Welcome!

News Feed Item

Return Path Research Finds that DMARC is Effective in Blocking Millions of Potentially Fraudulent Messages from 60% of the World’s Mailboxes

Return Path, the global leader in email intelligence, today announced, in partnership with DMARC.org, that the DMARC standard is giving top senders a new level of control in blocking potentially fraudulent messages from a majority of the world’s mailboxes. In fact, DMARC is now deployed at mailbox providers representing 60% of the world’s mailboxes and been adopted by 10 of the top 20 sending domains, representing a high volume of daily traffic into receiving networks. Because of this, more than 325 million messages were blocked from consumer inboxes in November and December of 2012, according to data from Return Path and other members of DMARC.org. In one recent example, DocuSign used the DMARC standard to thwart an active phishing attack.

DMARC, which stands for Domain-based Message Authentication, Reporting and Conformance, was launched last year by a consortium of top mailbox providers and senders including Google, Microsoft, Yahoo!, Facebook and PayPal. DMARC uses existing authentication protocols – Sender Policy Framework (SPF) and DKIM – to enable brands to publish policies that reject messages that are not properly authenticated. DMARC adds deeper value by enabling mailbox providers to send reporting back to companies to let them know when their domains are not authenticated properly. This helps companies quickly detect phishing attacks and keep their systems running properly.

DocuSign Uses DMARC to Fight Fraud

DocuSign, as the global standard for eSignature, has built a trust network of more than 27 million users in 188 countries who use the company’s eSignature transaction management platform to finish business faster. The company helps individuals and businesses of all sizes and industries accelerate transactions to increase speed to results, reduce costs, and delight customers.

With the industry’s most robust security, DocuSign is on the cutting edge of using innovative tools like the DMARC standard to protect its brand and global network of users. An advocate for using Sender Policy Framework (SPF) for authentication, DocuSign uses DMARC to monitor messages from its sending domains. When fraudulent emails recently began appearing via DMARC, the company quickly saw that its brand and users were the target of a phishing attack, and took immediate action. DocuSign published an updated DMARC policy that directed participating mailbox providers to quarantine all messages that failed authentication, thereby stopping suspicious messages from reaching inboxes.

“DocuSIgn offers the industry’s most trusted eSignature platform,” said Joan Ross, Chief Security Officer, DocuSign. “DMARC allows us to rapidly identify any attacks against the DocuSign brand and protect our global network of users so that they can continue to rely on DocuSign to finish business faster safely and securely.”

As a security thought leader, DocuSign recently blogged about DMARC and other best practices in a series of blog posts designed to help the company’s users further protect their information and data.

DocuSign isn’t alone: As malware spam attacks are on the rise targeting high-profile companies with trusted brands, many companies are turning to this new defensive tool to fight back. Using the DMARC standard, these companies direct mailbox providers to block or quarantine unauthenticated mail attributed to their domains. This can prevent addressees from receiving deceptive phishing messages that falsely appear to be from what are made to look like familiar senders.

Return Path’s Secure.EQ suite of anti-phishing solutions includes tools that help senders implement the DMARC standard and protect their brands from phishing attacks. In another recent example, Publishers Clearing House was able to use Return Path’s Domain Secure system to block 350,000 messages from bogus forwarding services and infrastructure that did not belong to PCH. Blocking these messages from inboxes protects hundreds of thousands of consumers from harmful messages – something not possible before DMARC.

“As longtime advocates for email authentication and co-founding members of DMARC.org, we’re encouraged by examples like these,” said George Bilbrey, President of Return Path. “As more senders recognize the effectiveness of DMARC in their battle against fraud, consumer trust across the email channel will build. Top brands are already leading the way – their success should inspire senders everywhere to take these simple steps to make the entire email ecosystem safer and more secure.”

Resources:

DMARC.org anniversary release:
Publishers Clearing House Reduces Phishing Threats with DMARC
Return Path DMARC page:
http://www.returnpath.com/solution-content/dmarc-support/

