Email fraud is the leading weapon with which hackers infiltrate networks. It’s not just a social engineering problem: There are technical controls, known as email authentication, that can help mitigate the email fraud threat, but only a tiny percentage of domain owners are taking advantage of them.
Email authentication refers to a suite of open standards that can stop the most common and hardest-to-detect type of email fraud: Impersonation of people or companies by using their domain names.
Without email authentication, fraudsters can easily impersonate any domain simply by putting it into the From field of their messages.