Mimecast’s Best Nuggets from State of Email Live, Episode 7

minute read

Post Image

We got lucky, real lucky, this week. We hosted Bob Adams, cyber security specialist from Mimecast, on our latest iteration of State of Email Live, and he did not disappoint. After we asked Greg Kimball to update us on the common trends we saw in email over the last few months, Guy Hanson chatted with Bob on all things COVID-19 email. With him, he brought Mimecast’s most recent related data. Here’s a few highlights from the two research pieces, but don’t skimp out on watching the whole video, because the conversation was even better than the data (hard to believe, I know).

97% of respondents know about DMARC, yet only 28% have some form of DMARC enabled.

WHAT?! This is unbelievable to me, but he has receipts. It’s clear the email world knows DMARC exists, but with 49% of surveyed organizations predicting an uptick in spoofing and brand exploitation, it’s hard to believe so few senders are taking their email security seriously. It bears repeating: Proper email authentication is a must-have to protect not only your brand from bad actors, but your recipients who could be fooled as well.

Malicious activity is getting smarter and more difficult to detect.

Bob reminded us threats don’t truly go away, they simply evolve. This is evident in some of the examples he shared in which the indicators of inauthentic activity were extremely hard to decipher. For instance, an email sent from “Mirnecast” which, when looking closely, clearly is Mimecast but with an “r-n” rather than “m.” But would that be as clear in a smaller font on a mobile device, or those with impaired vision, or any other number of variables? Another example saw a legit-looking link from “m.facebook.com” but as you read further down the URL, the malicious giveaway was tucked into the URL way beyond the characters displayed on the screen.

Bad actors are using symbols to replace letters.

You got an email from the Apple Store…or did you? I’ll drop the image here to make the case:

These two points combine to teach senders (and recipients) a very important lesson. Stay vigilant. Your brand is at risk of being manipulated in new and disturbing ways, so if you aren’t using DMARC or any other email authentication protocols, you’re playing a dangerous game.

Bob is the true pro on this, though, so do yourself a favor and watch the full webinar available below. And if you like what you see, you’ll want to register for our next State of Email Live on July 8, featuring Chris Arrendale of Trendline Interactive. Chris is a certified #emailgeek and author of Deliverability Inferno, and if you have any questions about email deliverability, he’s the guy to ask. Seize your chance and register now.