Microsoft, FB, Google Gear up to Net the Phish

Microsoft, FB, Google Gear up to Net the Phish

By SiliconIndia   |   Monday, 30 January 2012, 12:34 Hrs
Printer Print Email Email
Net the fish

Bangalore: In the wake of spam mail growing by the day and creating a ruckus in our mailboxes, 15 internet giants, e-mail service and technology providers have geared up to fight it by forming Domain-based Message Authentication, Reporting and Conformance ( that will help reduce the potential for email-based abuse.

Phishing raises its venomous tentacles, highest, during holiday season and shoppers are an easy target. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.

DMARC is a technical specification created by a group of organizations that want to help reduce the potential for email-based abuse by solving a couple of long-standing operational, deployment, and reporting issues related to email authentication protocols.

“Email phishing defrauds millions of people and companies every year, resulting in a loss of consumer confidence in email and the Internet as a whole. Industry cooperation – combined with technology and consumer education – is crucial to fight phishing” Brett McDowell, Chair of and Senior Manager of Customer Security Initiatives at PayPal as quoted in Slashgear.

As quoted by Gigaom-- The DMARC standard attempts to authenticate email by requiring both parties to implement DMARC-standard policies at either end. The idea is that an organization such as PayPal “signs” its outgoing email for all messages associated with its domains. Then when a recipient gets such a message in their email account (if their provider is participating in the program) the mail host checks for the authentication and lets the message through. If a message says it’s from Paypal, but does not have PayPal’s DMARC credentials it gets refused.

So how is the measure helpful? This step will reduce the number of spam, spoofed mails which otherwise turn out to be a secret pathway for marauders to stream our personal bank details and information out. "What we need is an Internet standard that allows this level of protection to work at scale - without any discussion, without any partner agreements," said Brett McDowell, a security manager at PayPal who serves as chairman of the group that developed the new standard.. "That is what DMARC does."

Write your comment now
Submit Reset