Exercise Caution When Receiving '.gov' Emails

  From the November 14, 2017 WaterISAC Security & Resilience Update, reprinted with permission. 
Malicious actors are trying to entice users to open official looking emails that appear to come from U.S. government offices. Multiple sources have cited between 12.5 – 25 percent of ‘.gov’ emails are fraudulent, and almost 10 percent are not even sent from IP addresses within the U.S. To help combat this threat, the U.S. Department of Homeland Security recently issued a Binding Operational Directive (BOD 18-01) mandating all federal agencies implement DMARC (Domain-based Message Authentication, Reporting and Conformance) within 90 days. Before the BOD, only 18 percent of federal web domains were using DMARC. Additionally, many in the cybersecurity community suggest all organizations should follow the BOD guidance and implement DMARC. While DMARC is beneficial to protect an organization’s email domain from being spoofed, it only benefits the Internet-at-large if everyone implements it. Implementing DMARC will not protect an organization from receiving spoofed emails from other organizations who have not implemented DMARC. For more information, Proofpoint has created an infographic highlighting how DMARC works. Cyberscoop.