US presidential candidates aren't using basic email security

null
Image Credit: Pixabay

New research has revealed that almost all of the upcoming 2020 presidential candidates in the US are falling behind when it comes to email security despite the fact that Hillary Clinton's email accounts were targeted and breached by Russian hackers just three years ago.

The email security company Agari confirmed that only the Democratic candidate Elizabeth Warren is using domain-based message authentication, reporting and conformance policy or DMARC to protect her email accounts.

This email security features resides on top of the Sender Policy Framework (SKF) and the DomainKeys Identified Mail (DKIM) security protocols which use cryptography to verify a sender's email  and can mark emails as spam or reject them if an email fails to be properly validated.

According to Agari, the other 11 candidates whose email security it investigated, including Bernie Sanders, Joe Biden and presidential incumbent Donald Trump, do not use DMARC to security their campaign domains.

DMARC

By not using DMARC to secure their email accounts, Agari warned that the 2020 presidential candidates risk having their campaigns impersonated in spam campaigns and phishing attacks.

The company's Armen Najarian explained why using DMARC to secure one's email accounts has become increasingly important, saying:

“DMARC is more important than ever because if it had been implemented with the correct policy on the domain used to spearphish John Podesta, then he would have never received the targeted email attack from Russian operatives.”

There has been a slight rise in DMARC adoption by Fortune 500 companies since the beginning of this year. However, while most of the companies use DMARC, Agari said that only 16 percent of the 500 world's richest companies reject or quarantine unvalidated email. 

Via TechCrunch