DMARC Results
We’ve developed a tool that evaluates your organisation’s vulnerability to email-based threats such as impersonation, phishing, and spoofing. It provides a risk score, highlighting how your domain impacts your overall cybersecurity posture.
Domain ratings explained
Impersonation Rating
Your Impersonation Rating indicates the risk of your domain being targeted in impersonation attacks. The domain checker examines your DNS settings to ensure they are properly configured to protect against these types of attacks.
Branding Rating
Your Branding Rating assesses whether your organisation’s domain branding is properly set up, specifically by checking your BIMI record.
Privacy Rating
Your Privacy Rating evaluates whether your mail server providers are configured correctly to ensure they receive TLS-secured SMTP connections. This rating shows how well your emails are protected from interception or alteration by cybercriminals.
Understanding your impersonation rating
Low Score <3
A low score suggests your brand is vulnerable to email spoofing, which can lead to phishing attacks and fraud. This puts your staff, customers, and partners at risk, damaging trust and potentially harming your organisation’s reputation.
Medium Score 4/5
Your domain is almost fully secure but still needs a final tweak. Without it, attackers may still spoof your domain, and some genuine emails might land in Spam or Junk folders, affecting communication and reliability.
High Score 5/5
Great job! Your domain is well-protected, with a very low risk of being used in fraudulent emails. A score of 5 means you are fully DMARC compliant, safeguarding your organisation against phishing and impersonation threats.
What are the risks of a low score? (0-4)
Reputational Damage
Fraudulent use of your brand name in email attacks can severely impact trust with your stakeholders, damaging your reputation. This loss of trust can result in a decrease in customer and partner confidence, ultimately reducing business opportunities.
Financial loss
Email-based attacks can trick recipients into disclosing sensitive information, leading to unauthorized transactions or financial fraud. Additionally, the costs of dealing with such attacks—like legal fees, compensation, and extra security measures—can be significant.
Data breaches
Without DMARC protection, your organisation is more vulnerable to email-based attacks where sensitive data can be stolen, exposed, or compromised. This can lead to serious legal and financial consequences due to the breach of personal information or intellectual property.
Operational disruption
Lacking proper email authentication can result in emails being sent to Spam or Junk folders, interrupting communication and missing key business opportunities. A successful impersonation attack can also cause downtime while you work to resolve the situation, restore data, and improve security measures.
Compliance penalties
Regulatory bodies such as Google, Yahoo, PCI DSS, GDPR, and the FCA recommend organisations to implement strong email security protocols like DMARC. In some cases, DMARC compliance is mandatory. Failing to meet these requirements could lead to legal actions and financial penalties.