---
title: "4 sectors that need email authentication the most and why | DMARC Report"
description: "4 sectors that need email authentication the most and why from DMARC Report explains practical steps for email authentication, domain protection."
image: "https://dmarcreport.com/og/blog/4-sectors-that-need-email-authentication-the-most-and-why.png"
canonical: "https://dmarcreport.com/blog/4-sectors-that-need-email-authentication-the-most-and-why/"
---
Quick Answer
The three core email authentication standards - SPF (RFC 7208), DKIM (RFC 6376), and DMARC (RFC 7489) - work together to verify that an email genuinely originates from the domain it claims to represent. Since February 2024, Google and Yahoo require all three for bulk senders. DMARC Report
Related: [Free DMARC Checker](/tools/dmarc-checker/) ·[How to Create an SPF Record](/tools/spf-record-generator/) ·[SPF Record Format](/blog/spf-format-checker-dos-and-donts-for-email-authentication/)
Share
[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2F4-sectors-that-need-email-authentication-the-most-and-why%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=4%20sectors%20that%20need%20email%20authentication%20the%20most%20and%20why&url=undefined%2Fblog%2F4-sectors-that-need-email-authentication-the-most-and-why%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2F4-sectors-that-need-email-authentication-the-most-and-why%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2F4-sectors-that-need-email-authentication-the-most-and-why%2F&title=4%20sectors%20that%20need%20email%20authentication%20the%20most%20and%20why "Share on Reddit") [ ](mailto:?subject=4%20sectors%20that%20need%20email%20authentication%20the%20most%20and%20why&body=Check out this article: undefined%2Fblog%2F4-sectors-that-need-email-authentication-the-most-and-why%2F "Share via Email")
> DMARC is the only email authentication protocol that gives you both enforcement and visibility, says Brad Slavin, General Manager of DuoCircle. SPF and DKIM authenticate silently - DMARC tells you what happened and lets you control the outcome. That combination of reporting and policy is why DMARC adoption is accelerating.
The three core email authentication standards - SPF ([RFC 7208](https://datatracker.ietf.org/doc/html/rfc7208)), DKIM ([RFC 6376](https://datatracker.ietf.org/doc/html/rfc6376)), and DMARC ([RFC 7489](https://datatracker.ietf.org/doc/html/rfc7489)) - work together to verify that an email genuinely originates from the domain it claims to represent. Since February 2024, Google and Yahoo require all three for bulk senders. DMARC Report
4 sectors that need email authentication the most and why
```
```
/
```
```
RSS Feed
```
Share
Link
Embed
```
/\*! This file is auto-generated \*/ ’ title=“Embed Code” class=“input-embed input-embed-16778” readonly/>
```
```
We are living in times where you have to think twice before clicking\*\*. But despite being mindful about what websites you visit and what links you download, you and your business are not 100% shielded from cyberattackers. Since the launch of ChatGPT in November 2022, vishing, smishing, and phishing attacks have increased by a staggering [1,265%](https://www.securitymagazine.com/articles/100067-report-shows-1265-increase-in-phishing-emails-since-chatgpt-launched).
While there is no definite answer, approximately [3.4 billion phishing emails](https://aag-it.com/the-latest-phishing-statistics/) are sent everyday globally. What this means is that for every 4,200 emails sent\*\*, 1 would surely be a phishing email that would have the potential to dupe recipients into transferring money, downloading malware-infected files, or sharing [sensitive data](https://www.prnewswire.com/news-releases/dig-security-state-of-cloud-data-security-2023-report-finds-exposed-sensitive-data-in-more-than-30-of-cloud-assets-301902104.html).
The top 4 sectors on the hot list of [threat actors](https://hackread.com/storm-1575-threat-actor-new-login-panels-phishing-infrastructure/#google%5Fvignette) are financial services (banking and insurance), healthcare, e-commerce, and government agencies. These sectors need strong [email authentication protocols](https://dmarcreport.com/what-is-dmarc/) like SPF, **DKIM**, and \*\*DMARC to protect their brand reputation and stay away from the legal repercussions of breaches and fraud.
