoo and iCloud accounts. This should significantly reduce spam and fraudulent emails hitting their customers\' inboxes. | Spam Tool Vulnerability Threat Prediction Technical | Yahoo | ★★★ |
|
2023-10-11 17:00:26 | Google et Yahoo ont défini un court terme pour répondre aux nouvelles exigences d'authentification par e-mail.Es-tu prêt? Google and Yahoo Set a Short Timeline to Meet New Email Authentication Requirements. Are You Ready? (lien direct) |
If you have a Gmail or Yahoo account, you probably know how cluttered your inbox can get with unsolicited email and other email that is clearly trying to defraud you. If you have ever thought to yourself “why can\'t these companies do a better job blocking these fraudulent messages and make it easier for me to receive less unsolicited mail?”, you are not alone. The good news is: Google and Yahoo are doing something about it, and things are about to change. The bad news is: If your company sends email to Google and Yahoo users, you may have some work to do and not a lot of time to do it. Google has announced that starting February 2024, Gmail will require email authentication to be in place when sending messages to Gmail accounts. If you\'re a bulk sender who sends more than 5,000 emails per day to Gmail accounts, you\'ll have even more requirements to meet. You\'ll also need to have a DMARC policy in place, ensure SPF or DKIM alignment, and you\'ll need to make it easy for recipients to unsubscribe (one-click unsubscribe). (You can access Google\'s detailed Email Sender Guidelines here.) Yahoo is rolling out similar requirements. The company recently announced that it will require strong email authentication to be in place by early 2024 to help stem the flow of malicious messages and reduce the amount of low value emails cluttering users\' inboxes. Are you prepared to meet these requirements? Here\'s what you should know. New Google and Yahoo email requirements The new requirements are broken down into two categories. All senders will need to follow the first set. Depending on how much email you send per day, there are also additional rules. Applicable to all senders: Email authentication. This is a critical measure to help prevent threat actors from sending email under the pretense of being from your organization. This tactic is referred to as domain spoofing and, if left unprotected, allows cyber criminals to weaponize sending domains for malicious cyber attacks. SPF is an email authentication protocol designed to prevent email spoofing, a common technique used in phishing attacks and email spam. As an integral part of email cybersecurity, SPF enables the receiving mail server to check whether incoming email comes from an IP address authorized by that domain\'s administrator. DKIM is a protocol that allows an organization to take responsibility for transmitting a message by signing it in a way that mailbox providers can verify. DKIM record verification is made possible through cryptographic authentication. Low SPAM rates. If recipients report your messages as SPAM at a rate that exceeds the new .3% requirement, your messages could be blocked or sent directly to a SPAM Folder. Requirements for senders of more than 5,000 messages per day: SPF and DKIM must be in place. Companies that send to Gmail or Yahoo must have Sender Policy Framework (SPF) or DomainKeys Identified Mail (DKIM) authentication methods implemented. Companies must have a DMARC policy in place. DMARC, which stands for Domain-based Message Authentication, Reporting and Conformance, is an email authentication standard that provides domain-level protection of the email channel. DMARC authentication detects and prevents email spoofing techniques used in phishing, business email compromise (BEC) and other email-based attacks. DMARC builds on the existing standards of Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM). It is the first and only widely deployed technology that can make the header “from” domain trustworthy. The domain owner can publish a DMARC record in the Domain Name System (DNS) and create a policy to tell receivers what to do with emails that fail authentication Messages must pass DMARC alignment. This means that the sending Envelope From domain is the same as the Header From domain, or that the DKIM domain is the same as the Header From domain. Messages must include one-click unsubscribe. For s | Spam Threat | Yahoo | ★★ |
1
We have: 2 articles.
We have: 2 articles.
To see everything:
Our RSS (filtrered)
