Case Study

20 Jan 2026
8 minutes read

How Mr Price Group curbed spoofing with a DMARC reject policy

Discover the operational gains unlocked with a DMARC reject policy

Mr Price Group experienced mounting pressure to safeguard the company against the rising and evolving threat of email impersonation. While the enterprise had a Domain-based Message Authentication, Reporting, and Conformance (DMARC) record, the policy was set to p=none (monitoring), allowing them to view email traffic, but not fully defend against cyberthreats, as opposed to a DMARC reject policy.

Due to the high volume of transactional and marketing emails sent from Mr Price Group, cybercriminals were constantly targeting the brand, resulting in continuous monitoring and significant tweaking of their policy rules to protect against potential credential harvesting and payment scams.

About Mr Price Group

Mr Price Group is a retail and e-commerce corporation specializing in fashion, homeware, sportswear, mobile, and financial services. The group operates hundreds of stores across South Africa, Namibia, Botswana, Eswatini, Lesotho, Zambia, Kenya, Mozambique, and Ghana, with a recent acquisition in Germany.

Mr Price Group, initially founded in 1985, now includes nationally known brands such as Power Fashion, Milady’s, Sheet Street, and Yuppiechef. Today, the organization serves millions of customers both in-store and online.

4.1M

South African customers

32 000+

Employees

4th

Strongest South African brand

The challenge

As threats evolved globally and Mr Price Group expanded its digital footprint, securing its email environment became more challenging. Multiple brands, domains, and external platforms across different countries were generating large volumes of legitimate traffic. The growth and popularity of the group sparked interest in the threat actor community, resulting in numerous spoofing and email impersonation attempts.

This created several challenges:

Limited visibility across sending sources
Increased impersonation attempts
Growing exposure to cyberthreats
Deliverability and blacklisting concerns
Damaged brand trust and confidence

Requirements

Mr Price Group needed a solution that would provide:

Full visibility of all email-sending sources, with correct authentication for every legitimate system across all domains
Expert guidance to reach a DMARC reject policy, with ongoing support and simplified DNS management
Stronger protection against domain spoofing and a safe, confident path to achieving a DMARC reject policy without disruption

Results

Domains fully protected with a DMARC reject policy
Improved deliverability through correct authentication
Full visibility and control for IT and security teams
Increased brand trust and customer security
Ensured continuous protection via ongoing monitoring

What the client had to say:

“The implementation of Sendmarc’s DMARC solution was a game-changer, giving us the visibility and control needed to move swiftly to enforcement, blocking volumes of malicious phishing and spoofing emails that threatened our brand reputation and operations.”

– Kim Sim, Chief Information Officer

Secured with Sendmarc

Retail and e-commerce brands rely on Sendmarc’s DMARC solution to defend against email impersonation, safeguard customer data, and maintain trust. Learn more about how DMARC protects the retail and e-commerce sector.