This is because threat actors abuse your \*\*domain name to send [malicious emails](https://www.securitymagazine.com/articles/100687-the-last-six-months-shows-a-341-increase-in-malicious-emails) to your customers, prospects, employees, investors, etc. They impersonate your brand and its representatives to convince targetted recipients to share confidential documents, make financial transactions, disclose a company secret, and whatnot!
So, here is a detailed blog on why these 4 sectors are in bad need of properly **configured SPF**, DKIM, and [DMARC records](https://dmarcreport.com/blog/how-to-create-dmarc-record-stop-email-spoofing-domain/).
## 1\. Financial services (banking and insurance)
The reason why the financial sector is on the radar is that it handles sensitive financial data and personal information of so many people, including the ones seen as \*\*high-value targets by [malicious actors](https://cybernews.com/news/malicious-actors-leak-us-criminal-database/). 62,074 new finance-related domains were registered between January and June 2024, and you would be surprised to know that [62% of these were involved in phishing attacks ](https://bfore.ai/financial-domain-spoofing-trends-of-2024/)targeting legitimate companies through spoofed websites. _HSBC, BBVA, and PayPal are the frequent targets, with over 561 domains associated with each_.
As of 2025, DMARC is mandatory under multiple compliance frameworks. [CISA BOD 18-01](https://www.cisa.gov/news-events/directives/bod-18-01) requires p=reject for US federal domains. [PCI DSS v4.0](https://www.pcisecuritystandards.org/) mandates DMARC for organizations processing payment card data as of March 2025\. Google and Yahoo require DMARC for bulk senders (5,000+ messages/day) since February 2024, and [Microsoft began rejecting](https://learn.microsoft.com/en-us/defender-office-365/email-authentication-dmarc-configure) non-compliant email in May 2025\. The UK [NCSC](https://www.ncsc.gov.uk/collection/email-security-and-anti-spoofing), Australia’s [ASD](https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/ism/cyber-security-guidelines/guidelines-email), and Canada’s [CCCS](https://www.cyber.gc.ca/en/guidance/implementation-guidance-email-domain-protection) all mandate DMARC for government domains. Cyber insurers increasingly require DMARC enforcement as an underwriting condition.
In fact, [a financial scam is currently looming over Pembroke](https://www.newportdispatch.com/2024/10/13/pembroke-police-warn-of-scam-emails-posing-as-bank-fraud-department/). Scammers are sending emails that falsely claim to be from the fraud department of local banks. The unsolicited [phishing emails](https://www.bleepingcomputer.com/news/security/proofpoint-settings-exploited-to-send-millions-of-phishing-emails-daily/) are convincing \*\*community members to empty their bank accounts and deposit the funds into [Bitcoin machines](https://cointelegraph.com/news/bitcoin-atm-decline-falling-prices). They are fooling them under the pretext of losing all the money otherwise.
As per [Deloitte’s 2024 Financial Services Industry Predictions report](https://www2.deloitte.com/us/en/insights/industry/financial-services/financial-services-industry-predictions/2024/deepfake-banking-fraud-risk-on-the-rise.html), US banks can lose $40 billion by 2027 because of [AI-powered scams](https://news.trendmicro.com/2024/09/23/ai-scams/). Cybercriminals are heavily using generative AI to create near-perfect phishing emails that they send from unprotected domains. _Generative AI is also being exploited to develop images, audio, and videos_.
If we talk about the global situation of the \*\*DMARC adoption in the finance sector, then it isn’t too good. Almost [a third of UK banks](https://www.csoonline.com/article/643361/less-than-half-of-uk-banks-implement-most-secure-dmarc-level.html) have no DMARC protection at all. On the brighter side, between Q2-2021 and Q2-2022, [28% and 200%](https://dmarcian.com/top-100-banks-dmarc/) increments have been observed in setting the [DMARC policy](https://dmarcreport.com/blog/what-is-a-dmarc-policy-and-how-does-it-affect-sending-my-emails/) to p=reject and p=quarantine, respectively.
