Email Spoofing: How to protect your business
There are three things you should make sure your IT professional has configured for your business. SPF (Sender Policy Framework), DMARC (Domain-based Message Authentication, Reporting & Conformance), and DKIM (DomainKeys Identified Mail). Each of those three things help in preventing email spoofing and they all have different roles and prevent email spoofing in a different way.
What is email spoofing and why would someone do it?
Email spoofing is when someone sends an email from their email account but makes it look like it is from you. They might do this to financial data, personal data, or really anything! Let’s say that I know your business recently purchased something from Amazon. I send you a phishing email that says I am Amazon and I attach an invoice asking you to pay. You are unsuspecting so you enter your credit card data. I now have your credit card data! That is why we should all try our best to prevent email spoofing.
What is the Sender Policy Framework or SPF?
SPF is a method used to detect that the domain of the sender matches the IP Address of your approved email server. This is a DNS TXT record that provides a list of approved IP Addresses. Check out this Wikipedia article to see more details about the history of the Sender Policy Framework!
What is the DomainKeys Identified Mail or DKIM?
DKIM is a method used to verify that the email is from the domain it claims to be from. DKIM does this by checking a digital signature in the header of the email with a DNS record. The email server needs to be configured to add the correct digital signature and a DNS entry needs to be made. Check out this Wikipedia article to see more details about DomainKeys Identified Mail!
What is Domain-based Message Authentication, Reporting & Conformance or DMARC?
DMARC is configured by a single DNS record that tells the recipient that the email sender has SPF and/or DKIM configured. It also tells the server what to do if one of the checks fails. You can set it to reject the email, quarantine the email, or allow it. You can also set it to email a report of the rejected email to a specific email address.
How do I make sure that I have all this email spoofing security setup for my email?
Contact your IT professional for assistance in checking the records and implementing them. If you feel like exploring a bit on your own you can check out mxtoolbox.com which has tools to check each of these. You can also contact us at Quick MSP and we will do a assessment of your email/network configuration for you!