Introduction
An important way to make the internet safer for everyone is to ensure emails are properly protected from attacks like phishing, spoofing and malware.
So much data is stored and transferred through email that it really is important to prevent unwanted people from accessing it. This requires that major email providers implement a higher standard level of email security.
The standard email security level that most providers have today is not enough, especially with attacks becoming more frequent and sophisticated with the help of AI.
The good news is that providers like Google and Yahoo, that are amongst the most popular – Gmail has over 1.8 billion users and Yahoo! Mail has over 225 million users – have announced that they will be implementing higher email security standards.
This means that all the current and new users of these services will automatically be more protected, without having to enact any measures themselves.
What are Google and Yahoo doing to make email safer?
Both Google and Yahoo are focusing their efforts on bulk senders (these are usually businesses that send emails to up to 5,000 recipients in a day) because they are the most likely to have their addresses manipulated by cybercriminals trying to fake being a trustworthy and authentic source.
Cybercriminals assume, often correctly, that their fraudulent emails won't get noticed if they appear to be part of the crowd of emails already being sent by a business.
This is why both Google and Yahoo now require much stricter email authentication processes for bulk senders.
Let's take a closer look at what these are:
SPF (Sender Policy Framework)
SPF allows domain owners to specify which servers are authorized to send emails on their behalf. It creates a DNS (Domain Name System) record that defines the authorized mail servers for the domain so that hackers cannot pretend to be you.
DKIM (DomainKeys Identified Mail)
DKIM adds a digital signature to email messages, providing a way for recipients to verify that the message was indeed sent by the domain it claims to originate from. This makes it harder for hackers to disguise themselves using fake emails.
DMARC (Domain-based Message Authentication, Reporting, and Conformance)
DMARC takes SPF and DKIM a step further by providing a policy framework for domain owners to instruct email receivers on how to handle emails that fail authentication checks. It ensures that receivers can distinguish between legitimate and fraudulent email, thereby reducing the risk of people falling prey to phishing and spoofing attacks.
Test whether your domain is DMARC protected with our free test here.
Improved spam regulations
Aside from enhancing email authentication protocols, Google and Yahoo are also addressing the issue of spam. After all, there are approximately 3.5 billion spam emails sent every day and many of these contain malware and are where phishing attempts begin.
Preventing and stopping spam emails from reaching inboxes in the first place is a great way to prevent cybercrime.
This is why Google and Yahoo will now allow users to unsubscribe from spam with one click and will require that bulk senders honour unsubscribe requests within two days.
Furthermore, the tech giants will also implement a spam rate threshold to limit the number of emails bulk senders can send in one day to ensure users are not saturated with unwanted emails that could potentially be dangerous.
Conclusion
The measures being taken by leading email industry players like Google and Yahoo are a huge step forward in making the internet a safer place for everyone.
It is email providers, not end users, who have the most knowledge about the dangers and vulnerabilities of their systems, so it is great to see them taking the initiative to protect people instead of expecting users to have to take full responsibility for protecting themselves.
However, work remains to be done. Google and Yahoo are not the only email providers out there. Full collaboration and a commitment to higher safety standards from all the players in the email industry will be required to ensure the greatest number of people can be protected.
Do you need help implementing all the changes now required to ensure email deliverability?
Contact us to book a free consultation:
