And what can we do to make it less easy?

When an Associated Press journalist’s Twitter account was compromised last Tuesday, reportedly through a phishing attack, the consequences of a common email security breach were felt around the world. Stock markets plunged within seconds of a phony tweet about an explosion at the White House, instantly erasing $136.5 billion of value from the S&P 500 index.

When the story proved false the markets recovered their losses, but the sense of vulnerability...

We're celebrating the one-year anniversary of DMARC this week – a technological standard with the potential to make email safer and more secure. (That’s Domain-based Message Authentication, Reporting, and Conformance…which you probably knew.) This is a great occasion for us, partly because DMARC is an initiative we’ve been deeply involved in. But it’s also a great occasion for the entire email ecosystem, and I can give you three big reasons why:

First, it’s working. Mailbox providers around the...

Phishing is a huge threat to trust in the email ecosystem. Consumers are wary of interacting with brands that they perceive as being insecure.

For this reason, Publishers Clearing House (PCH) is a Return Path client that was an early adopter of domain protection services and DMARC. The system has helped them quickly detect misuse of their brand name. In one recent incident the Return Path system detected a run of 144,000 messages in just one day.

“PCH is a prominent household name. Protecting our...

If you have noticed your email authentication key for DKIM failing recently, you are not alone. Google recently announced they will immediately begin failing DKIM keys less than or equal to 512-bits.

A mathematician recently cracked Google’s weak 512-bit DKIM key and impersonated founders Sergey Brin and Larry Page via email. A recent Wired.com article relating the story started a rush in the email industry to create new DKIM keys stronger than 512-bits. Google is taking this security issue...