Best Practices for Protecting Your Small or Medium Size Business from Best Practices for Protecting Your Small or Medium | Page 6

Domain name spoofing protection
Any phishing solution you deploy should protect you and your customers from domain name
spoofing. The best way to do that is by sending cryptographically signed emails from an
authenticated email server.
There are few methods to authenticate email servers. These include DKIM (DomainKeys Identified
Mail) and SPF (Sender Policy Framework), often in conjunction with DMARC (Domain-based
Message Authentication, Reporting and Conformance).
Protect your customers. Authenticate your domains and send cryptographically-signed emails so
when they receive your message they’ll know it hasn’t been tampered with, which means they
cannot get phished by domains you control.
More than just checking the email
Checking the email is just the starting point
The starting point for any good anti-phishing technology is link click protection. Any time an email
contains an embedded link, it should be checked against multiple URL databases which contain
whitelisted and blacklisted websites. In the event a site is marked unsafe, users should be prompted
with a warning that they are going to an unsafe website and they should be prevented from opening
the malicious links.
In addition to link checking, the headers, the domain information and the body content should also
be scanned for inconsistencies. Suspicious messages and payloads should be quarantined as
spam, tagged or simply rejected before making it to the user’s inbox.
But checking the formatting and content of an email itself is just the starting point. Thorough
phishing prevention goes a step further and checks the linked-to website itself. That’s because a
link that shows up good could point to a malicious website.
Best Practices for Protecting Your Small or Medium
Size Business from Phishing
6