Why are abuse attempts on the rise? Because, at the moment, the recipients are more vulnerable. Let's look at the steps companies can take and the benefits of DKIM, DMARC and, in the future, BIMI. Cybercriminals are always trying to exploit difficult times to pass on their frauds , whether phishing , scams , or other types of abuse. The weeks we have experienced are indeed no exception. What is the basis of this "momentum" of cybercriminals? They hope that the inbound filter will loosen over these weeks, which is an unfounded assumption, and that recipients will become more vulnerable and inclined to interact with communications in their inbox. This second hypothesis is indeed justified, as our previous blog post shows. There, we reported how March open rates and clicks were significantly higher than averages for the rest of the year.
We have always been at the forefront of combating all manner of email abuse by adding to the discussion and doing everything in our power to prevent the spread of fraudulent communications. Today we want to give you a better idea of what phishing attempts look like, as well as some pointers on how to fight cybercrime . MailUp has built strong, global E-Commerce Photo Editing Service relationships with ISPs and blacklists over the years. We all constantly share information on policies, practices and issues. Anyone wishing to help MailUp provide a better service or collaborate is welcome. Please email us at firstname.lastname@example.org . Phishing cases reported during the current emergency We have become aware of numerous abuse attempts, even if they did not affect the MailUp infrastructure. These can be grouped into two macro categories : 1. Phishing attempts disguised as corporate communications .
You will find several examples of such attempts in this article. 2. Malware transmitted through a site similar to the Johns Hopkins University infection map. Our friends at SpamHaus have summarized the general situation in this blog post. Best practices to defend against phishing While recognizing that phishing cannot be completely solved, let's take a look at some best practices that can discourage (or even prevent ) this type of problem: Always try to make your brand identity recognizable in the messages you send. This may sound trivial but it is not: Phishers, even if they try to replicate your logo, can never 100% copy all the details that are part of your digital identity. Do not use "look- alike" or "cousin" domains in your official communications. If recipients can expect communications from domains such as "brandname-email.com", then they might mistakenly consider legitimate domains that are not.