Three Top Recommendations from Gartner's Latest Phishing Report

Phishing attacks are on the rise. In the first quarter of 2016, the Anti-Phishing Working Group (APWG) observed more phishing attacks than at any other time in history.

Gartner explores some possible reasons for this spike in their latest report on email fraud Fighting Phishing: Protect Your Brand. They suggest that it’s not that companies are doing anything to fight email fraud—it’s that their defenses are limited.

Most enterprises focus on behavioral management of employees. But the scope of phishing is much broader. Cybercriminals target customers and employees with highly sophisticated attacks that spoof both a company’s owned sending domains and spoof the brand in other ways. Companies can no longer solely rely on customers or employees to be their first line of defense against email phishing attacks.

Below we examine three top recommendations from Gartner on how to mitigate phishing risks across internal and external environments.

1. Strengthen anti-phishing efforts by monitoring and reporting all active phishing attacks, both internal and external.
While monitoring for spear phishing emails targeting the enterprise is crucial, phishing attacks leveraging the brand are far broader than internal attacks alone. That’s why it’s important to monitor and report phishing attacks beyond your perimeter.

The technology required to scan, analyze, classify, and escalate messaging activity at this scale is beyond the capability of most enterprises. Working with a partner to identify and mitigate the full scope of phishing messages is the best way to defend your company.

2. Implement email authentication.
Email is inherently insecure. The Simple Mail Transfer Protocol (SMTP) was not designed to verify the integrity of senders. That’s why companies must implement the email authentication protocols SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication Reporting and Conformance) on all of their domains. With strong email authentication, organizations can lock down their domains and prevent cybercriminals from stealing their corporate identities. As email receivers—including Gmail, Outlook, and Yahoo! Mail—build more robust filtering capabilities, email authentication will also become essential to the deliverability of legitimate messages.

3. Monitor all brand mentions, including “look-alike” domain names.
While email authentication is critical to securing your owned domains, it does not provide total protection for your email channel. Attackers often spoof a brand in other ways, including manipulating the Display Name, using a “look-alike” domain (which mimics the sending domain of the brand), implementing company branding, and more. To mitigate these brand spoofing risks, enterprises need to work with a partner to carefully monitor all mentions of their brand within the email channel and report any malicious URLs to their takedown vendor immediately.

Return Path was honored to be mentioned in this report as the only vendor to help companies address all three of these recommendations. Want to learn how we do it? Request a free demo of our Email Fraud Protection solution.

minute read

Popular stories



BriteVerify email verification ensures that an email address actually exists in real-time


The #1 global data quality tool used by thousands of Salesforce admins


Insights and deliverability guidance from the only all-in-one email marketing solution

GridBuddy Cloud

Transform how you interact with your data through the versatility of grids.

Return Path

World-class deliverability applications to optimize email marketing programs

Trust Assessments

A revolutionary new solution for assessing Salesforce data quality


Validity for Email

Increase inbox placement and maximize subscriber reach with clean and actionable data

Validity for Data Management

Simplify data management with solutions that improve data quality and increase CRM adoption

Validity for Sales Productivity

Give your sales team back hours per day with tools designed to increase productivity and mitigate pipeline risks in real-time