Modules
Sign in
New Request

Does DMARC block all types of phishing attacks?

No. DMARC is only designed to protect against direct domain spoofing. If the owners/operators of example.com use DMARC to protect that domain, it would have no effect on otherdomain.com or example.net (notice the ".net" vs. ".com").

While impersonating a given domain is a common method used for phishing and other malicious activities, there are other attack vectors that DMARC does not address. For example, DMARC does not address cousin domain attacks (i.e. sending from a domain that looks like the target being abused - e.g. exampl3.com vs. example.com), or display name abuse (i.e. modifying the "From" field to look as if it comes from the target being abused).

Have more questions?

Contact us

Was this article helpful?
0 out of 0 found this helpful

Provide feedback for the Documentation team!

Browse this section