Return Path Helps Retail Giant Cut Suspicious Email by 99%

The retail/service industry was the most-targeted by phishing attacks in the fourth quarter of 2014, according to APWG, with payment services close behind.

Implementing a DMARC (Domain-based Message Authentication, Reporting & Conformance) record can be a game-changing step for these heavily attacked retail companies, as this story from a large US retailer Return Path client proves.

In 2014, this company suffered from a major email security problem. Its main sending domain was hijacked to send more than 600,000 suspicious messages (either spam or phishing) per week. Cybercriminals were using this well-known and historic brand name to steal credit card numbers, passwords, and other private information from customers.

But the brand didn’t have a policy in place to identify and block these threats. In addition, large numbers of their legitimate emails weren’t getting through because of sub-optimal authentication protocols.

The DMARC solution

To reduce the fraud associated with this brand’s main sending domains, Return Path helped implement the email authentication standard DMARC.

DMARC ensures that legitimate email is properly authenticating against established DKIM and SPF standards, and that fraudulent activity appearing to come from domains under the organization’s control (active email domains, non-sending domains, and defensively registered domains) is blocked.

In partnership with the world’s largest consumer mailbox providers, Return Path interprets regular authentication reports to reveal what email is authenticating, what email is not, and why.

Thanks to Return Path, this retail giant gained full visibility into its email ecosystem, and can now block email attacks purporting to be legitimate before they reach the inbox.


The DMARC policy yielded profound results:

  • The amount of suspicious messages per week from the main sending domain dropped from 600,000 messages to 42,800—a decrease of 92.8%.
  • The amount of suspicious messages per week coming from a secondary sending domain dropped 95.6%—from 345,000 suspicious messages per week to just 15,000.
  • Thanks to Return Path, this company saw a 98.99% drop in suspicious email volume across all main sending domains.
  • Overall, the brand has experienced a 73% drop in authentication failures of legitimate mail across all domains, giving their marketing, transactional and customer support emails the best possible chance of being delivered.

Want to hear more customer success stories from Return Path? Click here.

minute read

Popular stories



BriteVerify email verification ensures that an email address actually exists in real-time


The #1 global data quality tool used by thousands of Salesforce admins


Insights and deliverability guidance from the only all-in-one email marketing solution

GridBuddy Cloud

Transform how you interact with your data through the versatility of grids.

Return Path

World-class deliverability applications to optimize email marketing programs

Trust Assessments

A revolutionary new solution for assessing Salesforce data quality


Validity for Email

Increase inbox placement and maximize subscriber reach with clean and actionable data

Validity for Data Management

Simplify data management with solutions that improve data quality and increase CRM adoption

Validity for Sales Productivity

Give your sales team back hours per day with tools designed to increase productivity and mitigate pipeline risks in real-time