mBank was the first bank in our country to declare war on cybercriminals’ activities and implement sender authentication in the most popular mailboxes used by their customers.
These solutions help visually distinguish genuine from forged correspondence. Both Polish (including Interia, Onet, WP/O2) and global (including Gmail) mail providers enable advanced sender authentication solutions.
Their proper implementation is rewarded by displaying distinctive graphics (a green shield), or the brand’s logo, next to the sender’s name in the mailbox and inside each authenticated email. This type of verification also has an impact on the brand’s reputation and message deliverability, preventing emails from ending up in spam.
” The additional security implemented by mBank as part of the fight against phishing allows message recipients to verify whether the email actually comes from this particular bank. Added safeguard, which appears in the form of graphics, is certainly a great convenience for ordinary users, thanks to which they can more easily distinguish a malicious message from a legitimate one. One should keep in mind, however, that every security measure will sooner or later be broken/dominated by cybercriminals, which is why it’s so important to constantly improve our systems and make sure they have the ‘latest’ safety features.”
Michał Błaszczak, Pentester at EmailLabs
The mBank Group is using Emailabs to handle transaction emails sent to users of Paynow payment gateway. The CTO of mElements (From the mBank Group) shared his comments on the changes brought by the implementation of Email API:
“We chose Emailabs, i.a. due to our customers’ data security,” Sebastian Sztajnert said at the time.
Today mBank goes further by launching the latest available sender authentication solutions. Characters or graphic elements allow users to easily verify the validity of communications received in most popular mobile applications or browser versions (they will not be available for Thunderbird or Outlook users).
How did we achieve the highest level of security for data storage servers? Read mElement and EmailLabs’ Case Study.
Mailbox providers require senders to have basic authentication like SPF and DKIM, without which messages will not reach users. However, besides the general solutions available to all, senders are offered access to premium features.
In the first step, sender checks ISPs’ structure in his contact list. If the vast majority of them use: WP, O2, Interia, Onet, Gmail, Yahoo, in each case these providers’ mailboxes can be configured for additional sender security.
Have you noticed that next to some email senders on your inbox you can see the badge of a verified email address?
WP, O2 have a Trusted Sender standard, Onet has a Verified Sender service, Interia gives you the option to run a Safe Sender and have the logo appear in your inbox.
Gmail as well as Yahoo, and also Onet Mail recently, while by honoring the BIMI solution, with verified senders they display both on the mail listing and in the emails itself, notarized brand logos.
The mailbox providers are responsible for the sender’s technical authentication settings. By verifying their email communication activities, they have the right to reject enabling the service if these practices raise any concerns. Most additional solutions also come at an extra cost and require a series of steps. To facilitate these steps, you can use EmailLabs – all of them are available in a single agreement.
Authenticated senders like Verified Sender, Safe Sender, BIMI or S/MIME are proven solutions for the most recognizable brands, especially those operating in the banking, fintech, courier services, e-commerce, retail or advertising industries.
Gmail has announced significant changes in the requirements for email senders to maintain a good reputation and proper classification of messages in user inboxes starting from February 1, 2024....
Vercom S.A. public joint-stock company to which the EmailLabs project belongs, has been assessed and certified to be compliant with the ISO/IEC 27001 and ISO/IEC 27018 standards. The Vercoms’...
The increasing number of phishing attacks each year, and the projection that this trend will continue to escalate, aren’t likely to astonish anyone. This can be attributed, in part,...
In an effort to bolster email security and protect users from malicious messages, Google and Yahoo are set to implement stringent email authentication requirements beginning in 2024. Email marketing...