DKIM (DomainKeys Identified Mail) is an email authentication tool that verifies messages are sent from a legitimate user’s email address. It’s designed to prevent email forgery and spoofing; essentially phishing. DKIM works by attaching a digital signature to the header of an email message. The header is generated by the sender’s email domain with each domain owning its own unique header. The receiving mail system analyzes the header against a public key stored in the sending server’s DNS record to confirm the authenticity of the message. Authentic messages are accepted while others are rejected.
Additional Reading: Setting Up DMARC and DKIM – CyberHoot
What does this mean for an SMB?
SMBs should have DMARC and DKIM set and enabled (alongside SPF records) to help avoid malware and phishing attacks from landing in user inboxes. When all three are setup, you protect not only your own users, but your client’s users from fake messages sent from your domain as well. You are helping to protect your clients from impersonation attacks claiming to be you!
Here are some additional actions you can take to improve your security program and reduce the chances of becoming a victim:
- Setup SPF, DKIM, and DMARC records to block the receipt of emails masquerading as your domain name.
- Train your employees on how to spot, avoid, and delete phishing attacks.
- Test your employees with Phish Testing attacks; re-train those that fail your tests.
- Purchase and train your employees on how to use a Password Manager. If you visit a phishing website and try to enter your password credentials using a Password Manager, you will NOT be able to.
