During the past few months, there have been numerous cases of crooks impersonating government departments in phishing promotions, stimulating Sen. Ron Wyden to write to the Division of Homeland Safety requesting for the usage of DMARC to avoid phishing attacks utilizing national electronic mail domains.
Phishers are accessing to actual domains utilized by national agencies as well as are transmitting out phishing electronic mails. The authorized domains add genuineness to the phishing attacks, increasingly the possibility that email receivers will open the emails and take whatever action the attackers propose.
DMARC can be used to avoid spoofing of domains. DMARC uses 2 validation systems: The Sender Policy Framework and Domain Keys Identified Mail to verify the transmitter of the email and decide if the domain is being used by a genuine user or a third-party.
The use of DMARC to avoid phishing attacks is common. DMARC has already been adopted by AOL, Google, and Yahoo, even though not by government agencies. The United States government has roughly 1,300 domains, although estimates suggest only 2% are safeguarded by DMARC.
The United Kingdom government has recently adopted DMARC after an increase in impersonation attacks, yet the U.S. lags behind. Sen. Wyden states in the letter, “Government-wide implementation of DMARC has had an enormous effect in the U.K. In 2016, the United Kingdom needed all government agencies to enable DMARC. As a consequence, the U.K.’s tax agency has stated that it decreased the number of phishing electronic mails purporting to come from that organization by a staggering 300 million mails in one year.”
There is a clear need for extra protections to be put in place to prevent impersonation attacks, as has clearly been underscored during tax season this year. The Internal Revenue Service reports there was a 400% rise in impersonation attacks. Wyden also mentions in the letter that the Defense Security Service email specialties have been used in phishing attacks.
Wyden said it’s necessary for federal organizations to adopt DMARC to avoid phishing and suggests the Department of Homeland Safety include DMARC into its Cyber Hygiene System and tests all federal agency systems. He also proposes the General Services Administration should keep the trail of phishing attempts and evaluate DMARC reports to try to find out who is trying to impersonate government organizations.