Welcome!

News Feed Item

Return Path Research Finds that DMARC is Effective in Blocking Millions of Potentially Fraudulent Messages from 60% of the World’s Mailboxes

Return Path, the global leader in email intelligence, today announced, in partnership with DMARC.org, that the DMARC standard is giving top senders a new level of control in blocking potentially fraudulent messages from a majority of the world’s mailboxes. In fact, DMARC is now deployed at mailbox providers representing 60% of the world’s mailboxes and been adopted by 10 of the top 20 sending domains, representing a high volume of daily traffic into receiving networks. Because of this, more than 325 million messages were blocked from consumer inboxes in November and December of 2012, according to data from Return Path and other members of DMARC.org. In one recent example, DocuSign used the DMARC standard to thwart an active phishing attack.

DMARC, which stands for Domain-based Message Authentication, Reporting and Conformance, was launched last year by a consortium of top mailbox providers and senders including Google, Microsoft, Yahoo!, Facebook and PayPal. DMARC uses existing authentication protocols – Sender Policy Framework (SPF) and DKIM – to enable brands to publish policies that reject messages that are not properly authenticated. DMARC adds deeper value by enabling mailbox providers to send reporting back to companies to let them know when their domains are not authenticated properly. This helps companies quickly detect phishing attacks and keep their systems running properly.

DocuSign Uses DMARC to Fight Fraud

DocuSign, as the global standard for eSignature, has built a trust network of more than 27 million users in 188 countries who use the company’s eSignature transaction management platform to finish business faster. The company helps individuals and businesses of all sizes and industries accelerate transactions to increase speed to results, reduce costs, and delight customers.

With the industry’s most robust security, DocuSign is on the cutting edge of using innovative tools like the DMARC standard to protect its brand and global network of users. An advocate for using Sender Policy Framework (SPF) for authentication, DocuSign uses DMARC to monitor messages from its sending domains. When fraudulent emails recently began appearing via DMARC, the company quickly saw that its brand and users were the target of a phishing attack, and took immediate action. DocuSign published an updated DMARC policy that directed participating mailbox providers to quarantine all messages that failed authentication, thereby stopping suspicious messages from reaching inboxes.

“DocuSIgn offers the industry’s most trusted eSignature platform,” said Joan Ross, Chief Security Officer, DocuSign. “DMARC allows us to rapidly identify any attacks against the DocuSign brand and protect our global network of users so that they can continue to rely on DocuSign to finish business faster safely and securely.”

As a security thought leader, DocuSign recently blogged about DMARC and other best practices in a series of blog posts designed to help the company’s users further protect their information and data.

DocuSign isn’t alone: As malware spam attacks are on the rise targeting high-profile companies with trusted brands, many companies are turning to this new defensive tool to fight back. Using the DMARC standard, these companies direct mailbox providers to block or quarantine unauthenticated mail attributed to their domains. This can prevent addressees from receiving deceptive phishing messages that falsely appear to be from what are made to look like familiar senders.

Return Path’s Secure.EQ suite of anti-phishing solutions includes tools that help senders implement the DMARC standard and protect their brands from phishing attacks. In another recent example, Publishers Clearing House was able to use Return Path’s Domain Secure system to block 350,000 messages from bogus forwarding services and infrastructure that did not belong to PCH. Blocking these messages from inboxes protects hundreds of thousands of consumers from harmful messages – something not possible before DMARC.

“As longtime advocates for email authentication and co-founding members of DMARC.org, we’re encouraged by examples like these,” said George Bilbrey, President of Return Path. “As more senders recognize the effectiveness of DMARC in their battle against fraud, consumer trust across the email channel will build. Top brands are already leading the way – their success should inspire senders everywhere to take these simple steps to make the entire email ecosystem safer and more secure.”

Resources:

DMARC.org anniversary release:
Publishers Clearing House Reduces Phishing Threats with DMARC
Return Path DMARC page:
http://www.returnpath.com/solution-content/dmarc-support/

