You've heard about buyers wiring closing funds to a fraudster who impersonated the title company or agent by email, and want to know whether DMARC helps.
Real-estate wire fraud runs on email impersonation at closing: an attacker spoofs the title company, agent or lender and redirects the buyer's wire. The category sits inside Business Email Compromise, which the FBI IC3 2024 Annual Report puts at $2.77 billion of the year's record $16.6 billion in total internet-crime losses. Setting your firm's domain to p=reject blocks messages that spoof your exact domain — a primary vector in closing fraud. It can't stop a look-alike domain (yourtitle-co.com vs yourtitleco.com) or a genuinely compromised mailbox, so it belongs alongside verified call-back procedures, never instead of them. Source: FBI IC3 Annual Reports (2024) · verified 2026-07-18.
p=reject — monitoring alone doesn't block the spoofed-domain wire-fraud email.Usually not by name — HIPAA, most legal-sector rules and UK charity guidance don't cite DMARC specifically. But they require protecting communications and preventing impersonation, and DMARC is the standard technical control that regulators, insurers and auditors expect you to use to meet that.
No, not if you start correctly. A p=none policy is monitoring only and changes nothing about delivery. You only move to quarantine or reject after aggregate reports confirm every legitimate sender already passes — so real mail is never caught by surprise.
Yes. The DNS side is a handful of records added once. The ongoing part is reading aggregate reports, which a plain-English monitoring tool does for you instead of leaving you to parse XML. Start with the free check below to see where you stand.