“DMARC is a very effective way of stopping phishing and impersonation attacks, but is very difficult to configure, especially in complex organizations and domains,” O’Brien says. “This is why it is relatively low percentage in terms of successful use.”
According to GreatHorn’s study, just 7% of emails for which DMARC was configured passed the test. And DMARC was enabled for just 21% of all the emails configured.
SPF is the least restrictive of the three standards that checks whether the recipient’s email domain allows mail from the source IP address of the email. In the study, 20% of the records failed, and 75% had it enabled.
DKIM is more restrictive than SPG in that it cryptographically signs email to ensure that it's from whom it claims to be from, and that it has not been modified in transit. The study says 8% of emails with SPF enabled failed the test, and 53% had it enabled.
“It's challenging to implement any of these (let alone all three) correctly for every email you or your company sends, and consequently, you cannot assume that other companies will get it right,” O’Brien says. “This is why we say it can be difficult to rely on them for protecting against inbound spear phishing attacks.”
Sign up for CIO Asia eNewsletters.