About Return Path

Return Path is the worldwide leader in email intelligence. We analyze more data about email than anyone else in the world and use that data to power products that ensure that only emails people want and expect reach the inbox. Our industry-leading email intelligence solutions utilize the world’s most comprehensive set of data to maximize the performance and accountability of email, build trust across the entire email ecosystem and protect users from spam and other abuse. We help businesses build better relationships with their customers and improve their email ROI; and we help ISPs and other mailbox providers enhance network performance and drive customer retention. Information about Return Path can be found at: www.returnpath.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
A critical component of any IoT project is the back-end systems that capture data from remote IoT devices and structure it in a way to answer useful questions. Traditional data warehouse and analytical systems are mature technologies that can be used to handle large data sets, but they are not well suited to many IoT-scale products and the need for real-time insights. At Fuze, we have developed a backend platform as part of our mobility-oriented cloud service that uses Big Data-based approache...
Peak 10, Inc., has announced the implementation of IT service management, a business process alignment initiative based on the widely adopted Information Technology Infrastructure Library (ITIL) framework. The implementation of IT service management enhances Peak 10’s current service-minded approach to IT delivery by propelling the company to deliver higher levels of personalized and prompt service. The majority of Peak 10’s operations employees have been trained and certified in the ITIL frame...
trust and privacy in their ecosystem. Assurance and protection of device identity, secure data encryption and authentication are the key security challenges organizations are trying to address when integrating IoT devices. This holds true for IoT applications in a wide range of industries, for example, healthcare, consumer devices, and manufacturing. In his session at @ThingsExpo, Lancen LaChance, vice president of product management, IoT solutions at GlobalSign, will teach IoT developers how t...
As the rapid adoption of containers continues, companies are finding that they lack the operational tools to understand the behavior of applications deployed in these containers, and how to identify issues in their application infrastructure. For example, how are multiple containers within an application impacting each other’s performance? If an application’s service is degraded, which container is to blame? In the case of an application outage, what was the root cause of the outage?
Digital payments using wearable devices such as smart watches, fitness trackers, and payment wristbands are an increasing area of focus for industry participants, and consumer acceptance from early trials and deployments has encouraged some of the biggest names in technology and banking to continue their push to drive growth in this nascent market. Wearable payment systems may utilize near field communication (NFC), radio frequency identification (RFID), or quick response (QR) codes and barcodes...
SYS-CON Events announced today that CollabNet (www.collabnet.com) a global leader in enterprise software development and delivery solutions that help customers create high-quality applications at speed, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. The CEO of CollabNet Flint Brenton will also present about DevOps challenges in today’s global, open, and heterogeneous world of software development.
SYS-CON Events announced today that Peak 10, Inc., a national IT infrastructure and cloud services provider, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Peak 10 provides reliable, tailored data center and network services, cloud and managed services. Its solutions are designed to scale and adapt to customers’ changing business needs, enabling them to lower costs, improve performance and focus inter...
Much of the value of DevOps comes from a (renewed) focus on measurement, sharing, and continuous feedback loops. In increasingly complex DevOps workflows and environments, and especially in larger, regulated, or more crystallized organizations, these core concepts become even more critical. In his session at @DevOpsSummit at 18th Cloud Expo, Andi Mann, Chief Technology Advocate at Splunk, will show how, by focusing on 'metrics that matter,' you can provide objective, transparent, and meaningfu...
We're entering the post-smartphone era, where wearable gadgets from watches and fitness bands to glasses and health aids will power the next technological revolution. With mass adoption of wearable devices comes a new data ecosystem that must be protected. Wearables open new pathways that facilitate the tracking, sharing and storing of consumers’ personal health, location and daily activity data. Consumers have some idea of the data these devices capture, but most don’t realize how revealing and...
In the world of DevOps there are ‘known good practices’ – aka ‘patterns’ – and ‘known bad practices’ – aka ‘anti-patterns.' Many of these patterns and anti-patterns have been developed from real world experience, especially by the early adopters of DevOps theory; but many are more feasible in theory than in practice, especially for more recent entrants to the DevOps scene. In this power panel at @DevOpsSummit at 18th Cloud Expo, moderated by DevOps Conference Chair Andi Mann, panelists will dis...
The demand for organizations to expand their infrastructure to multiple IT environments like the cloud, on-premise, mobile, bring your own device (BYOD) and the Internet of Things (IoT) continues to grow. As this hybrid infrastructure increases, the challenge to monitor the security of these systems increases in volume and complexity. In his session at 18th Cloud Expo, Stephen Coty, Chief Security Evangelist at Alert Logic, will show how properly configured and managed security architecture can...
There is an ever-growing explosion of new devices that are connected to the Internet using “cloud” solutions. This rapid growth is creating a massive new demand for efficient access to data. And it’s not just about connecting to that data anymore. This new demand is bringing new issues and challenges and it is important for companies to scale for the coming growth. And with that scaling comes the need for greater security, gathering and data analysis, storage, connectivity and, of course, the...
The IETF draft standard for M2M certificates is a security solution specifically designed for the demanding needs of IoT/M2M applications. In his session at @ThingsExpo, Brian Romansky, VP of Strategic Technology at TrustPoint Innovation, will explain how M2M certificates can efficiently enable confidentiality, integrity, and authenticity on highly constrained devices.
SYS-CON Events announced today the Docker Meets Kubernetes – Intro into the Kubernetes World, being held June 9, 2016, in conjunction with 18th Cloud Expo | @ThingsExpo, at the Javits Center in New York, NY. Register for 'Docker Meets Kubernetes Workshop' Here! This workshop led by Sebastian Scheele, co-founder of Loodse, introduces participants to Kubernetes (container orchestration). Through a combination of instructor-led presentations, demonstrations, and hands-on labs, participants learn ...
See storage differently! Storage performance problems have only gotten worse and harder to solve as applications have become largely virtualized and moved to a cloud-based infrastructure. Storage performance in a virtualized environment is not just about IOPS, it is about how well that potential performance is guaranteed to individual VMs for these apps as the number of VMs keep going up real time. In his session at 18th Cloud Expo, Dhiraj Sehgal, in product and marketing at Tintri, will discu...