One of the oldest tricks in the book for spammers is to spoof or forge the "From" address so that the email appears to come from a legitimate source.
This month, Symantec is introducing DMARC Validation as a free upgrade for Email Security.cloud customers, further enhancing our protection against these types of spam, targeted attacks and phishing messages.
Once customers enable this new functionality, Symantec will automatically check if sending domain owners have a published DMARC policy and check that the email is legitimate.
Big, popular brands are often used in phishing and scam email attacks and I'm sure you've seen some of them first hand.
This is why over 80,000 domains have published DMARC policies and since 2011 it has been quickly adopted by some of the largest global brands and email senders such as Paypal, Twitter, Outlook.com, Yahoo! Mail, Facebook, LinkedIn and Bank of America.
DMARC.org reports that more than 25 million email messages spoofing PayPal were detected and rejected by DMARC during the 2013 holiday buying season and Twitter reports that roughly 110 million messages per day were spoofing its domains prior to deploying DMARC, showing this implementation is effective.
"The attention so far has been on how DMARC helps protect consumers and big brand-owners, but as adoption rises it also offers improved protection to employees at organizations big and small." said Steven Jones, Secretary of DMARC.org. "A lot of companies have been asking me about vendor-supported DMARC filtering to help protect their employees, so this is definitely a growing need in the market."
HOW TO TURN ON DMARC VALIDATION
Symantec Email Security.cloud customers will see the new configuration options in the admin interface, on or around March 29, 2014 and we encourage all customers to enable it as soon as they can.
You can enable DMARC Validation in the Spoofed Sender Detection settings located within the Antispam configuration in ClientNet.
Further technical information on DMARC can be found at DMARC.org.
As attackers and miscreants try new ways to circumvent security, it's vitally important that a security product or service continually evolves to protect against the latest threats.
Symantec’s cloud based Email Security offering is always up to date and doesn't burden customers with software or hardware upgrades to get the latest benefits.
We track our own performance and publish metrics regularly against our SLAs online.
Symantec’s comprehensive security expertise, vast global intelligence and portfolio offer organizations proactive, targeted attack protection across the endpoint, gateway and data center.