< back to blog

Secure Parked Domains to Protect Your Brand Against Fraud

April 8, 2024
Security
VerifyDMARC

Introduction

Parked domains are domains that have been registered but are not actively being used for sending (legitimate) email. Businesses will often register domains and keep them disused to protect their brand. These are often overlooked in cybersecurity strategies however, failing to secure these domains can lead to brand damage if they are used to launch email spoofing attacks. These attacks can be used to perpetrate fraud against your organisation, customers or suppliers.

Quick fix

Any domain that you are sure is not used to send legitimate email can be configured with a simple DMARC reject policy and a blank SPF Record. This informs recipient mail servers that there are no authorised mail senders and to reject any emails that are addressed from the domain.

If you are not 100% sure if a domain has a legitimate business reason to be sending email, you should collect DMARC reports before moving to an enforcement DMARC policy - that's where VerifyDMARC can help.

If you are confident the parked domain is not used to send legitimate email, in the domain's DNS manager configure two records:

DMARC

Hostname: _dmarc.yourdomain.com

Type: TXT

Value: v=DMARC1; p=reject

SPF

Hostname: yourdomain.com

Type: TXT

Value: v=spf1 -all

Best Practice

The comprehensive solution is to collect and analyse DMARC reports from all domains, including parked domains. This can highlight if a domain is being abused or if someone in the organisation begins to use the domain for legitimate email and any subsequent DMARC compliance and deliverability issues.

VerifyDMARC offers generous domain limits on all plans, so you don't have to make the choice between security and budget constraints. The status alerts in the Dashboard highlight DMARC record misconfiguration, providing feedback to ensure DMARC records remain valid and secure over time.

TRY VERIFYDMARC FREE
Update: North Korean Actors Exploit Weak DMARC Security

Update: North Korean Actors Exploit Weak DMARC Security

In response to a recent FBI, State Department, and NSA advisory, we highlight risks of weak DMARC security and offer actionable steps to protect your organisation, customers, and suppliers.

DMARC Protocol
Security
Comprehensive & Cost-Effective DMARC for MSPs

Comprehensive & Cost-Effective DMARC for MSPs

The challenge of managing DMARC across multiple client domains has traditionally been a complex and costly affair. VerifyDMARC addresses this head-on by offering a unified, cost-effective solution.

MSP
VerifyDMARC
Don't Forget About Your onmicrosoft.com Subdomain

Don't Forget About Your onmicrosoft.com Subdomain

Every Microsoft 365 tenancy includes an onmicrosoft.com subdomain, these are rarely used for business communications but need to be part of your DMARC strategy so they do not get exploited.

Mail Providers
Security