For a growing number of email marketers, it may be “BIMI or bust.” As of June 30, nearly 5,300 companies have adopted Brand Indicators for Message Identification (BIMI), a new email standard for showcasing a brand’s logo next to its email messages in recipient inboxes, with built-in protections against phishing-based brand spoofing.
The tally reflects a 3.8X increase in the number of brands adopting BIMI just since the start of April, according to data captured in our H2 2020 Email Fraud & Identity Trends Report. And it’s easy to see the appeal.
BIMI works a bit like email’s version of the blue checkmark badge used to verify the authenticity of Twitter accounts. It not only gives marketers a way to make their messages stand out in crowded inboxes, it also helps put the kibosh on fraudsters posing as their brands. Indeed, for all of BIMI’s growth this year, it may have been just a warm-up act compared to what’s coming next.
To understand why, let’s start with the basics. Email is 40X more effective at acquiring new customers than social media and other digital channels. And it generates at least $38 for every $1 spent in email marketing, by far the highest ROI of any digital medium. But the coronavirus outbreak has added some twists to the equation.
With millions of consumers and business people homebound as part of ongoing COVID mitigation efforts, email’s criticality to marketers has hit a whole new level–and so has its dangers.
From March through June, we documented a 3,000% increase in email attacks specifically designed to exploit the pandemic. Brands were impersonated in 66% of these attacks–which included fraudsters masquerading as suppliers in attacks targeting corporate supply chains. By midyear, the FBI reported it had already received more fraud complaints than all of 2019.
In short: Last year’s estimated $8.6 billion in direct losses stemming from email fraud may pale in comparison to 2020’s final numbers. And then the real pain begins.
When your brand gets impersonated, your organization is bound to face lost business and even lawsuits. Plus, your legitimate email messages may become radioactive–if they’re even delivered. When fraudsters spoof your email domains in phishing attacks, those servers could get blacklisted, decimating your email-based revenue streams at a time when you need them most.
BIMI is designed to help avoid all of this.
With BIMI, your email messages are accentuated with your brand logo in a special space controlled by the email provider—usually next to the email subject line in the recipient’s inbox, and in the upper left corner of the email message itself, outside the email body.
But it only works so long as the email has been authenticated using the Domain-based Message Authentication, Reporting & Conformance (DMARC), the standard email authentication protocol developed by Agari and other industry leaders–including some of the same organizations behind the development of BIMI.
Also, the brand logo itself must be certified with a mark Verifying Authority (MVA), a third party organization that can provide evidence of verification of certain standards – including size, trademark, and content. This makes BIMI somewhat analogous to the secure sockets layer (SSL) certificate that authenticates web properties.
Not only does this help increase brand impressions and visual impact, but the logo itself is verified by both the sender and recipient’s email systems, so it can’t be faked.
BIMI may pay serious dividends, too. When implemented using email ecosystem management solutions, DMARC has been shown to increase email deliverability, while boosting email deliverability rates and conversion rates. By providing a visual cue to confirm a message’s authenticity, a BIMI-enabled brand logo can only help bolster customer trust over time, possibly fueling further increases in email marketing conversion rates.
Perhaps the biggest propellant for BIMI’s growth in the second half of 2020 comes courtesy of Google.
In July, the search and email giant officially launched its BIMI pilot, which display compliant brand logos in the existing avatar slots in the Gmail interface. According to Engadget, Google will work with approved MVAs Entrust Datacard and DigiiCert for logo verification. Google expects to make BIMI more widely available to more brands in coming months.
If the data captured in our H2 2020 trends report is any indication, brands may already be chomping at the bit. With its ability to help increase brand exposure and visibility even while protecting against brand impersonations, it may soon be “de rigur” for email marketers during the pandemic and beyond.
To learn more, download the H2 2020 Email Fraud & Identity Deception Trends Report from the Agari Cyber-Intelligence Division (ACID).