ProDMARC – Sample

Reporting
(January 17, 2023)

Gaurav Gupta
Director

www.progist.net www.prodmarc.com
ProDMARC based spoof mitigation (1/2)

Boost Fraud Improve

Brand assurance
deliverability mitigation visibility
ProDMARC based spoof mitigation (2/2)
Why ProgIST Email Secure Suite ?
Highly matured DMARC platform,
assisting several critical organisation

Leaders in Asia in terms of no. of emails

processed (approx. 7 bn a month)

First DMARC solution provider based out

of Asia

Customer retention rate of more than

99%

With managed Services 90%+ domains

in reject mode of DMARC within 3
months of subscription
ProDMARC – Key Differentiators
Wizard based identification of top and
authorized senders, failures & threats

Automatic sub-domain detection

Threat correlation against 52 DNSBL

Cousin domain detection against 13

type of domain variations

Timeline report highlighting any

change in DMARC or SPF records which
can avoid business disruption
ProDMARC implementation approach

Integration with
Domain DMARC
monitoring
identification implementation
controls

■ Identify all customer ■ Move to DMARC ■ Integrate DMARC data

domains monitoring mode feeds with anti-phishing
■ Identify the key domains ■ Ensure DMARC record process
from customer risk is implemented for all ■ Integrate DMARC data
perspective mail servers sending feeds with Fraud
■ Create the required emails for the domain Management System /
awareness for DMARC ■ Move to DMARC SIEM
implementation quarantine / block mode
ProDMARC – Mail spoof visibility & mitigation
Automated Dynamic Failure Report
Sample legit failures observed on ProDMARC Portal – Customer A
Sample fraud incident observed on ProDMARC Portal – Customer B

• IP address: 103.141.138.127
• Country: Vietnam
• Reputation: Poor
• Action taken: Blocked
• Sender: "Heikki Txxxxx” <rutuja.sxxxxx@XXXXXXXXX.com>
• Subject: Prepayment invoice 5408 for your order annex no. 6 (50%
advance)
Sample fraud incident observed on ProDMARC Portal

• IP address: 103.133.106.228
• Country: Vietnam
• Reputation: Poor
• Action taken: Blocked
• Sender: Customer_name <estatement@XXX.ae>
• Subject: “Customer_name eStatement Inward Remittanc”
Sample fraud incident observed on ProDMARC Portal

• IP address: 185.222.57.171
• Country: Netherlands
• Reputation: Poor
• Action taken: Blocked
• Sender: Not known (Forensic Report not available)
• Subject: Not known(Forensic Report not available)
Sample fraud incident observed on ProDMARC Portal

• IP address: 173.247.244.178
• Country: United States
• Reputation: Poor
• Action taken: Blocked
• Sender: <estatement@XXX.ae>
• Subject: “Customer_name statement of account”
 Top mail spoofs mitigated - “Subject lines”
Pending amount to be credited to your account – Authentication required

Russia

SWIFT Payment Advise Slovenia

Your account has been hacked Czech republic

China

Mandatory password change

Payment invoice
Nigeria
Your account was accessed from another location

Bank eStatement Inward Remittance

SPAM and Failure prediction using ML
0 Lowest Genuine mail failure
80%
1
70%
2 60%
50%
SPAM score scale
3 40%
4 30%
20%
5 10%
0%
6 Week Week Week Week Week Week Week Week Week Week Week Week
1 2 3 4 5 6 7 8 9 10 11 12
7
8 Before After
9
10 Highest 4 0.5
Geo-IP profiling - suspicious mails (past 30 days)
Top Blacklisted (DNSBL / RBL) mail-senders
Thank You
Gaurav Gupta
(M) +91 8920 419 834
gaurav.gupta@progist.net

www.progist.net info@progist.net www.prodmarc.com