Presentation is loading. Please wait.

Presentation is loading. Please wait.

Bank ReBIT - Operational Excellence Webinar Series (DMARC)

Published byHillary Greer Modified over 6 years ago

Similar presentations

Presentation on theme: "Bank ReBIT - Operational Excellence Webinar Series (DMARC)"— Presentation transcript:

1 DMARC@ICICI Bank ReBIT - Operational Excellence Webinar Series (DMARC)
Bhavin B. Bhansali DGM, Information Security Group, ICICI Bank Ltd. May 11, 2017

2 Common email frauds Phishing Business email compromise Ransomware
Data breach Scams Ransomware

3 …and email spoofing makes it more legit
spoofing is the forgery of an so that the message appears to have originated from someone other than the actual source

4 DMARC in action DMARC - Domain based Message Authentication, Reporting & Conformance

5 Benefits of DMARC Email protection using DMARC Increase in
Customer & employee protection against frauds Customer trust Insight to evolving threat landscape Reduction in Senior mgmt. escalation Bank’s liability for phishing s Customer service cost Phishing fraud/remediation cost 5 5

6 Pre- DMARC phishing sample email (1/2)
6 6

7 Phishing website

8 Phishing email sample (2/2)
Source - 8 8

9 Phishing website Source - 9 9

10 Approach for DMARC implementation
Domain identification Identify all cust. domains Identify the key domains from cust. risk perspective Seek confirmation from all business units on outsourced arrangements DMARC implementation Move to DMARC monitoring mode Ensure DMARC record is implemented for all mail servers sending s for the domain Move to DMARC quarantine/block mode Integration with monitoring controls Integrate DMARC data feeds with anti-phishing process Integrate DMARC data feeds with Fraud Management System/SIEM

11 Key learnings - DMARC implementation
Ensure appropriate collaboration of implementation, & biz teams @ Ensure outsourced service arrangements are inventorised Update the domain induction process Review the evolving modus operandi of fraudsters Regularly review that no genuine s are blocked “Best things come in small packages”

12 Post-DMARC phishing email

13 Thank you (bhavin.bhansali@icicibank.com)

Download ppt "Bank ReBIT - Operational Excellence Webinar Series (DMARC)"

Similar presentations

FFIEC Agency Supplement to Authentication in an Internet Banking Environment http://www.ffiec.gov/pdf/Auth-ITS-Final%206-22-11%20(FFIEC%20Formated).pdf.

FFIEC Agency Supplement to Authentication in an Internet Banking Environment
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
How It Applies In A Virtual World. Phishing Definition: n. To request confidential information over the Internet under false pretenses in order to fraudulently.

How It Applies In A Virtual World. Phishing Definition: n. To request confidential information over the Internet under false pretenses in order to fraudulently.
Breaking Trust On The Internet

Breaking Trust On The Internet
© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.

© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.
Hacker’s tricks for online users to reveal their sensitive information such as credit card, bank account, and social security. Phishing emails are designed.

Hacker’s tricks for online users to reveal their sensitive information such as credit card, bank account, and social security. Phishing s are designed.
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.
Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.

Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.
Internet safety By Lydia Snowden.

Internet safety By Lydia Snowden.
Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009.

Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
FRAUD, ONE OF THE FASTEST GROWING SEGMENTS OF OUR INDUSTRY Joseph Bajic, Chief Compliance Officer and Vice-President, Compliance.

FRAUD, ONE OF THE FASTEST GROWING SEGMENTS OF OUR INDUSTRY Joseph Bajic, Chief Compliance Officer and Vice-President, Compliance.
BUSINESS B1 Information Security.

BUSINESS B1 Information Security.
Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?

Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?
Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training WatchGuard XCS What’s New in version 10.1.

Copyright ©2015 WatchGuard Technologies, Inc. All Rights Reserved WatchGuard Training WatchGuard XCS What’s New in version 10.1.
U.S. Businesses Targeted Randy Wolverton Brian J. Koechner.

U.S. Businesses Targeted Randy Wolverton Brian J. Koechner.
Https://www.youtube.com/watch?v=1hpU_Neg1KA. INTRODUCTION & QUESTIONS.

INTRODUCTION & QUESTIONS.
Spoofing The False Digital Identity. What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain.

Spoofing The False Digital Identity. What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain.
Jeff Warnock COSC 352 Indiana University of Pennsylvania Spring 2010.

Jeff Warnock COSC 352 Indiana University of Pennsylvania Spring 2010.
Outline of this module By the end of this module, you will be able to: Understand the benefits that internet banking provides; Name the different dangers.

Outline of this module By the end of this module, you will be able to: Understand the benefits that internet banking provides; Name the different dangers.

Similar presentations

Ads by Google