The finance sector is adopting DMARC at a faster pace since the [Payment Card Industry Security Standards Council](https://en.wikipedia.org/wiki/Payment%5FCard%5FIndustry%5FSecurity%5FStandards%5FCouncil) (PCI SSC) announced that the [requirement](https://dmarcreport.com/blog/mandatory-requirement-dmarc-compliance-included-in-pci-dss-version-4-0/) is considered a best practice until March 31, 2025\. After that, it will become mandatory and must be fully addressed during a **PCI DSS assessment**.
## 2\. Healthcare
Healthcare organizations **manage private patient data**, which attracts many threat actors. They usually steal medical details to file [fake insurance claims](https://www.insurancebusinessmag.com/uk/news/claims/allianz-uk-outlines-fraudulent-insurance-claims-trends-504476.aspx), illegally obtain prescription drugs, raise bills for non-existing treatments or services, blackmail for ransom, craft convincing [phishing scams](https://www.usatoday.com/story/news/nation/2023/09/25/scammers-dupe-fort-lauderdale-florida/70959727007/) that target individuals with specific health conditions, etc.
In a cybercrime reported in February 2024, more than [200,000 people in Los Angeles County ](https://www.latimes.com/california/story/2024-06-14/la-county-public-health-data-breach-possibly-affects-200-000-are-you-one-of-them)may have had their personal data exposed after a hacker stole the login credentials of 53 public health employees through a phishing email. The [data breach](https://securityintelligence.com/news/national-public-data-breach-publishes-private-data-billions-us-citizens/) potentially compromised sensitive information like names, birth dates, medical records, diagnoses, prescription details, **Social Security numbers**, and health insurance information.
A \*\*DMARC analysis \*\*also showed that only [69% of UAE hospitals](https://www.darkreading.com/cyber-risk/uae-and-south-african-hospitals-fail-on-dmarc-implementation) have a DMARC record, which means 31% of them have no email authentication protocols in place.
The \*\*healthcare industry was devastated during the \*\*COVID-19 phase due to acute challenges like performing only elective surgeries and resource constraints. Because of these, cash inflow was heavily affected. This caused the healthcare industry to cut back on the [cybersecurity](https://dmarcreport.com/blog/major-cybersecurity-trends-that-will-reign-in-2024/) budget, becoming a prime target for threat actors. Some healthcare organizations reallocated cybersecurity budgets after things settled down, but many didn’t take any significant steps, leaving their domains susceptible to [phishing and spoofing](https://thehackernews.com/2024/07/proofpoint-email-routing-flaw-exploited.html).
If you are interested in learning more, please read this detailed article: [A Reality Check On Email Security Threats In Healthcare!](https://dmarcreport.com/blog/a-reality-check-on-email-security-threats-in-healthcare/)
## 3\. E-commerce
\*\*E-commerce companies send frequent transactional and marketing emails, making them common targets for [cybercriminals](https://www.voanews.com/a/alleged-leader-of-cybercriminals-extradited-to-us/7741605.html) looking to steal customer payment details or login credentials. Email authentication helps prevent fraud, safeguard customers, and maintain brand integrity. In a phishing campaign targeted at eBay customers, threat actors pretended to be from the \*\*company’s support team and sent [fraudulent emails](https://www.uspis.gov/news/scam-article/fake-usps-emails). These emails urged recipients to update their account information due to a supposed [security breach](https://www.ericom.com/what-is-security-breach/). The messages contained [malicious links](https://www.computerweekly.com/news/366544395/Malicious-URL-volumes-soar-as-cyber-criminals-pull-on-Threads) that directed victims to fake login pages, where they unknowingly entered their account credentials.
