Why we need to improve our email security
Cyber-attacks are becoming increasingly common. This hurts businesses and community through financial losses and/or major disruptions to operations.
A common tool used by scammers is fraudulent emails. Scammers impersonate trusted and familiar organisations to trick victims into sending money or providing sensitive information. This breaks the trust between the sender and receiver of email communication.
According to the Australian Cyber Security Centre (ACSC), Australian businesses reported $142 million worth of losses due to compromised business emails in 2019-2020. The true cost could be much higher.
How we are improving email security
To help combat email fraud the Victorian Government is implementing DMARC. DMARC or Domain-based Message Authentication, Reporting and Conformance, is an email authentication protocol. With DMARC email authentication, only someone from our government, or someone we authorise can send legitimate emails using the vic.gov.au domain.
DMARC is being rolled out across all Victorian Government departments and agencies as well as local councils.
Why we are using DMARC
DMARC stops many attacks before they reach an inbox.
By adopting DMARC, we can:
- identify fraudulent emails
- verify that our emails are genuine
- provide assurance to government email receivers that our emails are legitimate.
These steps will help protect our community from cyber criminals making the Victorian Government a trusted sender of email communications.
What you should do
If you’re a business owner or an IT specialist, it is strongly recommended that you implement DMARC to better protect your email domain.
DMARC provides great protection against fraudulent emails. It does not protect against other forms of phishing or other cyber scams. It's essential to always maintain good cyber practices and remain vigilant online.
More information
For more information about email compromise and security best practices, visit the Australian Cyber Security Centre.
Updated