Headline
Most US Political Campaigns Lack DMARC Email Protection
Without DMARC, campaigns remain highly susceptible to phishing, domain spoofing, and impersonation.
Source: Saphiens via Alamy Stock Photo
Nearly 75% of US Senate campaign websites are lacking when it comes to DMARC protections, otherwise known as Domain-based Message Authentication, Reporting, and Conformance safeguards.
DMARC tools are used to prevent phishing and spoofing attacks by ensuring that the domains from which emails are sent get authenticated.
Without these protections, campaign websites are left vulnerable to cyberattacks, a critical issue given that these campaigns are emailing voters, donors, and staff frequently.
This could lead to compromised voter information, donor data, strategic campaign plans, and other sensitive data, furthering a lack of public trust in US elections, an issue that has become increasingly prominent in the past few years. In 2016, Russian state actors tried to influence the presidential election by disrupting the election process and hacking emails.
According to the study, conducted by Red Sift, campaigns will remain highly susceptible to phishing, domain spoofing, and impersonation attacks without DMARC, ultimately leading to slower campaign operations, leaks in confidential information, and worse.
The report calls for immediate prioritization of DMARC implementation across US Senate and presidential campaigns, and insuring that these implementations are properly configured.
About the Author