Menu
Know your score
mega-menu-bg
Login
close-icon
Company
Resources
Get in touch

Protecting customers and employees from fraudulent email. Maintaining brand trust and credibility

Organisations must ensure they invest effectively to protect against an ever-evolving and expanding threat landscape.
Meagan Burnett,
Chief Operating Officer

Financial Services Provider in South Africa, focused on investment excellence

275bn

Assets under management

150

Employees

50.12%

M & G plc Shareholder

Offices in:
  • Johannesburg – South Africa
  • Cape Town – South Africa
  • Durban – South Africa
  • Port Elizabeth – South Africa
  • Windhoek – Namibia

 

One of South Africa’s top 10 largest investment managers

Financial services companies are a favourite target for cyber criminals. These organisations hold vast amounts of personal and financial information and are in involved in moving large amounts of money on a daily basis. Protecting themselves, their customers and employees from attacks is a priority to avoid financial and reputation loss.

Across the financial services sector, businesses, employees and customers are using email as an important communication tool, making email risk high in this sector. Securing and safeguarding email communication is critical for companies so that customer trust and credibility are maintained.

Financial services companies face persistent email threats on a daily basis that are both customer-target and employee-target attacks. Impersonation, phishing, spoofing and business email compromise are just some of the methods cyber criminals are using, hijacking the name of brand and/or an employee to trick the receiver of the email into inadvertently sharing information or even making money transfers straight to a criminal.

Organisations must put in place suitable measures that will ensure received emails with their brand identity are the real thing, and all fake emails never see the light of day.

Prudential has an obligation legally, ethically and morally to protect its significant customer base and employees working from all their offices, from email fraud and their information being compromised.

Prudential turned to Sendmarc to put in place the highest level of protection and safeguarding of the company name, so that email fraudsters could not illegally and illegitimately use it for their own gain. Their priority was for their customers and employees to feel safe that communication purporting to be from Prudential was in fact from them. Trust in communication from Prudential was critical.

Prudentials’s Requirements

header-image-card-bg

Full protection

Full protection of its customer and employees from being targeted by fraudsters illegitimately using the Prudential name.

header-image-card-bg

Legitimate email

Only legitimate email bearing the Prudential name reaches a customer’s or employee’s inbox.

header-image-card-bg

POPI compliance

Compliance with POPI requirements to take every measure to safeguarding customer information.

header-image-card-bg

Visibility into email environment

Have visibility into their entire email environment and manage all legitimate and illegitimate emails using the company’s name.

header-image-card-bg

Email delivered as intended

All legitimate outbound email reaches its intended destination.

header-image-card-bg

Business as usual

No disruption to the current email environment, with no user or business impact.

header-image-card-bg

Protected within 90 days

Protected state and highest level of security ie, P=reject within 90 days.

header-image-card-bg

Technical expertise

Provider who understands the technicalities of the entire email application and infrastructure layers.

header-image-card-bg

Holistic perspective

Provider who looks holistically at the environment and can work with other service providers.

Complexities of the Prudential’s Environment

  • Multiple providers of email services
  • Multiple providers of infrastructure services related to email
  • No single point accountability for entire email ecosystem
  • No single view or reporting of email real estate
  • Multiple security protocols across infrastructure and application email services
  • Different standards, protocols and policies applied to inbound and outbound emails

Technical Solution

DMARC: Domain-based Messaging Authentication, Reporting and Compliance

Results achieved with Sendmarc solutions

  • Achieved P=reject within 3 months
  • Only legitimate emails with Prudential name delivered to an inbox
  • All illegitimate emails blocked, never reaching an intended receiver
  • Email environment monitored and continual refinement as environment grows
  • Proactively protects against and prevents phishing, impersonation and spoofing attacks
  • All inbound and outbound email working from all email service providers, with correct configurations
  • POPI compliant with highest security and safeguarding levels of customer information
  • Trust and confidence in Prudential branded email
  • mail-share
More case studies

Customers who have joined the cause to make the Internet safer, by making their business safer

All Case Studies

Trusted communication with sponsors, members, donors, volunteers 5 million donors supporting conservation efforts worldwide.

View case study

Trusted law firms have trusted communication. Email that is the real thing.

View case study

Creating trust by protecting their business, customers, and employees. Trusted customer service through trust in communication.

View case study
WHAT IS DMAR

Email messages that have strong authentication in place, and verified as DMARC aligned, are more trusted by email receiving systems.

They are prioritised for delivery to the inbox, avoiding redirection to junk or marked as spam, improving deliverability of day to day email communication as well as marketing communication.

By also adding BIMI to your arsenal of email protection, there is even better deliverability, than with having only DMARC.

DELIVERABILITY

Email messages that have strong authentication in place, and verified as DMARC aligned, are more trusted by email receiving systems.

They are prioritised for delivery to the inbox, avoiding redirection to junk or marked as spam, improving deliverability of day to day email communication as well as marketing communication.

And by also adding BIMI to your arsenal of email protection, there is even better deliverability, than with having only DMARC.

WHAT IS BIMI

BIMI cannot be activated without DMARC compliance. Our DMARC solution methodology takes a company to p=reject within 90 days. Once this DMARC status, or the lower p=quarantine status is reached, we can configure and implement the BIMI standard for a company’s email environment.

BIMI protocol has protection against illegitimate senders spoofing logos, making it an extremely powerful protection tool for companies committed to the security and safeguarding of stakeholders – employees, customers, partners.

We work with Mark Verifying Authorities (VMA) to ensure the required Verified Mark Certificate (VMC) required for BIMI to be implemented is issued. We then install and activate and manage BIMI alongside DMARC.