Greenhill makes email trustworthy for financial matters by securing their domain


Spoof emails blocked by OnDMARC in 90 days


Unauthorized email sources sending 671,000 fake emails were stopped


SPF pass rate, up from 79.70% before OnDMARC

Greenhill logo







Meet the company

Greenhill is a leading independent investment bank focused on providing financial advisory services. The firm operates globally with 15 different offices and over 400 employees, sending over 7 million emails a year.

Financially-driven email matters make tasty phish bait

Chief Information Officer (CIO), John Shaffer, hired a third-party cybersecurity rating company to review the organization’s cybersecurity. The audit flagged DMARC as failing and therefore a priority initiative to focus on. However, like most organizations introduced to DMARC by consultants, Greenhill was left with a sense of urgency to implement the email authentication protocol without any internal expertise or visibility of their email security landscape to know-how.

Full visibility, clear direction, and ongoing guidance

Faced with choosing between taking the plunge themselves and risk blocking legitimate emails, or hiring an expensive consultant, CIO John Shaffer looked for a DIY DMARC solution. After comparing multiple vendors John found “OnDMARC was reasonably priced and very easy to use”. With OnDMARC’s tools John successfully tackled three key areas:

  1. Visibility

    Greenhill uncovered 2,734 unauthorized email sources sending 671,000 fake emails from a parked domain, all of which were blocked using OnDMARC. OnDMARC also provided a clear visual of each legitimate email source’s DKIM and SPF status which had once been a challenge for the firm.

  2. Expertise

    Expertise With Mimecast already in place, DKIM and SPF settings were available, but it simply wasn’t apparent to Greenhill’s team where to begin. CIO John Shaffer explained, “we didn’t know much about DMARC or how to configure it properly but OnDMARC gave us instructions on how to configure Mimecast”.

  3. Ongoing protection

    With their domains in reject, Greenhill still continues to have visibility of ongoing protection with OnDMARC which is actively blocking unauthorized email activity. As one example, over 640,000 spoof emails were blocked in just 3 months successfully protecting themselves, their clients and their prestige reputation.