Email Security Check for Brisbane Estate Planning Lawyers: SPF, DMARC and DKIM Review to Reduce BEC Exposure on Client Correspondence

You hold testamentary instructions, beneficiary contact details, and bank account information for clients who often have significant estate value at stake. Your practice runs on email — instructions arrive by email, draft wills go out by email, and executor correspondence with beneficiaries happens by email. If your firm’s email domain is not properly authenticated, an attacker can impersonate you to a beneficiary or executor and redirect a distribution. The Email Security Check is a one-off diagnostic of your domain’s SPF, DMARC, and DKIM posture, with a PDF report you can act on.

Why it matters now

The Privacy Act 1988 (Cth) regulates how organisations handle personal information, with the Australian Privacy Principles (APPs) applying to “APP entities” that include most Australian businesses with annual turnover above $3 million and some smaller ones in regulated categories. The Office of the Australian Information Commissioner administers the Act and operates the Notifiable Data Breaches scheme. The Australian Cyber Security Centre publishes specific guidance on business email compromise as a recognised threat class, and on email authentication (SPF, DKIM, DMARC) as a baseline control to reduce spoofing of an organisation’s domain. For an estate-planning practice, a successful spoof of the firm’s domain — used to mislead a beneficiary, executor, or bank — can produce both financial loss to a third party and an eligible data breach under the NDB scheme if personal information has been accessed or disclosed.

The 5-minute view

• The Privacy Act 1988 (Cth) and the 13 Australian Privacy Principles set the baseline for how personal information is handled by APP entities; the OAIC administers the Act.
• Estate planning files routinely contain personal information about clients, beneficiaries, and executors — names, dates of birth, addresses, identification details, and financial details.
• Business email compromise is the Australian Cyber Security Centre’s term for attacks in which an attacker impersonates a trusted email sender to redirect payments or extract sensitive information.
• SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting and Conformance) are the three published standards that allow receiving mail servers to verify an email genuinely came from your firm’s domain.
• A weak or missing DMARC policy (p=none, or no record at all) means an attacker can send email that appears to come from your firm’s domain and is likely to land in beneficiary inboxes without warning.
• Email authentication is a baseline control referenced in ACSC guidance on BEC and on email hardening.
• An Email Security Check is a point-in-time diagnostic — it tells you the posture of your domain on the day it is run, not an ongoing monitoring service.

What DRMO does about it

The Email Security Check is a productised L1 diagnostic of your firm’s email-sending domain. You submit the domain (e.g. yourfirm.com.au) and we run a fixed-scope external review: published SPF record (syntax, included senders, all qualifier), DKIM selectors observed in the public DNS, DMARC record (policy strength, alignment mode, reporting addresses, subdomain policy), and the practical implication of each finding for an attacker attempting to spoof your domain in a BEC scenario targeting a beneficiary or executor. The check uses public DNS data only — no access to your mail server, mailboxes, or internal systems is required. This is the same domain-level diagnostic that runs as the opening step of larger DRMO consulting engagements, packaged for single-domain use without a discovery call.

The deliverable

• PDF report scoped to one email-sending domain
• Executive summary with a Red / Amber / Green status for SPF, DKIM, and DMARC individually, and an overall spoofability rating
• Per-record review with the underlying DNS values cited
• Plain-English explanation of what each finding means for BEC risk on estate-file correspondence
• Recommended DNS changes your IT provider can implement, with the target record values written out
• Delivered via email within 2 business days of domain submission and payment

CTA

Run the Email Security Check — AUD $99

A single-domain productised offer. No discovery call required. Suitable for any estate-planning practice that wants to know whether its email domain can be spoofed in a BEC attempt against a beneficiary, executor, or client.

For a broader review of email, document handling, and client-onboarding controls across the practice, see the DRMO consulting engagements (consultative; book a discovery call).

Sources

1. Office of the Australian Information Commissioner — The Privacy Act: https://www.oaic.gov.au/privacy/the-privacy-act
2. Australian Cyber Security Centre — general guidance on business email compromise and email hardening, published at the ACSC domain root: https://www.cyber.gov.au/
3. Australian Competition and Consumer Commission — Scamwatch information on business email compromise scams, published at: https://www.scamwatch.gov.au/

DRMO capability references:

• Email Security Check (L1 service shape, SPF/DMARC/DKIM review, PDF deliverable)