India’s trade faces a security threat as email fraud cases target more and more exporters. In this blog, we will look at the instructions issued by the Ministry of Foreign Affairs, which stress the importance of SPF DKIM protocols and DMARC for stricter email authentication.  

The Advisory Stressing the Importance of SPF DKIM protocols

The Directorate General of Foreign Trade (DGFT) has grown worried enough to publicize a security protocol advisory to all Export Promotion Councils, all members of the trade, and all Regional Authorities of DGFT. Here is the advisory.

To

All Export Promotion Councils,

All members of the trade,

All RAs of DGFT

Sub: Cyber fraud complaints from Indian Exporters – Trade Advisory -reg

Ministry of External Affairs has informed that email spoofing/phishing cyber

frauds are causing increased bilateral trade disputes. Though this is registered as a

cybercrime in the respective jurisdictions of the country, the authorities cannot do much

to reverse the transaction. The victims end up being Indian exporters who having

supplied the goods. They neither have the goods in their possession nor have received

the payment.

1. The matter was examined and such problems can be largely resolved by

implementing security protocols such as Sender Policy Framework (SPF), Domain Keys

Identified Mail (DKIM) and Domain-based Message Authentication, Reporting &

Conformance (DMARC). SPF DKIM, and DMARC are protocols for standard email

signatures which meet various safety issues and all three must be implemented in order

to ensure the best possible deliverability. All three prove that the sender is legitimate,

that their identity has not been compromised and that they’re not sending email on

behalf of someone else. They are all based on the Domain Name System (DNS) of the

domain.

2. SPF protocol based on the DNS of the domain name, certifies that the

issuing IP has the right to send emails. This protocol is used to prevent fraudulent use

of the domain name and prevents phishing attacks. It specifies which IP addresses

and/or servers are allowed to send email “from” that particular domain. It lets the

recipient know who has sent the communication.

3. DKIM is a cryptographic protocol based on the use of public keys that are

published in the DNS. It ensures that the content of emails remains trusted and have

not been tampered with or compromised and the headers of the message have not

changed and that the sender of the email actually owns the domain that has the DKIM record attached to it. The protocol allows the sender to sign the email with the domain

name. The recipient of your email will then be sure that the email has been sent by the

sender and has not been altered during transmission. This protocol is particularly

effective against “man in the middle” attacks.

4. DMARC provides indications in case there is an attack, ties the first two

protocols (SKM and DKIM) together with a consistent set of policies. It is possible to be

notified if someone tries to steal the identity of the sender. It verifies that a sender’s

email messages are protected by both SPF and DKIM. It also tells the receiving mail

server what to do if neither of those authentication methods passes, and provides a way

for the receiving server to report back to the sender about messages that pass and/or

fail the DMARC evaluation.

5. It is also suggested that better password practices be followed on both the

sender’s and the receivers’ email IDs and to avoid this completely, exporters may like to

confirm bank details by another channel such as a secure voice line.

6. EPCs/Traders are advised to take all precautionary measures to protect their

payments from cyber frauds.

7. RAs are advised to inform trade as part of the outreach exercise.
8. This issues with the approval of the Competent Authority.

 

The takeaway from this scenario for other organizations like yours is to implement adequate email security protocols to prevent such phishing / domain spoofing attacks which cause huge damage.  Implementing DMARC is crucial for authenticating both inbound and outbound emails. Along with the importance of SPF / DKIM protocols, also consider the effectiveness of DMARC. Together, these 3 email authentication protocols verify the validity of emails by aligning all the addresses of an email (in the email headers as well as the mail-from addresses).

For more details on SPF / DKIM protocols, view our DMARC basics resources.

Check SPF/ DKIM and DMARC status for your outbound mail with our FREE DMARC monitor tool.