Phishing emails targeted by top companies

The major e-mail companies Microsoft, Yahoo, and Google are role backing a new drive to reduce the number of e-mails that people receive which attempt to trick them into entering details they would normally put into a legitimate source. An example of this would be your online banking details.

Together, the e-mail providers, with other institutions that operate online have come together to create the website www.DMARC.org. This is a website which is going to promote a group of technologies that are going to help make e-mails more secure in the future.

Many of the technologies being promoted by the website are currently being used already, such as digital signatures. This is a way that a sender can authenticate who they are, but in many cases even the genuine sender won’t bother to do this. This makes it much more complicated for people to be sure which e-mails are coming from a genuine source and which fraudulent.

The chairperson of the website is Brett McDowell who is also a senior manager at the online payment portal PayPal. He has stated that DMARC will allow e-mail providers to distinguish which e-mails are real and which are not. When these e-mails are delivered to your e-mail inbox they will be either completely blocked or your e-mail provider will mark them as suspect.

Google has been using similar technologies since 2008 and PayPal and Yahoo implemented them a year earlier. Mr McDowell commented that since these measures have been introduced around 200,000 fake e-mails are being blocked today by these e-mail companies. At Google, Adam Dawes is a product manager and he has stated that around 15 percent of all e-mails that are received into Google inboxes have safeguards in regard to authenticity in place.

They say the system would allow businesses to communicate with their customers in ways that could not be compromised by fraudsters. It would mean that banks could easily send information with links to their website without customers having to be worried about their information being stolen.

The president of Osterman Research is Michael Osterman who has commented, “Banks are very keen to make sure that their customers trust their messages, but right now this is something that is very difficult for them to do. They are putting a great deal of effort into making their messaging more secure and this new system seems to offer everything that they want.”

Despite these e-mails being authenticated it is unlikely that this new system will entirely eliminate fraud being conducted by e-mail. It does mean that fraudsters will have to find a new way to launch their attacks however and they will have to start sending e-mails from fake sites, something that will raise many more red flags with customers.

The group is officially launching next Monday and the many initial participants in the group including such high profile companies as Facebook and LinkedIn. Mr McDowell commented that it is not going to be an expensive process for companies to start adopting the standards but they are going to have to ensure certain technologies about e-mail identification are in place. They will also have to make sure that any marketing companies working with them have the same safeguards protecting the users of their website. It is expected that many more companies will shortly adopt the new standards.