The attackers used this information to access the victims’ accounts, potentially making unauthorized purchases or stealing personal details. Although \*\*eBay’s systems were not directly breached, the phishing campaign affected many of its customers, highlighting the vulnerabilities arising from [phishing attacks](https://www.infosecurity-magazine.com/news/chatgpt-linked-rise-phishing/), particularly in e-commerce. eBay had to respond by advising customers to change their passwords and enabling additional security measures to mitigate future attacks.
This incident emphasized the **need for robust** [email security](https://dmarcreport.com/blog/why-email-security-matters-and-how-to-get-it-right/) measures like [DMARC](https://dmarcreport.com/) and BIMI, as well as user awareness to recognize phishing attempts.
Between Q3-2021 and Q3-2022, the e-commerce sector illustrated a positive graph in terms of DMARC adoption and advancement to stricter policies. [30% and 80%](https://dmarcian.com/top-100-retailers/) of DMARC policies advanced to **p= reject and p=quarantine**, respectively. Gladly, there was also a 10% decrease in the number of DMARC policies set to none. In fact, there was also a 16% decrease in the number of companies that don’t have a DMARC policy.
Moreover, the [new policies rolled out by Gmail and Yahoo](https://dmarcreport.com/blog/google-and-yahoos-new-email-authentication-policy-for-2024/) require bulk email senders\*\* (like e-commerce companies) to have email authentication protocols in place. This requirement is also expected to contribute to the upward trend of DMARC adoption in the [e-commerce](https://www.investopedia.com/terms/e/ecommerce.asp) sector.
## 4\. Government agencies
Due to the sensitive nature of their operations and data, [cyberattacks](https://www.bbc.com/news/articles/ceqn7xng7lpo) often target government entities. [Spoofed government emails](https://www.securityweek.com/cybercriminals-spoof-us-government-organizations-in-bec-phishing-attacks/) can lead to misinformation or unauthorized data access. Strong email authentication ensures \*\*secure communication between agencies and the public, reducing the risk of cyber espionage and misinformation.
A review of second-level GOV domains within 178 of the 247 ccTLDs listed on Wikipedia revealed that only \[78 of these domains (about 45%) had a valid SPF record\](.) published. Moreover, five of these domains had either malformed SPF records or lacked an explicit “all” directive, rendering them ineffective. Only 33 domains (approximately 19%) had a valid DMARC record. Even among **NATO and EU countries**, the results showed no significant improvement, with some areas performing worse.
This highlights the vulnerability of these domains to email spoofing, especially given the absence of necessary security measures like [SPF\*\*, \*\*DMARC, and DKIM](https://dmarcreport.com/blog/spf-vs-dkim-vs-dmarc-difference-explained-2026/). While \*\*third-level domains are often more secure, second-level domains are frequently left unprotected, though eight did have a ‘blocker’ SPF record.
## Final words
_While email authentication isn’t an undiscussed or lightly touched-on topic, many domain owners are still unaware of it_. The ones who are aware are either stuck on the **p=none policy** (which is equivalent to having no DMARC setup at all) or don’t leverage the benefits of DMARC reports.
[DMARC reports](https://dmarcreport.com/blog/how-to-read-dmarc-reports-guide-2026/) give you insights into your domain’s email activities, helping you recognize emails sent by unauthorized and potentially fraudulent senders. These reports are sent by **recipients’ servers**. So, if your business style involves sending thousands of emails in a day, you will likely receive hundreds of these reports in the complicated [XML format](https://www.ibm.com/docs/en/omegamon-for-cics/5.5.0?topic=utility-using-xml-format-definitions). We know it isn’t easy to track and analyze so many reports. That’s why we at DMARCReport offer to do this for domain owners. If you are interested in learning more, please [book a demo](https://dmarcreport.com/book-a-demo/).
