Recently, members of the Brown County Homebuilders Association were targeted by a phishing scam. Cybercriminals emailed renewal notices with the BCHBA name and logo and attempted to collect membership dues and sensitive information. This scam highlights the need for tighter email security records. As a courtesy to BCHBA members, Packerland Websites partnered with Green Bay Tech Support to check member emails on the BCHBA website directory. We found out that many companies were missing email security records and authentication that left them vulnerable to scams and cyberattacks.
The Vulnerability of Weak Email Security
Cybercriminals target businesses with nonexistent or weak emails security protections, viewing them as easy targets. Plus, cybercriminals target other businesses by impersonating their company in emails, like the BCHBA example. As small business owners responsible for email security, it’s important to have the proper email records, not just for sending emails, but also to safeguard your email communication.
Understanding Email Security
Let me help you understand email security, using as little tech jargon as possible. First, it helps to understand DNS, domain name systems. Think of DNS as the internet’s phonebook. While we remember domain names like Google.com, computers use IP addresses to locate other devices on the Internet. DNS translates these domain names into IP addresses, enabling computers to connect with each other.
Key Email Security Records
SPF records (Sender Policy Framework): SPF is a DNS record that specifies which mail servers are permitted to send email on behalf of your domain. When an email is received, the recipient email servers look to this record to verify if the sending server is authorized – and not spam.
DKIM records (Domain Keys Identified Mail): DKIM adds a digital signature to each outgoing email linked to your domain. This signature helps recipient email services verify that the email is authentic, trusted, and comes from your domain. DKIM helps prevent email fraud, like phishing.
DMARC records (Domain-Based Message Authentication, Reporting, And Conformance): DMARC is a group of policies that tells email servers what to do with emails that fail SPF and DKIM checks. Not in the SPF record? Reject it. No DKIM signature? Reject it. BOOM!
Email Security Shift for Businesses
Recently, Google and Yahoo enhanced their security regarding bulk email communications. (Read our related article, Ensuring Email Deliverability Amid Tight Anti-Spam Policies.) Businesses that are not DMARC compliant eventually will have their emails rejected from delivery. If your company has not been impacted yet, it will be at some point.
Safeguard Your Business from Email Scams
Protecting your email from cyberattack and keeping communication flowing can seem overwhelming. Many small businesses struggle to set up DMARC, DKIM, and SPF for themselves. But don’t just ignore email security because it’s too difficult to understand! Instead, contact your IT provider or Green Bay Tech Support. IT providers can fix the issues before your emails stop getting delivered or your business falls victim to scammers.
Green Bay Tech Support’s Discount
Green Bay Tech Support will offer a 10-15% discount on DMARC implementation services for Brown County Homebuilders Association members. For more information, watch Green Bay Tech Support’s Email Security Video. Contact Dan at Green Bay Tech Support today, 920-770-4125.