Brussels, 13 July 2023 – Cybermalveillance.gouv.fr (*) has published a new guide that makes the GCA’s resources available for implementing DMARC, an email authentication protocol, enabling the community to take action against phishing, business email compromise (BEC) and spam attacks. According to a study by Afnic (the Internet registry for .fr in France), less than 10% of domain names published in the .fr zone make full use of the Domain Name System (DNS) to ensure the authenticity of their e-mail messages.
“Implementing DMARC brings many benefits, not least of which is the ability to reconcile cybersecurity and marketing. By authenticating your email domains, you enable anti-spam software to identify an email as legitimate and thus block spoofing attempts. This increases confidence, improves the reputation of your domains and therefore the deliverability of your emails.
It is important to make organisations aware of this issue, as they may be liable for the damage caused to victims when an attacker usurps their identity if no DMARC protection has been put in place. The consequences can be serious, not only financially, but also in terms of image, through the loss of trust of customers, suppliers and other contacts.
It’s worth noting that many of our customers have achieved a significant improvement in their cyberscore, which can make it easier for them to obtain cyber insurance and even reduce their costs. DMARC will also be one of the rating criteria for the French ‘CyberScore’ law no. 2022-309 of 3 March 2022, which aims to introduce cybersecurity certification for digital platforms aimed at the general public,” said Jean-Raphael Houdin, Senior Technical Lead at Merox.
Phishing is a major threat in France, where cybersecurity authorities have witnessed numerous identity theft campaigns from health insurance and social security companies over the past year. So DMARC is not only important for private companies, but also for public bodies and municipalities, which can reduce the likelihood of their domains being used in phishing attacks, thereby protecting their reputation and the public. In some countries, such as Poland from February 2023, DMARC is even mandatory for public institutions.
But cybercriminals don’t stop at phishing campaigns. GCA regularly updates its cybersecurity toolkit for small businesses and has recently added various resources developed and deployed by Cybermalveillance.gouv.fr, covering critical topics such as passwords, antivirus, backups and patches. The latest Cybermalveillance.gouv.fr activity report clearly demonstrates the need to raise awareness among all Internet users of the importance of good cyber security practices. Cybermalveillance.gouv.fr is the French public service responsible for providing assistance to victims of cyber-malicious acts, raising awareness of cyber risks and good practice in preventing them, and monitoring and anticipating the digital threat in France. Its target groups are individuals, businesses, associations, local authorities and administrations.
“Cross-promoting the Cybermalveillance.gouv.fr resources and the Small Business Cybersecurity Toolkit allows us to better coordinate support for SMEs in France and provide them with free, tailored resources, because only by understanding the unique risks and challenges each community faces can we truly empower small businesses to protect their digital assets,” explains Kayle Giroud, Deputy Director of Development and Strategy at Global Cyber Alliance.
You can connect with the author on LinkedIn.
(*) Cybermalveillance.gouv.fr is an initiative of the French Government launched in 2017 to respond to the uprising number of cyber attacks in the country.