## Sources
- [RFC 7208 - Sender Policy Framework (SPF)](https://datatracker.ietf.org/doc/html/rfc7208)
- [RFC 7489 - Domain-based Message Authentication, Reporting, and Conformance (DMARC)](https://datatracker.ietf.org/doc/html/rfc7489)
## Topics
[ BIMI ](/tags/bimi/)[ dkim ](/tags/dkim/)[ DMARC ](/tags/dmarc/)[ dmarc record ](/tags/dmarc-record/)[ email security ](/tags/email-security/)[ SPF ](/tags/spf/)
[ Adam Lundrigan ](/authors/adam-lundrigan/)
CTO
CTO of DuoCircle. Leads engineering for DMARC Report and DuoCircle's email security product portfolio.
[LinkedIn Profile →](https://www.linkedin.com/in/adamlundrigan/)
## Take control of your DMARC reports
Turn raw XML into actionable dashboards. Start free - no credit card required.
[Start Free Trial](https://app.dmarcreport.com/) [Check Your DMARC Record](/tools/dmarc-checker/)
## Related Articles
[ Foundational 9m Answering Your Webinar Questions: Email Security - From The Desk Of DMARCReport Dec 2, 2025 ](/blog/answering-webinar-questions-email-security-dmarcreport-desk-insights-guide/)[ Foundational 11m What are common issues revealed by DMARC aggregate reports and how should I prioritize them? Feb 4, 2026 ](/blog/common-dmarc-aggregate-report-issues-and-how-to-prioritize-them/)[ Foundational 12m Improve Your Domain’s Email Security By Checking Dmarc Compliance Aug 29, 2025 ](/blog/improve-your-domains-email-security-by-checking-dmarc-compliance/)[ Foundational 12m The Ultimate Guide To Understanding And Running A Dmarc Email Test Oct 24, 2025 ](/blog/the-ultimate-guide-understanding-running-dmarc-email-test/)
```json
{"@context":"https://schema.org","@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]}
```
```json
{"@context":"https://schema.org","@type":"WebSite","name":"DMARC Report","url":"https://dmarcreport.com","description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","publisher":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```
```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"4 sectors that need email authentication the most and why","description":"4 sectors that need email authentication the most and why from DMARC Report explains practical steps for email authentication, domain protection.","url":"https://dmarcreport.com/blog/4-sectors-that-need-email-authentication-the-most-and-why/","datePublished":"2024-10-15T12:55:21.000Z","dateModified":"2026-04-16T15:53:43.000Z","dateCreated":"2024-10-15T12:55:21.000Z","author":{"@type":"Person","@id":"https://dmarcreport.com/authors/adam-lundrigan/#person","name":"Adam Lundrigan","url":"https://dmarcreport.com/authors/adam-lundrigan/","jobTitle":"CTO","description":"Adam Lundrigan is the Chief Technology Officer of DuoCircle, where he leads engineering across DMARC Report, AutoSPF, and the company's email security portfolio. His technical focus includes DMARC report processing infrastructure, DNS monitoring systems, and the SPF evaluation logic that powers DuoCircle's authentication tools.","image":"https://media.mailhop.org/dmarcreport/images/authors/adam-lundrigan.jpg","knowsAbout":["DMARC Report Processing","DNS Architecture","Email Authentication","SaaS Engineering","DNS Monitoring","Infrastructure Automation"],"worksFor":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com"},"sameAs":["https://www.linkedin.com/in/adamlundrigan/"]},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://dmarcreport.com/blog/4-sectors-that-need-email-authentication-the-most-and-why/"},"articleSection":"foundational","keywords":"BIMI, dkim, DMARC, dmarc record, email security, SPF","wordCount":1737,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg","caption":"4 sectors that need email authentication the most and why","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}]
```
```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://dmarcreport.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://dmarcreport.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://dmarcreport.com/foundational/"},{"@type":"ListItem","position":4,"name":"4 sectors that need email authentication the most and why","item":"https://dmarcreport.com/blog/4-sectors-that-need-email-authentication-the-most-and-why/"}]}
```