---
title: "Secure Passkey Protection, Dismantling Lighthouse Phishing, Manufacturers Need Protection | DMARC Report"
description: "Secure Passkey Protection, Dismantling Lighthouse Phishing, Manufacturers Need Protection from DMARC Report explains practical steps for email."
image: "https://dmarcreport.com/og/blog/secure-passkey-protection-dismantling-lighthouse-phishing-manufacturers-need-protection.png"
canonical: "https://dmarcreport.com/blog/secure-passkey-protection-dismantling-lighthouse-phishing-manufacturers-need-protection/"
---
Quick Answer
\_According to the FBI's 2022 Internet Crime Report (IC3), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report Secure Passkey Protection, Dismantling Lighthouse Phishing, Manufacturers Need Protection
Related: [Free DMARC Checker](/tools/dmarc-checker/) ·[How to Create an SPF Record](/tools/spf-record-generator/) ·[SPF Record Format](/blog/spf-format-checker-dos-and-donts-for-email-authentication/)
Share
[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fsecure-passkey-protection-dismantling-lighthouse-phishing-manufacturers-need-protection%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Secure%20Passkey%20Protection%2C%20Dismantling%20Lighthouse%20Phishing%2C%20Manufacturers%20Need%20Protection&url=undefined%2Fblog%2Fsecure-passkey-protection-dismantling-lighthouse-phishing-manufacturers-need-protection%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fsecure-passkey-protection-dismantling-lighthouse-phishing-manufacturers-need-protection%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fsecure-passkey-protection-dismantling-lighthouse-phishing-manufacturers-need-protection%2F&title=Secure%20Passkey%20Protection%2C%20Dismantling%20Lighthouse%20Phishing%2C%20Manufacturers%20Need%20Protection "Share on Reddit") [ ](mailto:?subject=Secure%20Passkey%20Protection%2C%20Dismantling%20Lighthouse%20Phishing%2C%20Manufacturers%20Need%20Protection&body=Check out this article: undefined%2Fblog%2Fsecure-passkey-protection-dismantling-lighthouse-phishing-manufacturers-need-protection%2F "Share via Email")
> The support tickets we get after a spoofing incident all start the same way: ‘we didn’t know someone was sending email from our domain,’ says Vasile Diaconu, Operations Lead at DuoCircle. DMARC reporting would have caught it weeks earlier. The cost of monitoring is nothing compared to the cost of a successful impersonation attack.
\_According to the [FBI’s 2022 Internet Crime Report (IC3)](https://www.ic3.gov/Media/PDF/AnnualReport/2022IC3Report.pdf), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report
Secure Passkey Protection, Dismantling Lighthouse Phishing, Manufacturers Need Protection
```
```
/
```
```
RSS Feed
```
Share
Link
Embed
```
/\*! This file is auto-generated \*/ ’ title=“Embed Code” class=“input-embed input-embed-33860” readonly/>
```
```
Hello people!
It is the third week of November, and as promised, we are back again with our latest edition of cyber news. Meanwhile, we hope you have been able to safeguard your data from the cybercrooks. Even though they are getting sophisticated with every attack, it is up to us to bolster our **data and networks**. And that is possible when you stay fully prepared with cyber knowledge and awareness to combat the malicious activities of [threat actors](https://www.cybersecuritydive.com/news/microsoft-crowdstrike-other-cyber-firms-collaborate-on-threat-actor-taxon/749614/).
[SPF](https://autospf.com/blog/spf-guide-understanding-sender-policy-framework/), [DKIM](https://dmarcreport.com/blog/dkim-explained-how-dkim-works-and-why-is-dkim-important-for-organizations/), and [DMARC](https://dmarcreport.com/) work together to strengthen [email security](https://dmarcreport.com/blog/why-email-security-matters-and-how-to-get-it-right/) by preventing spoofing and ensuring messages come from legitimate senders\*\*.
_This week, we will discuss the latest trend of switching to passkeys to protect crucial business data_. Next, our focus will be on the Lighthouse [phishing-as-a-service operations](https://www.csoonline.com/article/4088993/google-asks-us-court-to-shut-down-lighthouse-phishing-as-a-service-operation.html). Lastly, we will focus on why manufacturers are prone to ransomware attacks and how to overcome the threat.
