Home / Industry

The Hidden Secret About Your DNS Zones and Combatting Phishing Campaigns

Phishing and scam campaigns are one of the biggest challenges for businesses and organizations across the globe and continue to evade traditional security measures year after year. Some of the most effective campaigns use simple methods designed to use publicly available information from domains and domain name systems (DNS) that sit outside of the firewall. As DNS and zone management is one of the worst maintained cyber hygiene items for many organizations, it’s important to know the potential oversights that many organizations overlook so you can improve your organization’s security posture.

Spam Filter Limitations

Email security often relies on the use of spam filtering tools to identify and remove emails that seem suspicious or unsolicited. However, spam filtering is not always accurate and cybercriminals can use a variety of techniques to bypass spam filtering. And if cybercriminals can get a foothold on legitimate domains, spam filtering is essentially useless.

DMARC and Vulnerabilitie

As a best practice for combating email spoofing and phishing coming from legitimate domains, Domain-based Message Authentication, Reporting and Conformance (DMARC) is used to build upon email aligners of Sender Policy Framework (SPF) and Domain Key Identified Mail (DKIM) to add policy and reporting, which essentially provides organizations with intel on how their domains are being used for authentic messaging. Third-party marketing companies and organizations such as SendGrid, Postmark, Mailgun, etc. can provide additional email campaign benefits and typically recommend that organizations use DMARC. But sometimes this can make companies vulnerable to phishing campaigns, often with no complete solution on how to stay safe from phishing actors, e.g., HMRC phishing scam abuses mail service to bypass spam filters (bleepingcomputer.com).

Subdomain Monitoring Solution

Looking into the issue of phishing, and bad actors often targeting organizations through third-party marketers, CSC has developed a solution called Subdomain Monitoring that provides unique insight into how domains may be vulnerable from the authoritative hosting side to threats such as subdomain hijacking. Using Subdomain Monitoring, CSC can identify artifacts or remnants of resource records pointing to third-party marketers. This granular insight provides organizations with a unique opportunity to remove the stale records and review if their SPF, DKIM, or DMARC resource records include these third-party marketing firms.

Evolving Threat Vectors

As threat vectors continue to evolve, it’s imperative for organizations to review their security posture for public information that’s vital to establish their web presence and operations. As the domain registrar for many global businesses and organizations, CSC provides innovative solutions tailored to meet the security needs and principles that are required for staying safe on the internet today.

CSC Solution Demo: For more information on how your domains may be vulnerable to bad actors and phishing campaigns, please schedule a demonstration with CSC to review our Subdomain Monitoring solution.

By CSC, We are the business behind business

We help effectively manage, promote, and secure our clients’ valuable brand assets against the threats of the online world. Leading companies around the world choose CSC as their trusted partner to gain control of their digital assets, maximize their online potential, and increase online security against brand risks.

Visit Page

Filed Under

Comments

Commenting is not available in this channel entry.
CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

New TLDs

Sponsored byRadix

Brand Protection

Sponsored byCSC

Domain Names

Sponsored byVerisign

Cybersecurity

Sponsored byVerisign

DNS

Sponsored byDNIB.com

IPv4 Markets

Sponsored byIPv4.Global

Threat Intelligence

Sponsored byWhoisXML API