About Return Path

Return Path is the worldwide leader in email intelligence. We analyze more data about email than anyone else in the world and use that data to power products that ensure that only emails people want and expect reach the inbox. Our industry-leading email intelligence solutions utilize the world’s most comprehensive set of data to maximize the performance and accountability of email, build trust across the entire email ecosystem and protect users from spam and other abuse. We help businesses build better relationships with their customers and improve their email ROI; and we help ISPs and other mailbox providers enhance network performance and drive customer retention. Information about Return Path can be found at: www.returnpath.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
SYS-CON Events announced today that Pulzze Systems will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Pulzze Systems, Inc. provides infrastructure products for the Internet of Things to enable any connected device and system to carry out matched operations without programming. For more information, visit http://www.pulzzesystems.com.
If you’re responsible for an application that depends on the data or functionality of various IoT endpoints – either sensors or devices – your brand reputation depends on the security, reliability, and compliance of its many integrated parts. If your application fails to deliver the expected business results, your customers and partners won't care if that failure stems from the code you developed or from a component that you integrated. What can you do to ensure that the endpoints work as expect...
DevOps at Cloud Expo – being held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real results. Am...
The Internet of Things can drive efficiency for airlines and airports. In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect with GE, and Sudip Majumder, senior director of development at Oracle, will discuss the technical details of the connected airline baggage and related social media solutions. These IoT applications will enhance travelers' journey experience and drive efficiency for the airlines and the airports. The session will include a working demo and a technical d...
SYS-CON Events announced today that Commvault, a global leader in enterprise data protection and information management, has been named “Bronze Sponsor” of SYS-CON's 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Commvault is a leading provider of data protection and information management solutions, helping companies worldwide activate their data to drive more value and business insight and to transform moder...
The Transparent Cloud-computing Consortium (abbreviation: T-Cloud Consortium) will conduct research activities into changes in the computing model as a result of collaboration between "device" and "cloud" and the creation of new value and markets through organic data processing High speed and high quality networks, and dramatic improvements in computer processing capabilities, have greatly changed the nature of applications and made the storing and processing of data on the network commonplace.
SYS-CON Events announced today that Bsquare has been named “Silver Sponsor” of SYS-CON's @ThingsExpo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. For more than two decades, Bsquare has helped its customers extract business value from a broad array of physical assets by making them intelligent, connecting them, and using the data they generate to optimize business processes.
I'm a lonely sensor. I spend all day telling the world how I'm feeling, but none of the other sensors seem to care. I want to be connected. I want to build relationships with other sensors to be more useful for my human. I want my human to understand that when my friends next door are too hot for a while, I'll soon be flaming. And when all my friends go outside without me, I may be left behind. Don't just log my data; use the relationship graph. In his session at @ThingsExpo, Ryan Boyd, Engi...
Fact is, enterprises have significant legacy voice infrastructure that’s costly to replace with pure IP solutions. How can we bring this analog infrastructure into our shiny new cloud applications? There are proven methods to bind both legacy voice applications and traditional PSTN audio into cloud-based applications and services at a carrier scale. Some of the most successful implementations leverage WebRTC, WebSockets, SIP and other open source technologies. In his session at @ThingsExpo, Da...
SYS-CON Events announced today that Secure Channels will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. The bedrock of Secure Channels Technology is a uniquely modified and enhanced process based on superencipherment. Superencipherment is the process of encrypting an already encrypted message one or more times, either using the same or a different algorithm.
Traditional on-premises data centers have long been the domain of modern data platforms like Apache Hadoop, meaning companies who build their business on public cloud were challenged to run Big Data processing and analytics at scale. But recent advancements in Hadoop performance, security, and most importantly cloud-native integrations, are giving organizations the ability to truly gain value from all their data. In his session at 19th Cloud Expo, David Tishgart, Director of Product Marketing ...
Almost two-thirds of companies either have or soon will have IoT as the backbone of their business in 2016. However, IoT is far more complex than most firms expected. How can you not get trapped in the pitfalls? In his session at @ThingsExpo, Tony Shan, a renowned visionary and thought leader, will introduce a holistic method of IoTification, which is the process of IoTifying the existing technology and business models to adopt and leverage IoT. He will drill down to the components in this fra...
The vision of a connected smart home is becoming reality with the application of integrated wireless technologies in devices and appliances. The use of standardized and TCP/IP networked wireless technologies in line-powered and battery operated sensors and controls has led to the adoption of radios in the 2.4GHz band, including Wi-Fi, BT/BLE and 802.15.4 applied ZigBee and Thread. This is driving the need for robust wireless coexistence for multiple radios to ensure throughput performance and th...
Enterprise IT has been in the era of Hybrid Cloud for some time now. But it seems most conversations about Hybrid are focused on integrating AWS, Microsoft Azure, or Google ECM into existing on-premises systems. Where is all the Private Cloud? What do technology providers need to do to make their offerings more compelling? How should enterprise IT executives and buyers define their focus, needs, and roadmap, and communicate that clearly to the providers?
SYS-CON Events announced today the Kubernetes and Google Container Engine Workshop, being held November 3, 2016, in conjunction with @DevOpsSummit at 19th Cloud Expo at the Santa Clara Convention Center in Santa Clara, CA. This workshop led by Sebastian Scheele introduces participants to Kubernetes and Google Container Engine (GKE). Through a combination of instructor-led presentations, demonstrations, and hands-on labs, students learn the key concepts and practices for deploying and maintainin...