The biggest players in the Internet world are joining forces with financial giants to hammer out a set of standards that will govern the authentication of emails. Ultimately, the team aims to fight the immense amount of fraud-riddled email spam.
Your knack for the web has allowed you to stay safe in the constantly dangerous sea of Internet fraud, but others may not possess your vigilance.
A collaborated effort, that includes Bank of America, Fidelity Investments, eBay’s PayPal, Google, Microsoft, Facebook, and Yahoo, hopes to protect email recipients from email spam and fraud.
You Shall Not Pass
Called DMARC (Domain-based Message Authentication, Reporting & Conformance), the technical specification may allow email senders (i.e. banks, financial institutions, and social media sites) to establish certain policies so that email providers (i.e. Google, Yahoo, and Microsoft) can weed out emails that are suspected phishing attempts.
If an email does not abide by the specifications set forth by senders and providers, that email will be stopped before it ever reaches the intended recipient.
Additionally, feedback by providers will alert senders to any holes in the authentication system that need to be patched.
Trickery Still Hits the Mark
Designed to mask phishing attacks, email spam often look similar to legitimate email from banks. Graphical layouts and logos are often used to convince email recipients of an urgent matter that requires their attention – and telling them that they have to log in to address the problem. Preying on the frantic worry, the fraudulent email links to a spoofed website that harvests account log-in information.
Despite the ubiquitous awareness of phishing attempts, there are still people who become victims of this seemingly outdated type of fraud.
“Email phishing defrauds millions of people and companies every year, resulting in a loss of consumer confidence in email and the Internet as a whole,” said Brett McDowell, chair of DMARC.org and senior manager of customer security Initiatives at PayPal, in a statement.
The initial group of participants will field test the email authentication standards and gather data and input before submitting the specifications for standardization.