Okay Marketers: Less Whining, More Doing
By Ken Magill
Finding out that just three of America’s top 100 retailers have published DMARC records and that 77 of them do not fully authenticate their domains wasn’t remotely surprising.
But it was a little infuriating.
Marketers are forever complaining that email inbox providers don’t treat their permission-based mail fairly.
And to some degree I have sympathized. But not today.
Almost exactly a year ago, some of the biggest brands on the Internet unveiled DMARC to combat phishing.
Those brands were leading email providers AOL, Gmail, Hotmail and Yahoo! Mail, some of the most highly phished brands, including Bank of America, Fidelity Investments, PayPal, American Greetings, Facebook and LinkedIn, email security concerns Agari, Cloudmark and Trusted Domain Project and email intelligence firm Return Path.
Non-financial-services email marketers apparently responded to the scheme’s unveiling with the industry’s version of crickets.
I’m no expert on email security, but it seems to me that if the tools to help combat email fraud are readily available and—so I’m told—easily implementable, companies that have financial relationships with the people to whom they send email should implement them.
Rather than grousing about the collateral damage we suffer, we should be helping solve the problem.
Imagine what the ISP abuse desk folks are thinking: “These jackwads won’t lift a finger to help us identify fraudulent email. So why should we give a crap about them?”
Even marketers who don’t think their brands are phishing targets should take the steps to help ISPs isolate fraudulent messages.
Helping ISPs fight fraud helps all of us. On a more personal note, helping ISPs fight fraud also helps decrease the odds Granny’s going to get her bank account cleaned out.
Help protect Granny. Authenticate your domains and publish a DMARC record asap.