By Chris MeidingerWhen my colleague Erika commented that it's email's birthday month - RFC 821 was posted in August of 1982 - I figured we ought to say happy birthday here on the blog. I set about looking for a more specific date for the RFC's release than "August 1982" to figure out when the exact birthday is, and (of course) my first thought was "well, there must be a mailing list archive...

One of the great things about a conference like BlackHat is that it gives people like me the opportunity to take a step back, get out of the specific back alleyways of cybersecurity that we usually inhabit, and take a broader, more holistic look at attack and defense. One concept that's been talked about for a while is the Cyber Kill Chain. It takes a military-theoretical approach to network asset...

Originally, when thinking about the claim ‘Accepted Everywhere’ I was sure it was the slogan of a specific credit card from across the pond.

The Benefits of Monitor Mode When a technology exists that can tell you if and when your domains are being spoofed (and by who), why would you not use it?! What is DMARC? DMARC was created to address some fundamental problems with existing email authentication technologies (SPF and DKIM). It provides feedback about your email authentication implementation and gives ISPs (Google, Yahoo!,...

By Tomki Camp, Director of Support & Services DomainKeys, or DK, was a signing technique implementation which contributed/evolved into DomainKeys Identified Mail, or DKIM. Since development efforts shifted into working on DKIM in 2004, there have been many improvements and far broader adoption of DKIM in email services. All new uses of email signing should use DKIM rather than DK, as the...

Let’s say you have a very popular store. Your customers love receiving coupons and communications from you by email. Then a spammer sees your email address as a great opportunity to take someone’s personal information. They send an email claiming to be you, requesting updated credit card information from your customers. Now your customers are calling in, upset that their information was...

On April 4, Yahoo! took one giant step forward for email-kind when they requested all Internet email receivers to stop receiving mail purporting to be From: Yahoo!, that is not authentic. This is done with a “DMARC reject” policy. More recently Yahoo! explained their stance in a blog post. "And overnight, the bad guys who have used email spoofing to forge emails and launch phishing attempts...

In response to the article on PC World, Yahoo email anti-spoofing policy breaks mailing lists, we want to take the opportunity to comment on the benefits of DMARC and the important role it plays in securing companies and consumers. 2013 was a pivotal year for email security – multiple, high profile attacks that leveraged weaponized emails as an attack component finally highlighted to the world...

Global DMARC coverageDMARC recently celebrated its 2nd year anniversary, and has grown rapidly to become the de facto standard in email authentication. It currently covers 2 billion consumer mailboxes in over 70+ countries and has been adopted by most of the global consumer mailbox providers. For the purposes of this article, ISPs are defined as Internet Service Provider that also offer consumer...

With fraud, phishing, and email-borne malware on the rise and with the risks to brands made evident by the recent attacks on Target and Nieman Marcus in 2013, it has never been more important to protect your email channel and prevent attackers from using your brand as a means of targeting consumers. Fortunately, there’s never been a better way to do it.Agari PRO is Agari’s next-generation solution...

So you’ve heard a lot about this new thing called DMARC, but don’t totally understand what to do? You are at the right place! After all, at Agari we are the DMARC guys. (Someone said this to me at a conference recently. I think it deserves a t-shirt. ☺) If you take a few minutes to read on, we will help you understand why you should publish your business’ first DMARC record.First, let’s cover a...

DMARC, which stands for Domain-based Message Authentication, Reporting, & Conformance, is a specification that defines how email can be authenticated by receivers and how they can report the authentication results back to the sender. The specification was published in 2012, and it is now celebrating its second year of having a positive effect in protecting consumer inboxes from spoofed email.To...

With the data breaches of 2013 bringing cybercrime into the spotlight, one thing has become astoundingly clear – cybercriminals are waging a war and are pulling into the lead. Email plays a key role in this war because email is the single easiest way for criminals to target an individual. Recent breaches have seen criminals sell off that personal information, such as email addresses, home...

For most people the holidays are the happiest time of the year, when you get to see family and friends, open gifts, and eat more food in one day than you eat during a typical week. But with the good comes the bad, such as the stress of travel and finding the perfect gift for that hard-to-please someone. Cybercriminals are well aware that people are stressed and busy in the months leading up to the...

"A 3 month analysis of the top US malicious email campaigns shows DMARC would have identified 90% of these malicious attacks"Over 20 months ago, industry titans including Paypal, Google, Microsoft, Yahoo!, AOL, and Facebook banded together to launch DMARC, a new approach to reducing email phishing/spamming. In the short period since, DMARC has deployed rapidly and now covers 80% of US consumers...

When it comes to the security of your business, you can never be too careful. We’ve talked about the precautions that consumers should take to keep their personal information secure and out of the hands of cyber criminals. Now let’s talk about what businesses need to keep in mind to keep their data and employees safe. Cybersecurity within a business is especially important for various reasons. To...