Email impersonation attacks remain a significant hazard for FTSE 100 corporations, persisting even though a straightforward remedy, commonly accessible, has been established.

Email impersonation attacks remain a significant hazard for FTSE 100 corporations, persisting even though a straightforward remedy, commonly accessible, has been established.

Article Rewrite

Email spoofing attacks continue to pose a significant threat to a third of FTSE 100 companies, despite the availability of DMARC tools, as per a report by Hornetsecurity.

At Infosecurity Europe 2025, Romain Basset, the director of customer services at Hornetsecurity, pointed out the lack of focus on DMARC signifies a lack of understanding among many organizations. DMARC acts as a safety net, ensuring recipients have a policy when either SPF or DKIM has failed, and clarifying what to do when email authentication has failed.

Analyzing the DNS records of the FTSE100, Hornetsecurity found that more than 30% lacked properly configured DMARC solutions, allowing failed authentication emails to slip through to users' inboxes. A few companies even had no DMARC at all, enabling attackers to carry out various email-based cyber attacks on employees at the impersonated firms and customers using the fake company's legitimacy for further attacks.

り When implementing DMARC, many security teams struggle with correct configuration, which requires a thorough understanding of a domain and all its authorized senders. domains, as well as all the authorized senders associated with those domains. Imagine you have an HR solution, a marketing platform, Salesforce, an invoicing tool, and European subsidiaries – each utilizing different tools and domains – making it complex to identify legitimate senders and maintain the process continuously.

Basset mentioned that DMARC reports can be challenging to aggregate for data-driven decision making. He advised leaders considering the business value of DMARC, in addition to its importance to security. Ensuring that expensive lead generation campaigns don't get sent to users' spam folders is essential, as is protecting the organization's brand and reputation.

DMARC works alongside SPF and DKIM, validating who within an organization can send an email and verifying whether the sender is indeed who they claim to be. However, DMARC isn't a silver bullet for all email attacks, as it can't protect against hackers compromising email accounts. Basset noted that in such cases, security teams must rely on cybersecurity awareness training, business processes that prevent attacks such as requiring payment requests to be confirmed via phone call, and approaches like "impossible travel checks" that flag unusual geolocation behaviors.

Despite the importance of DMARC, it is just one piece in an organization's security puzzle. By educating employees, ensuring secure passwords, and staying vigilant against phishing attempts, organizations can bolster their email security and safeguard against email-based cyber attacks.

Additional Insights

Overall

Configuring DMARC for optimal email security in organizations requires several steps, including setting up SPF and DKIM, configuring DMARC, identifying authorized senders, and interpreting DMARC reports. By following these steps and implementing continuous monitoring, organizations can effectively fend off spam and phishing attempts, strengthen their email security, and maintain a strong brand reputation.

SPF, DKIM, and DMARC

• SPF (Sender Policy Framework): Checks whether the email was sent from an authorized IP address to help prevent domain spoofing.
• DKIM (DomainKeys Identified Mail): Verifies that the email was sent by the domain owner and wasn't tampered with during transit by checking a cryptographic signature against a public key.
• DMARC (Domain-based Message Authentication, Reporting, and Conformance): Ensures that emails claiming to be from your domain are genuinely sent by authorized servers and are not impersonated by attackers.

Step-by-Step Guide for DMARC Configuration

1. Set up SPF and DKIM
2. Configure DMARC
3. Identify and list authorized senders
4. Analyze and interpret DMARC reports
5. Implement enforcement policies
6. In light of the dangerous email spoofing attacks, it's crucial for businesses to prioritize the proper configuration of DMARC, as a lack of understanding among organizations has left many exposed, according to Romain Basset, director of customer services at Hornetsecurity.
7. Streamlining the process of aggregating DMARC reports for data-driven decision making is essential in lead generation. By understanding these reports, businesses can safeguard their expensive marketing campaigns from being unfairly diverted to users' spam folders.
8. Aside from its role in cybersecurity, the implementation of DMARC can also help protect the organization's finance, notably providing a shield for sensitive lead generation efforts and preserving the firm's hard-earned brand reputation in technology-driven business environments.

Read also: