An ebook that will prepare you for the new email marketing decade, a study shows a slow decline in the rate of email spoofing through exact-domain impersonation and cybercriminals conducting BEC attacks by exploiting cloud-based email services costing U.S. businesses over $2 billion.
“A bad email reputation is like a hangover – hard to get rid of and it makes everything else hurt.” – Chris Marriott
In this article, we’ll cover the following email industry news:
- What does the future of email marketing – in 2020 and beyond – look like?
- [Report] Domain spoofing declines as protective measures grow
- Warning: Business Email Compromise (BEC) attacks – Office365 and G Suite
Ready to dive in?
Are You Ready For A New Email Decade?
Email marketing is constantly changing at quite a pace. With so many things to keep up with; from email strategy through to design, teams and the ever-changing email marketing technology; prioritising is not the easiest task for marketers. Especially, since things that matter now might not matter in 10 years time. So, our dear friends at Litmus together with email industry experts took a look at what the future holds for email in 2020; and beyond.
In the ebook, leading email experts share their vision and predictions about how some of the most essential elements of email marketing will change in the next decade. By getting a copy you will learn –
a) what is email’s role in the overall marketing mix;
b) the type of changes that are coming to email teams and the skills that will be in high demand in the years to come;
c) how email strategy will become more targeted and personalised;
d) why brands have no other choice but to make subscriber privacy a priority; and
e) why seamless integrations will be the most vital factor for the effective email tech stack of the future.
Are you interested in having a glimpse at email marketing’s future now? You can download your very own free copy of “The Future Of Email in 2020 and Beyond” here.
[Report] Domain Spoofing Declines As Protective Measures Grow
A new study from Valimail on DMARC usage and success found that spoof attempts drop to nearly zero “within a few months after that domain moves to DMARC enforcement.”
Nearly 80% of inboxes worldwide and almost all email providers use machine learning to analyse DMARC policies of incoming email, generally enforcing whatever policy was laid out by the owner of the domain.
A few key findings from the study –
a) nearly 1 million domains globally now have DMARC records;
b) 70% growth in DMARC records in the past year and 180% growth over two years;
c) only 13% of all DMARC records are configured with enforcement policies;
d) 23% of billion-dollar companies’ domains are using enforcement;
e) the U.S. remains the largest source of spoofed email by volume; and
f) domains without DMARC enforcement are spoofed at 93 times the rate of domains with it.
Another source states the number of valid DMARC policies observed in the DNS increased by roughly 300% over the course of 2019. The stats show that at the end of 2018 there were about 630,000 valid DMARC policies published. That number had exponentially increased by the end of 2019 to 1.89 million valid DMARC records confirmed via DNS.
Why should you care? Thousands of domain owners haven’t configured enforcement policies which dictate how recipient inboxes handle their incoming email. If your DMARC policies are not being enforced, inboxes could be rejecting your emails; or, quarantining them.
Learn more by downloading the full report here.
BEC Attacks Target Office 365 and G Suite Users
The US Federal Bureau of Investigation warned private industry partners of threat actors abusing Microsoft Office 365 and Google G Suite as part of Business Email Compromise (BEC) attacks.
According to the FBI, “the scams are initiated through specifically developed phish kits designed to mimic the cloud-based email services in order to compromise business email accounts and request or misdirect transfers of funds.”
Furthermore, the Bureau states that “between January 2014 and October 2019, the Internet Crime Complaint Center (IC3) received complaints totalling over $2.1 billion in actual losses from BEC scams targeting Microsoft Office 365 and Google G Suite.”
With billions of dollars being stolen from organisations through BEC scams, businesses should implement both human and technological element security measures to protect themselves.
“From a technology perspective, implementing verification of domains by using DMARC configuration in the mail server allows the organisation to request the domain to be checked for validation before allowing the email in the inbox,” stated James McQuiggan, security awareness advocate at security training firm KnowBe4 Inc. He also advised that “the Sender Policy Framework configuration in the mail server to authenticate the sender’s email address and finally using encryption of the headers prevents man-in-the-middle attacks with the DKIM or Domain Key Identified Mail.”
Overall, having a robust security awareness program that will educate employees to be aware of the red flags and spot fake emails is of vital importance. Thus, always check the email address and make sure the emails in your inbox are coming from people/businesses you know.
Do you have any suggestions or ideas what email industry news topics you’d like us to look out for in the future? Write your requests below. We’ll keep an eye out (or two) so you don’t have to – and all for FREE, of course.
In the meantime, you can take a look at our email marketing blog for useful email advice, tips and tricks. Last, but certainly not least, we’ll keep you up-to-date with the most recent social media news, search engine news, PPC & Ads news as well as other digital marketing news we found interesting.