DKIM (DomainKeys Identified Mail) is an email authentication tool that verifies messages are sent from a legitimate user’s email address. It’s designed to prevent email forgery and spoofing; essentially phishing. DKIM works by attaching a digital signature to the header of an email message. The header is generated by the sender’s email domain with each domain owning its own unique header. The receiving mail system analyzes the header against a public key stored in the sending server’s DNS record to confirm the authenticity of the message. Authentic messages are accepted while others are rejected.
Additional Reading: Setting Up DMARC and DKIM – CyberHoot
Related Terms: DMARC, DNS, Phishing
SMBs should have DMARC and DKIM set and enabled (alongside SPF records) to help avoid malware and phishing attacks from landing in user inboxes. When all three are setup, you protect not only your own users, but your client’s users from fake messages sent from your domain as well. You are helping to protect your clients from impersonation attacks claiming to be you! Here are some additional actions you can take to improve your security program and reduce the chances of becoming a victim:
Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.
Researchers went looking for a fake photo upscaler and found something stranger: a ransomware kit an AI model...
Read more
For four years, CyberHoot has argued the same thing on its blog: passwords are major weak link. They get reused,...
Read more
The 2026 FIFA World Cup kicked off on June 11th across the United States, Canada, and Mexico. Six million fans...
Read moreGet sharper eyes on human risks, with the positive approach that beats traditional phish testing.
