DMARC blocks spam and phishing emails sent from spoofed domains, and it's vastly underutilized, a new report says.

Dark Reading Staff, Dark Reading

March 23, 2023

1 Min Read
concept image of spam emails in an inbox
Source: Feng Yu via Alamy

Just 1.2% of a group of nearly 10 million verified .org domains analyzed have adopted Domain-based Message Authentication, Reporting, and Conformance (DMARC) security standards, which automatically flag and report emails suspected to be sent from an impersonated domain.

New analysis from EasyDMARC added that even while the DMARC email security standard adoption rate swelled among the top-100 US nonprofit organizations to 20%, of the overall number of domains using DMARC, 45.6% were misconfigured.

“Impersonating email domains is one of the main tools used in successful phishing, spoofing, and ransomware attacks," Gerasim Hovhannisyan, EasyDMARC CEO and co-founder said about the findings. "That's why it's so worrying to see our research indicate that only 1.2% of global nonprofits have implemented domain authentication via DMARC, which remains the best way to curb this threat."

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights