Resources

North Korean phishing attacks are on the rise; how can DMARC keep businesses safe?

Written by Elliot Wilkie | May 15, 2024 10:07:21 AM

Another day, another cyber threat. With DMARC policy a hot topic in cybersecurity, opportunist hackers in North Korea are making headlines as they exploit weak email security.

The U.S. government recently issued a strong warning about email phishing cybercrime, reinforcing the importance of robust cybersecurity. On May 2nd, 2024, agencies, including the FBI, the Department of State, and the National Security Agency (NSA), raised awareness of North Korean cybercriminals exploiting weak email security.

North Korean hackers have successfully launched widespread spear phishing attacks by taking advantage of weak or poorly configured Domain-based Message Authentication, Reporting, and Conformance (DMARC) policies.

The spear phishing strategy

Spear phishing attacks are targeted, sophisticated attacks aimed at individuals and organisations. Therefore, they can present as authentic and be challenging to detect as fake or malicious.

Whether impersonating a CEO or requesting urgent financial transfers, spear phishing aims to deceive recipients and fool them into revealing sensitive information or allowing access to private networks and devices.

So, what does a DMARC policy do?

DMARC policy explained

A DMARC policy enhances email security by checking emails and confirming their authenticity based on the domain they came from.

The DMARC policy allows domain owners to set instructions for email receivers, allowing senders to choose whether to monitor, quarantine, or reject emails that fail authentication checks.

DMARC can seem like a complicated area of email safeguarding. In February 2024, Google changed its DMARC policy statement to "p=quarantine," meaning that emails failing to pass DMARC will automatically be sent to spam.

DMARC policies play a vital role in helping organisations reduce the risk of phishing attacks, highlighting potential threats, and giving insight into email authentication failure.

That said, the new policy means businesses need to proactively authenticate their email domain to avoid having their emails sent to spam by default.

DMARC management with Sendmarc

Businesses must proactively protect their domain from spoofing and mitigate phishing attacks. Having an active and up-to-date DMARC policy for your business and setting it to 'reject' adds an essential layer of protection. However, for many, DMARC is a complex thing to navigate.

We partner with Sendmarc, a powerful, automated DMARC management tool that secures your domain against email impersonation, spoofing and phishing.

Sendmarc ensures your emails reach recipients rather than landing in spam folders, stops fake emails from being sent from your domain, and keeps your entire team compliant with current regulations.

Brigantia’s choice for DMARC

At Brigantia, we only partner with the best in the industry. Our rigorous vetting process is required for all our vendors, ensuring we offer market-leading cybersecurity products and services to the MSP community.

As a Brigantia-approved vendor, Sendmarc helps safeguard businesses and protect users while keeping organisations updated with the evolving DMARC policy and email security landscape.

 

Learn more about how Sendmarc here.