Many companies have issues with domain spoofing. This is a result of the email coming in from email@example.com and this causes people to respond to the email. This happens frequently and the solution is DMARC. Having a good hosting company that gives you the ability to have a DMARC record is critical for 2021 and beyond. It used to be that SPF and DKIM were enough, but people dont check the email headers to see if the email actually came from who it was claimed to be from. So, enter DMARC. This is an email validation system that is used to verify that the person sending it and claims to be from firstname.lastname@example.org is actually true. If not, DMARC has a way of quarantining the email so it never gets to the user.
Ask us how to set this up and we will be happy to give you information about your domain and its protection.
This is a simplified version of what DMARC actually does, but suffice it to say, that it prevents the spoofing attack on a domain. Most encryption attacks and ransomware attacks begin here. Using the spoofed domain to pretend to be from someone from a domain, SPF and DKIM together do not prevent this from happening. The implementation of this system is tricky though. And many people that try to implement DMARC quickly abandon it because it requires expert care to understand how this technology is put in place.