Abstract
AbstractAs promising approaches to thwarting the damage caused by phishing emails, DNS-based email security mechanisms, such as the Sender Policy Framework (SPF), Domain-based Message Authentication, Reporting & Conformance (DMARC) and DNS-based Authentication of Named Entities (DANE), have been proposed and widely adopted. Nevertheless, the number of victims of phishing emails continues to increase, suggesting that there should be a mechanism for supporting end-users in correctly distinguishing such emails from legitimate emails. To address this problem, the standardization of Brand Indicators for Message Identification (BIMI) is underway. BIMI is a mechanism that helps an email recipient visually distinguish between legitimate and phishing emails. With Google officially supporting BIMI in July 2021, the approach shows signs of spreading worldwide. With these backgrounds, we conduct an extensive measurement of the adoption of BIMI and its configuration. The results of our measurement study revealed that, as of November 2022, 3,538 out of the one million most popular domain names have a set BIMI record, whereas only 396 (11%) of the BIMI-enabled domain names had valid logo images and verified mark certificates. The study also revealed the existence of several misconfigurations in such logo images and certificates.
Publisher
Springer Nature Switzerland
Reference42 articles.
1. Creating BIMI SVG Logo Files (2020). https://bimigroup.org/creating-bimi-svg-logo-files/
2. SVG Conversion Tools Released (2020). https://bimigroup.org/svg-conversion-tools-released/
3. Fastmail now supports BIMI (2021). https://www.spamresource.com/2021/04/fastmail-now-supports-bimi.html
4. BIMI Inspector (2022). https://bimigroup.org/bimi-generator/
5. BIMI Record Checker - BIMI Record | EasyDMARC (2022). https://easydmarc.com/tools/bimi-lookup
Cited by
1 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献