Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Finance

Digital currency discovery platform eradicates the threat of phishing attacks

Digital currency discovery platform eradicates the threat of phishing attacks

A case study on implementing DMARC – by Rahul Powar, Co-Founder Red Sift

Since the creation of bitcoin in 2009, the concept of digital currency has at times divided the public.

Yet despite the sceptics and the naysayers, today, there are over 1100 different types of cryptocurrencies. Funds are raised for currencies via Initial Coin Offerings (ICOs) and ICO platforms maintain the listings of all active and upcoming ICOs.

The financial services industry has already been on high alert for cybersecurity attacks for years; adding this digital currency dimension further intensifies the concern. The only way to steal these assets is to hack the digital wallet or hack the mining pools, and once stolen, the ‘transaction’ cannot be undone.

Pittsburgh-based ICO Alert promotes the digital currencies for companies wishing to raise money through ICOs. It’s therefore essential that the company’s communications are trusted – as the number of ICOs grow, so too does the potential for fraud and scams.

ICO Alert is a go-to source for information regarding active and upcoming ICOs and sends and receives thousands of emails a week. Inevitably, some of their clients have been subject to phishing attacks as they’ve grown in prominence, receiving emails purporting to come from ICO Alert asking them to carry out financial transactions. As Rob Finch, CEO of ICO Alert explains, “Our email domain was spoofed and one of our clients was sent an email highlighting the specifics of a deal. The email that was sent was a perfect fake – they’d used my headshot, my email signature, and of course they’d impersonated my sender address. Luckily, we were able to intercept this deal, but we did have a couple of clients that were affected by a similar scam. We were quick to resolve the financial ramifications, but knew that we needed to bolster our existing email protection.”

Rob already had DKIM implemented, a protocol that verifies if an email is sent from a valid source by using encryption in the header of an email. But with reports of email impersonation, Rob quickly realised he also needed to implement SPF, a tool that verifies if an email is sent from a valid IP address. However, his research highlighted that neither enforced the policies so there was still potential for the ICO Alert domain to be spoofed.

Consequently, Rob started looking more deeply into the nature of the phishing attacks. He knew there had to be a way to prevent email spoofing. It was at this point he discovered DMARC – an email protocol that combines the authentication that SPF and DKIM provide to enforce an authentication policy. DMARC has been around for several years but awareness is low – astonishing given that it can potentially solve the problem of email impersonation for every organisation on the planet. Understandably, Rob was intrigued by what he found.

While DMARC is a free-to-implement protocol, services to make implementation simpler, and management easier, are available to organizations of any size. With DMARC fully deployed with external support, Rob was able to establish a policy whereby only emails from ICO Alert’s domain that passed the SPF or DKIM authentication would be DMARC-validated and would thus reach the intended recipient.

Furthermore, ICO Alert, like many other organizations of its size, sends email from multiple email services, including up to 250,000 emails from its domain each year and a further 750,000 emails being sent through MailChimp. To maintain its strong brand reputation, it was vital to ICO Alert that emails which weren’t sent directly from its domain were able to carry the same guarantee of authenticity, a concern quickly resolved with DMARC – reports generated via the protocol are able to determine which domains are correctly configured and which, if any, are spoofing yours.

Once DMARC was implemented and configured to reject emails that weren’t fully authenticated – all within two weeks – ICO Alert was seeing 100% deliverability rates and experiencing zero bouncebacks, via its MailChimp campaigns too.

By setting up DMARC, Rob concludes, “Not only has it given us complete confidence in the deliverability of our email campaigns, but now our clients can also be confident in the legitimacy of the communications they receive from ICO Alert.”

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post