With the emergence of the Covid-19 pandemic, many brands have been challenged to adapt in a short period to the changed reality and new consumer attitudes. That meant reorganizing their distribution channels, thus moving all (or a large part) of their business online. This, in turn, has resulted in phishing becoming one of the most common forms of cybercrime.
Today it goes beyond fake websites only – although we mainly hear about them in the context of recent attempts to impersonate the biggest Polish banks. Phishing is also a practice of sending fraudulent emails under the guise of recognizable and reputable brands. This aim is to persuade recipients to share personal information, such as user passwords or bank details – e.g., credit card numbers.
The simplest example of an attempted scam is the well-known messages asking for an urgent transfer as a necessary payment to receive an inheritance from a foreign prince. Most of us will probably smile politely and say that we would never fall for this type of scam.
However, it is important to be aware that current forms of phishing are more advanced, far better prepared, and more difficult to detect – many imitate 1:1 communication of real brands, which makes it so easy to fall victim to them.
Gone are the days when it was enough to look at the content of a message to recognize at first glance a fraud attempt due to a poorly prepared email with “scattered” HTML elements.
One solution for reducing the risk of becoming a victim of phishing scams is implementing authentication protocols and BIMI – an emerging email specification that allows you to verify the authenticity of an email sender.
Below, we explore this and other ways you can use for anti-phishing shield in greater detail.
An email address is one of the easiest pieces of information to find out about another person online. Everyone has used it many times to subscribe to a newsletter, create an account on a website, complete an online purchase or send a resume.
Along with the coming into force of the GDPR, we have acquired many rights to know how someone came into possession of our data and how it is processed, giving us more control over its use. However, not everyone is aware that due to various hacking attacks, databases can be stolen and, once leaked, illegally sold.
The Darknet is full of offers concerning the sale of confidential information that comes from hacks into IT systems. It is a good practice to check from time to time whether your email address was involved in the security incident and the disclosure of data. For instance, you can do this via the Have I Been Pwned website.
Have I Been Pwned allows you to search through multiple data breaches to see if your email address has been compromised.
What should you do if you have already received a suspicious email? There are several things you need to check to see if the message you have received is a fraudulent attempt:
Sign of a scam: bad grammar and misspelled words
A more advanced method of verifying the credibility of a received email is to check its headers, which allows it to confirm the real sender of the message and assess whether it is properly authenticated via SPF, DKIM, and DMARC.
Mailboxes often automatically move messages that fail validation of the above email authentication protocols to the spam folder, but many still end up in other tabs due to their less restrictive policy settings.
It’s important to note that until now, DMARC was the highest level of domain security – the only one that (thanks to its reporting feature) allowed us to verify who else was sending messages via our domain, thus alerting us to fraud attempts.
However, nowadays, very similar domain names are often used to impersonate the sender – a change of letters or replacement of one of them with another sign makes it more challenging to distinguish them at first glance.
Many brands have set their sights on helping an “average” recipient differentiate real email messages from fake ones. Very interesting articles, podcasts, or webinars are created for this purpose as well. Unfortunately, despite the energy and involvement in educational campaigns, information about phishing reaches only a narrow group of recipients.
The e-commerce industry has been waiting for a long time for a solution that would enable the recognition of a trusted, verified sender who has properly secured his domain at first glance. After all, not every recipient reads the detailed information contained in the header.
The answer to this need is BIMI.
BIMI stands for Brand Indicators for Message Identification, which describes a new security standard that allows sender logos, i.e., a brand’s logo, to be displayed in emails within supporting email clients.
The aim of this solution is twofold: on the one hand, it is meant to protect users from phishing attempts, and on the other hand, it allows legitimate brands to confirm their identity.
At the moment, several major mailbox providers support BIMI: Gmail (which requires an additional verified mark certificate, or VMC), Fastmail, and Yahoo! Several other email providers have expressed their willingness to join the program soon and, considering the predictions of marketers and trends described by them for 2022, it has a chance to become an extremely popular standard.
Admittedly, there are other ways to add a logo, such as our native Boost from Interia, the logo in Google Workspace (formerly G Suite), the Avatar in the Postmaster Mail.ru tool, and Bing for Microsoft. However, these are solutions that can be changed or withdrawn at any time, and, above all – they do not provide any confirmation of the implementation of security and possession of relevant rights (like Trademark) to a given brand logo.
It is also worth noting that BIMI ensures control over the use of our registered trademark and the appearance of the brand logos in a place where we did not quite have control before – in the mailbox, directly next to the name of the sender.
The standard allows you to verify the authenticity of the sender in two ways:
And speaking of brand recognition – initial research in foreign markets indicates that recipients are much more likely to open those messages that have the sender’s logo highlighted, as they are more likely to trust them.
The process of implementing BIMI is very simple, provided that we have access to the DNS management console. You need to create a special BIMI TXT record in DNS containing the URL address of the image logo file and, optionally, a VMC URL. This entry should be published in the Organizational Domain.
The file type must be saved as a version of the Scaled Vector Graphic (SVG) format. The logo should also be properly scaled and should have a solid background (rather than transparent). The recommended size of the file should not exceed 32 kilobytes, but it can also be significantly smaller.
You can also use an online BIMI record generator to simplify this process.
It is worth noting that to make BIMI work, the domain name must be properly authenticated with SPF, DKIM, and DMARC. Otherwise, BIMI implementation will fail.
When it comes to DMARC, it is necessary to set an enforcement policy (quarantine or reject), which defines what to do in case an email fails both SPF and DKIM checks. Many senders still use a none policy (that will not affect email delivery but will still provide DMARC reports) or do not set it at all.
Considering how easy it is for fraudsters to find and exploit email addresses, appropriate precautions should be taken in order to make your customers feel safe opening our messages. After all, it’s the only effective way to maintain an ongoing relationship with them.
By choosing to implement BIMI, you are signaling that you care about the safety of your recipients and being proactive by providing the highest standard of security to make it effortless to identify the safe sender. There is no need to further educate customers on this issue – instead of podcasts, webinars, or articles that don’t always reach the “average” recipient, you simply point out the authenticated messages with verified, brand-controlled logos.
Notably, such practices can effectively discourage potential fraudsters from trying to impersonate your brand while boosting the sender’s reputation. Now, it will be easy to distinguish emails that are fully protected with a displayed logo from fraudulent ones – i.e., without BIMI implemented. There’s also the added benefit of a higher Open Rate, so you can count on increased conversions.
EmailLabs specialists will be happy to assist you in its implementation, so the whole process is quick and efficient. Do you have any questions? Please contact our Support Team.
Email Authentication, Security
DMARC is an email authentication protocol that is designed to give domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing. Spoofing occurs...
Cybercriminals are thriving in their attacks, using communication channels such as sms, push and email. Day by day, attacks aimed at obtaining sensitive information related to these channels are...
The Council of Ministers, Republic of Poland, has adopted the draft of the Act on combating abuses in electronic communication. Proposed solutions should combat the most popular forms of...
With the emergence of the Covid-19 pandemic, many brands have been challenged to adapt in a short period to the changed reality and new consumer attitudes. That meant reorganizing...
How Apple Mail privacy updates affect email open rates? Although the new privacy policy for Apple users was already introduced in September 2021 (with the launch of iOS 15...
Google has announced the release of a new feature to help users differentiate messages from verified senders from those trying to impersonate them. Google Workspace users and Gmail owners...
Although the term “return path” might seem self-explanatory, many companies aren’t familiar with the process it denotes. Simply put, the return path is a hidden header that indicates where the...