One of the best practices to curb this risk is the Sender Policy Framework (SPF), an email validation tool to prevent the sending and receiving of forged messages. When properly configured, SPF cyber security reduces both the likelihood of any domain name being fraudulently used to send malicious emails and the chances that organizations will receive such messages.
Several notable 2020 incidents highlighted the benefits of SPF cyber security. The healthcare industry was particularly hard hit; in April, the personal and medical information of more than 100,000 employees and patients of Beaumont Health was exposed in a phishing attack, while a similar incident impacted Magellan Health in May. There were also a seemingly endless series of COVID-19-related phishing emails, not to mention scams around the U.S. elections, economic stimulus payments, and more, delivered to personal and business email addresses. These efforts would have been impossible had SPF records been in place for the senders and checked by the receivers.
Recent years have seen other attacks that have garnered international intention. For example, after having had data from over 100,000,000 consumer credit cards breached, Target Corporation began to offer free credit monitoring services. The emails they sent to consumers seemed suspicious. Questions about the validity of the Target emails were resolved in part by the ability to validate the email sender’s authenticity via SPF.
When an organization generates an SPF record in the Domain Name System (DNS) it is identifying which hosts are permitted to send email from their domain. This record allows message recipients to query and determine whether the sending server is authorized to send from a domain. This diagram shows how SPF is verified by the recipient’s mail system.
SPF cyber security is a simple and straightforward tool organizations can use to validate the integrity of their messages and reduce the risk of malicious forgeries. Failure to implement a SPF record increases risk across multiple vectors. Indeed, adopting SPF cyber security should be considered a best practice that signals an organization’s overall IT security effectiveness.
* A variety of open-source tools exist to verify the SPF record for your organization:
This blog was updated as of 12/28/2020