Circular No. ES/395/2020-21 4th January, 2021
URGENT & IMPORTANT
To: Members of the Council
Sub: Cyber fraud complaints from Indian Exporters - Trade Advisory -reg
We would like to inform you that the DGFT has issued a Trade Notice No.36/2020-21 dated 4th January, 2021 on the above subject.
The Ministry of External Affairs has informed that email spoofing/phishing cyber frauds are causing increased Bilateral Trade Disputes. Though this is registered as a cybercrime in the respective jurisdictions of the country, the authorities cannot do much to reverse the transaction. The victims are usually Indian exporters who having supplied the goods. They neither have the goods in their possession nor have received the payment.
The matter was examined and it may be informed that such problems can be largely resolved by implementing security protocols such as –
(a) Sender Policy Framework (SPF), (b) Domain Keys Identified Mail (DKIM) and (c) Domain-based Message Authentication, Reporting & Conformance (DMARC).
- SPF, DKIM, and DMARC are protocols for standard email signatures which meet various safety issues and
- All three must be implemented in order to ensure the best possible deliverability.
- All three prove that the sender is legitimate, that their identity has not been compromised and that they're not sending email on behalf of someone else.
- They are all based on the Domain Name System (DNS) of the domain.
(a) Sender Policy Framework (SPF) –
- A protocol based on the DNS of the domain name, certifies that the issuing IP has the right to send emails.
- This protocol is used to prevent fraudulent use of the domain name and prevents phishing attacks.
- It specifies which IP addresses and/or servers are allowed to send email "from" that particular domain.
- It lets the recipient know who has sent the communication.
(b) Domain Keys Identified Mail (DKIM) –
- A cryptographic protocol based on the use of public keys that are published in the DNS.
- It ensures that the content of emails remains trusted and have not been tampered with or compromised and the headers of the message have not changed and that the sender of the email actually owns the domain that has the DKIM record attached to it.
- The protocol allows the sender to sign the email with the domain name.
- The recipient of the email will then be sure that the email has been sent by the sender and has not been altered during transmission.
- This protocol is particularly effective against "man in the middle" attacks.
(c) Domain-based Message Authentication, Reporting & Conformance (DMARC) –
- DMARC provides indications in case there is an attack, ties the first two protocols (SKM and DKIM) together with a consistent set of policies.
- It is possible to be notified if someone tries to steal the identity of the sender.
- It verifies that a sender's email messages are protected by both SPF and DKIM.
- It also tells the receiving mail server what to do if neither of those authentication methods passes, and provides a way for the receiving server to report back to the sender about messages that pass and/or fail the DMARC evaluation.
- It is therefore suggested that better password practices be followed on both the sender's and the receivers' email IDs and to avoid this completely, exporters may like to confirm bank details by another channel such as a secure voice line.
Members are requested to make a note of the above and also advised to take all precautionary measures to protect their payments from cyber frauds.