Using DNS Authentication to Defend Against Impersonation Attacks

Blog Post created by user.v1YcBgOpe0 Employee on Mar 20, 2017

Matthew Gardiner is a Senior Product Marketing Manager at Mimecast and is currently focused on email security, phishing, malware, and cloud security.


So many organizations are getting hit with email impersonation attacks these days -- also often known as business email compromise attacks, W-2 fraud, and multiple other names. 


By some measures, these types of malware-less email attacks are costing organizations billions of dollars every year.  This is unacceptable. While there is no one security technology that can address all of the vulnerabilities that attackers are taking advantage of, combining multiple techniques together can provide an excellent defense. No longer do you need your users as your first line (and in many cases only line) of defense. To read a higher-level discussion of the problem space, check out my blog - Can DMARC Stop All Business Email Compromise Attacks? 


In fact, using the multiple capabilities that are part of the DNS Authentication set of standards (and supported as part of the Mimecast service) -- DMARC/DKIM/SPF, in combination with the Mimecast Targeted Threat Protect - Impersonation Protect service -- is one such option.


We have recently added new capabilities to our DNS Authentication services to help our customers further leverage these capabilities. You can read more about them in this recent Service Update