## \*\*Passkeys over weak passwords - new tactic to combat cyberattacks Threat actors have already come a long way-thanks to easy AI access and digital advancements around the globe. We are living in a time where even some of the intricate security setups are not adequate to tackle the [malicious attempts](https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/the-devil-reviews-xanthorox-a-criminal-focused-analysis-of-the-latest-malicious-llm-offering) of the cybercriminals. To make things worse, employees are still using weak passwords in 2025\. Organizations are therefore gradually moving to passwordless solutions to **safeguard critical business data**.
[Multifactor Authentication](https://www.techtarget.com/searchsecurity/definition/multifactor-authentication-MFA) is still a valid alternative. But experts feel that using MFA alone is not enough to protect your data from threat actors. A massive[ 96%](https://www.portnox.com/ciso-perspectives/data-2026/) of CISOs believe that MFA is not competent enough to \*\*survive the contemporary threat landscape. Organizations have come to realize that password hygiene has its own set of disadvantages and that they need something better to protect their business data. So, gradually, they are moving to a completely new solution altogether - passwordless systems.
According to a survey conducted by Dark Reading, one-third of the participants have entirely shifted to [Single Sign-On (SSO)](https://www.ibm.com/think/topics/single-sign-on) or a passkey system to log into their accounts. One-fifth of the participants depend on password managers, which, again, is a comparatively safer solution for password authentication. [17%](https://www.darkreading.com/identity-access-management-security/sso-passkeys-password-bad-habits) of the participants are coerced into using \*\*secure passphrases that are random in nature yet easy to remember.
[Cybersecurity](https://dmarcreport.com/blog/major-cybersecurity-trends-that-will-reign-in-2024/) experts believe that more and more organizations will eventually move to SSOs as the threat landscape keeps evolving .
## **Google seeks help from the US court to dismantle Lighthouse phishing-as-a-Service operations!** _Google needs the assistance of the US court to stop the Lighthouse Phishing-as-a-Service operations_. This is a smart move made by the tech company to make the most out of \*\*legal systems to combat cybercrime.
Google sought legal help as the cybercrooks have been abusing Google and other similar tech brands by misusing their trademarks, logos, and other brand assets. A \*\*Google spokesperson stated \*\*that as many as [107](https://www.csoonline.com/article/4088993/google-asks-us-court-to-shut-down-lighthouse-phishing-as-a-service-operation.html) fake websites were “featuring Google’s branding on sign-in screens” to trick people and earn their trust.
Basically, cybercrooks who use Lighthouse services tend to send [malicious text messages](https://www.scworld.com/news/new-usps-text-scam-uses-unique-method-to-hide-malicious-pdf-links) to unsuspecting users, especially employees in any organization. These threat actors use the brand assets of popular companies to boost the credibility of the messages and hope to compel the message recipients to click on fraudulent links or share sensitive data.
_This is not the first time that a renowned tech company has sought the court’s help_. There are several other well-known companies that have started seeking legal help to fight cybercriminals. For example, back in September, Microsoft got the court’s order to seize as many as [338](https://blogs.microsoft.com/on-the-issues/2025/09/16/microsoft-seizes-338-websites-to-disrupt-rapidly-growing-raccoono365-phishing-service/) websites. These fraudulent websites were using a phishing kit called RacoonO365 to get access to Microsoft 365 credentials. In August, too, something similar happened when the [US Justice Department](https://www.justice.gov/opa/pr/justice-department-announces-coordinated-disruption-actions-against-blacksuit-royal), with the help of the FBI and other enforcement agencies\*\*, took down four servers and nine domains of the [BlackSuit Ransomware group](https://cyberscoop.com/blacksuit-royal-ransomware-450-us-victims/).
### **Why do manufacturers need to take more precautionary steps against ransomware?** Ransomware attackers love targeting manufacturers. From \*\*German manufacturer Schumag to Sensata Technologies, and then to Nucor, ransomware gangs targeted every manufacturing company, disrupting production and distribution.
