The bad actors behind phishing scams look for vulnerable brands with weak infrastructure. And it’s easy for them to find.
The first thing a brand can do is ensure Sender Protection Framework (SPF) is setup on their website. SPF helps mail platforms like Gmail identify phishing because they can see the sender does not have permission to use your website name and will send the email to the junk folder.
This is a simple but effective way to make sure a phishing email never makes it to the inbox in the first place.
Contributor: Chris Byrne from sensorpro