• by Jess Nelson , March 29, 2016

Yahoo significantly expanded itsDomain-based Message Authentication, Reporting and Conformance (DMARC) protections on Monday to protect consumers from email-based phishing and spoofing scams.

Yahoo published strict DMARC policies to 62 of the company’s international domains, offering Yahoo email users worldwide a safer and more secure email experience.

DMARC is an email validation system that detects and prevents email spoofing by reporting messages that were not sent from validated email addresses -- a popular tactic of would-be cybercriminals who use fake email addresses to manipulate consumers by posing as trusted individuals or companies.

Dmarc.org, a California-based nonprofit promoting email authentication to reduce fraudulent email, compiles a list of the Yahoo domains now protected by DMARC regulation on their blog online.

“This reflects steady progress in locking down Yahoo’s entire portfolio of domains,” states Steve Jones, executive director of DMARC.org. “Every organization should be setting strong DMARC policies across their portfolio to ensure that their reserved or disused domains aren’t being used by fraudsters and spammers. And whenever a domain is created or purchased, part of every organization’s processes should include publishing a policy to prevent unauthenticated messages using that domain from reaching the inbox.”

Yahoo has been a major supporter of DMARC, and was one of the original technology collaborators that first created the authentication system.

Yahoo is currently the seventh-most popular email client and represents 3% of the email client market share, according to an analysis of over 1 billion email opens by Litmus Email Analytics in February 2016. Apple’s iPhone dominates the market with a third of all email opens, while Gmail accrues 16% of all email opens.