62% of phishing emails can bypass DMARC verification checks

Image via Unsplash

A report by Darktrace analyzed 17.8 million phishing emails and found 62% were able to pass verification checks for domain-based message authentication, reporting and conformance (DMARC). Over a third of these emails also avoided detection by major email providers. 56% bypassed all existing security measures.

The report emphasizes how malicious actors are leveraging sophisticated tactics, techniques and procedures (TTPs) in order to bypass traditional security methods. malicious actors were observed exploiting legitimate third-party sites and services in order to blend in with normal traffic. According to the report, there has also been an increase in the deployment of covert command and control mechanisms. This includes remote monitoring and management (RMM) devices, tunneling and proxy services.

From January 2024 to June 2024, the report recorded the most common threats observed:

Malware for information theft (29% of initial triaged investigations)
Trojans (15%)
Remote access trojans (12%)
Botnets (6%)
Loaders (6%)

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.