Players from the Milwaukee Bucks professional basketball team had their private information leaked after an employee fell for a phishing scam last week.
A cybercriminal impersonated team president Peter Feigin with a spoof email address, sending an email to a mid-level employee asking for information on players’ salaries. The unfortunate employee shared 2015 IRS W-2 documents with the scammer, which included the social security numbers, home addresses and salary figures for every player on the Bucks’ roster.
The NBA team has apologized for the incident and is arranging credit-monitoring and identity theft prevention services for those affected, but the data loss is irreversible.
Email phishing scams have been rising year-over-year, and the Federal Bureau of Investigation (FBI) recently released a warning about increases in phishing scams specifically impersonating CEOs and leaders of organizations. Business e-mail compromise scams have increased 270% since January 2015, according to the FBI.
Now ValiMail, an email security startup, is seeking to eradicate the issues associated with phishing impersonization scams with the help of DMARC (Domain-based Message Authentication, Reporting & Conformance).
DMARC helps fight spoofing through email authentication. It identifies if an email is being sent from the same person, or brand, that the email claims to be sent from. In addition to protecting email users from spoofing attacks, DMARC is also critical for email marketing ROI and deliverability rates.
Marketers who implement DMARC have exponentially higher email deliverability rates according to a recent study by data solutions provider Return Path.
Recently out of stealth mode, ValiMail offers email authentication and management as an account-based service. The company already has an impressive client roster with HBO, Uber and Square using its email security services to safeguard their subscribers’ and employees’ private information.
“Marketers don’t care about DMARC because it’s boring,” says Alex Garcia-Tobar, CEO of ValiMail. “But they care about brand and deliverability – that’s where the money is.”
ValiMail is offering a free email security assessment for brands interested in its service, with the added benefit of visibility into account structure and management. Companies can also quickly check if their domains have successfully added DMARC configuration online for free.
Unsurprisingly, the domain bucks.com – home of the email addresses for Milwaukee Bucks’ employees – has no record of DMARC configuration.
Email security and DMARC authentication can be a huge boon to public relations and brand control - just ask the Milwaukee Bucks.