On 4th January 2021 the Ministry of Commerce & Industry, Director General of Foreign Trade (“DGFT”) has issued an advisory Trade notice No. 36/2020-21 regarding increasing Cyber fraud complaints from Indian Exports.
The Ministry of External Affairs informed that email spoofing/phishing cyber frauds are increasing day by day and thereby causing bilateral trade disputes. Being trapped by these mails, Indian exporters end up exporting without receiving any payment. Therefore, they neither have the possession of the goods nor have received the payment of the same. These cases are registered as cybercrime in the respective jurisdiction of the country.
DGFT has clarified that the authorities cannot do much to reverse the transaction. However, these frauds can be largely avoided by implementing the following security protocols:
- Sender Policy Framework (SPF),
- Domain Keys Identified Mail (DKIM) and
- Domain-based Message Authentication Reporting & Conformance (DMARC)
These three protocols are based on the Domain Name System (DNS). SPF, DKIM, and DMARC are protocols for standard email signatures which meet various safety issues. To ensure best protection, all three systems should be implemented. These protocols ensure that the sender is legitimate, that their identity has not been compromised and that they’re not sending email on behalf of someone else.
1. How does protocol Work and prevent exporters from fraud?
1.1 SPF (Sender Policy Framework)
SPF is one of DNS protocol based systems that certifies that the issuing IP address has the right to send emails. This protocol is used to prevent fraudulent use of the domain name and prevents phishing attacks. It specifies which IP addresses and/or servers are allowed to send email “from” that particular domain. It also lets the recipient know who has sent the email.
1.2 DKIM (Domain Keys Identified Mail)
DKIM is a cryptographic protocol based on the use of public keys that are published in the DNS. It ensures to the recipient of the mail that the content of emails is original and has not been tampered with or changed while on the way, header of the message has not been changed and the sender of the email actually owns the domain. The protocol permits the sender to sign the email with the domain name. Through this protocol, the recipient of the email ensures that email has been sent by the sender and has not been altered during transmission. This protocol is particularly effective against “man in the middle” attacks.
1.3 DMARC (Domain-based Message Authentication Reporting & Conformance)
DMARC provides indication in case if there is an attack, ties the first two protocols (SKM and DKIM) together with a consistent set of policies. If someone tries to steal the identity of the sender, DMARC notifies the receiver about it. DMARC verifies that a sender’s email messages are protected by both SPF and DKIM. It also tells the receiving mail server what to do if neither of those authentication methods passes and it also provides a way for the receiving server to report the matter back to the sender about messages that pass and/or fail the DMARC evaluation.
In this Trade Notice addressing to Export Promotion Councils, All members of Trade and All Regional Authorities, DGFT suggested that better password practices be followed on both the sender’s and the receivers’ email ID’s. Further, to avoid insecurity completely, exporters may like to confirm bank details by another channel such as a secure voice line.
All Export promotional councils/Traders are advised to take all precautionary measures to protect their payments from cyber frauds.