According to the software firm Check Point, the global manufacturing sector experiences [1585](https://blog.checkpoint.com/research/the-rising-cyber-threat-to-manufacturing-a-call-to-action-for-executives?utm%5Fsource=linkedin-unpaid&utm%5Fmedium=social-media) weekly attacks on average.
While some of the attacks are carried out by state-sponsored hacking groups for industrial espionage purposes, other ransomware attacks are financially motivated. The main reason behind targeting the \*\*manufacturing sector \*\*is the critical nature of its operational continuity.
That’s exactly why manufacturers must start building a robust, impenetrable safety system to prevent any cyberattack. It is advisable to use crisis communication strategies and intelligence-led defence systems to **safeguard intellectual properties**. Experts recommend investing in [data-loss prevention](https://www.fortinet.com/resources/cyberglossary/dlp), monitoring, and advanced detection systems.
_Cyber resilience is no longer a luxury but a necessity for the manufacturing sector_. It not only brings in the element of competitive advantage but also protects the **future of a manufacturing business**.
## Topics
[ dkim ](/tags/dkim/)[ DMARC ](/tags/dmarc/)[ email security ](/tags/email-security/)[ News ](/tags/news/)[ SPF ](/tags/spf/)
[ Brad Slavin ](/authors/brad-slavin/)
General Manager
Founder and General Manager of DuoCircle. Product strategy and commercial lead for DMARC Report's 2,000+ customer base.
[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin)
## Take control of your DMARC reports
Turn raw XML into actionable dashboards. Start free - no credit card required.
[Start Free Trial](https://app.dmarcreport.com/) [Check Your DMARC Record](/tools/dmarc-checker/)
## Related Articles
[ Foundational 4m Akira flaunts victims, Idaho targets orthodontist, AI granny protects Nov 22, 2024 ](/blog/akira-flaunts-victims-idaho-targets-orthodontist-ai-granny-protects/)[ Foundational 4m Ambient Light Spying, Cybersecurity Prices Drop, Euro 2024 Threats Jul 10, 2024 ](/blog/ambient-light-spying-cybersecurity-prices-drop-euro-2024-threats/)[ Foundational 4m Banks Drop OTPs, Major Cyber Heist, Spying Spouses Arrested Jul 18, 2024 ](/blog/banks-drop-otps-major-cyber-heist-spying-spouses-arrested/)[ Foundational 4m Car Cameras Hackable, UK Water Breach, Thailand Frees Captives Feb 28, 2025 ](/blog/car-cameras-hackable-uk-water-breach-thailand-frees-captives/)
```json
{"@context":"https://schema.org","@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]}
```
```json
{"@context":"https://schema.org","@type":"WebSite","name":"DMARC Report","url":"https://dmarcreport.com","description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","publisher":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```
```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Secure Passkey Protection, Dismantling Lighthouse Phishing, Manufacturers Need Protection","description":"Secure Passkey Protection, Dismantling Lighthouse Phishing, Manufacturers Need Protection from DMARC Report explains practical steps for email.","url":"https://dmarcreport.com/blog/secure-passkey-protection-dismantling-lighthouse-phishing-manufacturers-need-protection/","datePublished":"2025-11-19T11:15:17.000Z","dateModified":"2026-04-16T15:53:43.000Z","dateCreated":"2025-11-19T11:15:17.000Z","author":{"@type":"Person","@id":"https://dmarcreport.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://dmarcreport.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://dmarcreport.com/blog/secure-passkey-protection-dismantling-lighthouse-phishing-manufacturers-need-protection/"},"articleSection":"foundational","keywords":"dkim, DMARC, email security, News, SPF","wordCount":1145,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg","caption":"Secure Passkey Protection, Dismantling Lighthouse Phishing, Manufacturers Need Protection","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}]
```
```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://dmarcreport.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://dmarcreport.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://dmarcreport.com/foundational/"},{"@type":"ListItem","position":4,"name":"Secure Passkey Protection, Dismantling Lighthouse Phishing, Manufacturers Need Protection","item":"https://dmarcreport.com/blog/secure-passkey-protection-dismantling-lighthouse-phishing-manufacturers-need-protection/"}]}
```