ValiMail has developed the world's first cloud service that fully automates email authentication. ValiMail enables organizations to stop phishing attacks, control shadow email, and improve the reputation of their email domain. ValiMail's patented, standards-compliant technology provides the only zero-administration solution to enable trusted email for enterprises. Customers include Uber, Fannie Mae, Yelp, Twilio, Time Warner, Square, OpenTable, and City National Bank. Founded in 2016, ValiMail is based in San Francisco and is backed by Shasta Ventures, Flybridge Capital Partners, and Bloomberg Beta.
While 79 percent say their organizations experienced a serious data breach or cyberattack during the past 12 months, only 29 percent are taking significant steps to prevent phishing and email impersonation. However, 65 percent are likely to implement an automated DMARC enforcement solution if it stopped impersonation attacks.
Email fraud is the leading weapon with which hackers infiltrate networks. It’s not just a social engineering problem: There are technical controls, known as email authentication, that can help mitigate the email fraud threat, but only a tiny percentage of domain owners are taking advantage of them.
ValiMail’s analysis of the most popular 1 million global domains shows that most domain owners have not attempted to implement fraud protection through the latest and most complete form of protection, DMARC. Of those that have attempted DMARC, only 23 percent are actually achieving protection from fraud.
ValiMail attributes these shortfalls in adoption to the difficulty that domain owners have in fully implementing and maintaining DMARC and its underlying standards (SPF, DKIM), particularly in complex environments where companies use many different cloud-based email services (often without full knowledge of IT staff).
ValiMail’s 21-page report is the most comprehensive survey of the state of email authentication to date, with exclusive data on the vulnerability to email fraud of the most popular 1 million domains. Plus: Drill-downs into the vulnerability of key sectors, including the NYSE, NASDAQ, Fortune 500, banks, health care, technology, and Crunchbase unicorns.