SPF, DKIM, and DMARC Identity Checks on Domino (really). We know people needed this 10 years ago...
SPF (Sender Policy Framework) is an email authentication method designed to detect forged sender addresses during the delivery of the email. SPF detects a forged sender claim in the envelope of the email. Checking the FROM against SPF can be used to detect the forging of the visible sender in emails (i.e. email spoofing), a technique often used in phishing and email spam.
DKIM allows the receiver to check that an email claiming to have come from a specific domain was indeed authorized by the owner of that domain. It achieves this by affixing a digital signature, linked to a domain name, to each outgoing email message. The recipient system can verify this by looking up the sender's public key published in the DNS. A valid signature also guarantees that some parts of the email have not been modified since the signature was affixed.
DMARC extends two existing email authentication mechanisms, Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM). It allows the administrative owner of a domain to publish a policy in their DNS records to specify which mechanism (DKIM, SPF or both) is employed when sending email from that domain; how to check the From: field presented to end users; and how the receiver should deal with failures.
Spoofed messages are an everyday threat to organizations worldwide. Positive Identity performs Identity checks to stop the most popular email spoofing: Internal email spoofing. Messages that purport to come from your own domain but are really external are quickly stopped with Positive Identity. Even if they are not blocked as spam, Positive Identity detects sender spoofing using SPF, DKIM, and DMARC and quarantines these messages.
CEO, asking for an urgent wire transfer
IT telling you to install an "update"
IT saying your mailbox is full
Help Desk saying you need to update your password
This is one of the most common and successful attacks: The CEO request for a wire transfer. Most of these are for less than $50,000 USD. That's because 50k and under doesn't normally need need two signatures. This attack needs the victim to quickly act before it is discovered as a scam.