Two Overlooked Cyber Risks

Two of the most preventable yet persistent cybersecurity threats facing organisations today are the exposure of employee credentials on the dark web and the failure to enforce the critical web domain security setting of DMARC.

The term DMARC stands for “Domain-based Message Authentication, Reporting and Conformance”. If the domain DMARC security is not set to a policy of “reject”, cybercriminals can exploit legitimate corporate domains, bypassing email security filters, and deliver fraudulent email messages that appear very authentic.

When employee credentials are leaked on the dark web, threat actors can weaponise this information to infiltrate systems, impersonate staff, and execute phishing or business email compromise (BEC) attacks. In many cases, visibility into which employees have experienced sensitive credential leakage (such as date of birth, username or password) serves as a ‘canary in the coalmine’. It is an early warning signal that sensitive corporate or personal data is already circulating, indicating a potentially imminent cyberattack and broader weaknesses in password management or data protection practices. This risk is heightened when employees use the same password for personal and work accounts. Waiting for the results of a phishing test to identify at-risk employees is too late, when employees have already suffered a significant data loss on the dark web. Employees also deserve to know when this occurs, so that they can take action to protect themselves, such as changing passwords and being more alert for suspicious emails.

We provide organisations with insight into employees who have had data credential exposure on the dark web and the organisation domain's current DMARC policy status.