The company has analyzed the websites of Republican and Democrat candidates and found that most of them allow malicious actors to send out emails impersonating their campaigns. The study also found that a majority of them have failed to deploy advanced email security solutions, relying almost exclusively on the security features provided by service providers such as Microsoft and Google.
An analysis of all the campaign email domains showed that only 1% have fully implemented DMARC and only 8% of the top candidates — the 12 candidates with polling averages above 1% — have done so.
DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication, policy, and reporting protocol designed to detect and prevent email spoofing. Organizations can set the DMARC policy to “none” to only monitor unauthenticated emails, “quarantine” to send them to the spam or junk folder, or “reject” to completely block their delivery.
Leave a reply