A: DMARC is an email authentication protocol that allows email domain owners to specify which mechanisms they use to authenticate their email messages and how mail servers receiving messages from their domain should handle authentication failures. DMARC is intended to help combat email fraud and phishing attacks by allowing email recipients to determine whether or not an email message claiming to come from a specific domain is actually from that domain. It functions by allowing domain owners to publish policies that instruct receiving email servers on how to handle messages that fail authentication checks.

A: DKIM is an open standard for email authentication that is used for DMARC alignment. A DKIM record exists in the DNS.

A: SPF records are a type of DNS TXT record commonly used for email authentication. SPF records include a list of IP addresses and domains authorized to send emails from that domain.

A: A typical DMARC record contains at least three important components (or tag-value pairs). Consider this sample DMARC record: v=DMARC1 p=reject rua=mailto:dmarc@yourdomain.com Here, we have three tags:v,p, and rua which have the values DMARC1, reject, and mailto:dmarc@yourdomain.com. Thevtag specifies the version of DMARC Theptag is the policy (or the action to perform if email fails DMARC checks) Theruatag is the email address where DMARC reports will be sent. This could be your hosting company's email address, your registrar's email address, or your own.

A: Domain spoofing is when cyber criminals fake a website name or email domain to try to fool users. The goal of domain spoofing is to trick a user into interacting with a malicious email or a phishing website as if it were legitimate. Domain spoofing is like a con artist who shows someone fake credentials to gain their trust before taking advantage of them.

A: “Phishing” refers to an attempt to steal sensitive information, typically in the form of usernames, passwords, credit card numbers, bank account information or other important data in order to utilize or sell the stolen information. By masquerading as a reputable source with an enticing request, an attacker lures in the victim in order to trick them, similarly to how a fisherman uses bait to catch a fish.

A: Phishing attacks typically occur viaemailor instant message, and can be broken down into a few general categories. It's useful to become familiar with a few of these different vectors of phishing attacks in order to spot them in the wild.

A: Business email compromise (or. BEC) isa form of phishing attack where a criminal attempts to trick a senior executive (or budget holder) into transferring funds, or revealing sensitive information.

A: MTA-STS, which stands for Mail Transfer Agent Strict Transport Security, is an email standard that secures inbound email and prevents attackers from exploiting a weakness in standard SMTP security.

A: Transport Layer Security, or TLS, is a widely adopted securityprotocoldesigned to facilitate privacy and data security for communications over the Internet. A primary use case of TLS is encrypting the communication between web applications and servers, such as web browsers loading a website. TLS can also be used to encrypt other communications such as email.

A: Brand Indicators for Message Identification, or BIMI (pronouncedbih-mee), is an email specification that enables email inboxes to display a brand's logo next to the brand's authenticated email messages. BIMIaims to give trusted senders control over how their brand is represented in messaging services. For participating mailbox providers like Yahoo or Gmail that means BIMI adopters will have the logo they choose displayed in their recipients' inboxes.