The latest way to prevent email spoofing attacks

ー Do you know DMARC, a noteworthy new method? ー

Email spoofing is rampant nowadays. Especially, Business Email Compromise (BEC), a form of email fraud targeting enterprises, is so clever that it is victimizing more and more businesses.

Emotet, which may be still fresh in your memory, also uses spoofed emails to introduce malware. It steals and learns the contents from the email application in the infected devices to make attacking emails deceiving security software.

Globally spreading Ransomware starts over 75% of its attacks with emails. Some reports show that 85% of data leakage and breaches are due to human factors, with phishing emails being the most significant factor at 36% of breaches.

Japan also sees increasing phishing attacks, often exploiting spoofing emails. In this type of attack, malicious third parties impersonate real organizations like credit card companies and send the target digital files, including emails, to direct the victims from the enclosed links to fake websites, stealing their essential information, such as credit card numbers.
In response to these issues, the Ministry of Internal Affairs and Communications, the National Police Agency, and the Ministry of Economy, Trade and Industry have requested credit card companies and other businesses to strengthen their anti-phishing measures.
It is DMARC that is referred to as an effective way of protection in the request.

DMARC is Domain-based Message Authentication Reporting and Conformance, which helps to secure email from threats like spoofing. DMARC protects the recipients against email spoofing and provides a way for domain owners to protect their brand.

This document clarifies the damage email spoofing causes, how to prevent it, and what DMARC is.