HMRC Stopped 30,000 Phishing Emails With DMARC

HMRC has just completed a three-year project to improve its cybersecurity and prevent phishing emails.

HMRC has just completed a three-year project to improve its cybersecurity and prevent phishing emails. 

As one of the most phished brands in the world, the government organisation implemented ‘Domain-based Message Authentication, Reporting & Conformance’ (DMARC) to stop fraudulent and potentially damaging emails being sent to the British public.

HMRC purportedly struggles with around 500 million fraudulent emails per year. Often these emails appear legitimate, with subjects such as ‘Your 2016 Tax Report’. Spoof emails claiming to be from HMRC also commonly promise rebates or make threats about penalties. Provoking unfortunate victims into parting with sensitive bank details, by presenting themselves as legitimate HMRC employees, the cybercriminals behind these scams have attempted to extort money from around 50 million users, and reportedly made over £100 million in stolen funds to date.

DMARC technology is a proven way to block phishing attacks. For HMRC, this prevents malicious senders from impersonating its domain, a common method used for phishing attempts. DMARC can also detect unauthorised activity and request that suspect messages are blocked or discarded. So, it can identify spam and phishing messages, and make sure they never reach people’s inboxes. Whilst DMARC has not eradicated all phishing attempts, HMRC has managed to reduce the number of such emails by a whopping 300 million.

While HMRC was the first government agency to implement this protocol, in a bid to offer the British public the highest possible levels of protection, DMARC is now a requirement for all governmental digital services. Furthermore, as the sophistication of scammers increases, DMARC is set to become increasingly important across all sectors; not least the legal profession; with email a law firm’s biggest risk when it comes to cybercrime.

As such, Lawyer Checker – which provides technology and products to help protect lawyers and consumers – has recently added OnDMARC to its range of risk management products.

“More than 60% of all cybercrimes reported to us are email modification frauds”.

SRA Risk Outlook 2017/18

OnDMARC is a web-based service that allows firms to secure their email effectively by implementing DMARC through its online platform. Helping to protect staff and clients from receiving and falling victim to email modification fraud and preventing third-parties from impersonating your email address, OnDMARC will actively block phishing attacks and safeguard your firm.

Find out here how to get the support you need to implement OnDMARC confidently and quickly.

Register Here For Our DMARC Webinar

DMARC, Email Spoofing & How To Protect Yourself. Presented by Victoria Cope, 30th April 2.30pm - 3.00pm.

Register Now