World’s
leading email providers including Google, Yahoo, AOL, Facebook and
Microsoft have announced to join hands to collectively fight the
increasing menace of email and phishing attacks.
Following
18 months of collaborative work, 15 email providers on Monday announced
formation of DMARC.org (Domain-based Message Authentication, Reporting
and Conformance) a technical working group to develop standards for
reducing the threat of deceptive emails, such as spam and phishing.
Among other things, it will outline an enhanced vision for email authentication that can scale up to today’s Internet needs.
The
group’s work includes a draft specification that helps create a
feedback loop between legitimate email senders and receivers to make
impersonation more difficult for phishers trying to send fraudulent
email.
“Email
phishing defrauds millions of people and companies every year,
resulting in a loss of consumer confidence in email and the Internet as a
whole,” said Brett McDowell, chair of DMARC.org and Senior Manager of
Customer Security Initiatives at PayPal.
“Industry cooperation -- combined with technology and consumer education -- is crucial to fight phishing,” McDowell said.
The
DMARC specification addresses concerns that have traditionally hindered
widespread deployment of an authenticated, trusted email ecosystem, the
statement said.
“Today,
email receivers lack a reliable way to know the extent to which an
email sender uses standards like SPF and DKIM for authenticating their
messages,” it said adding that as a result, providers must rely on
complex and imperfect measurements to separate legitimate
unauthenticated messages sent by the domain owner from fraudulent
phishing messages sent by a scammer.
By
introducing a standards-based framework, DMARC has defined a more
comprehensive and integrated way for email senders to introduce email
authentication technologies into their infrastructure, it said.
For
example, a sender could set policies to easily request a provider to
discard unauthenticated email in order to block phishing attacks.
The
specification also creates a mechanism for email providers to send
detailed reports back to email senders to help catch any gaps in the
authentication system.
This
feedback loop raises the trust level within the email ecosystem and
makes it easier to detect and stop phishing attempts, it said.
“BITS
has been committed to defining and improving email authentication
standards and practices to meet the financial services industry’s needs.
“DMARC’s
evolutionary approach is critical in assuring these needs are met for
years to come,” said Paul Smocer, president of BITS, the technology
policy division of The Financial Services Roundtable.
After
gathering data and input from field usage of the technology, DMARC.org
intends to submit its DMARC specification to the IETF for
standardisation.
via:- sa post
3 comments:
This is very interesting, You're a very skilled blogger. I have joined your feed and look forward to seeking more of your great post. Also, I have shared your website in my social networks!
Picnic at Ascot Market Tote, Collapsible with Metal Frame with Apple Trim
Thanks , I've just been searching for information about this topic for a while and yours is the best I've came upon so far. However, what about the bottom line? Are you certain about the source?
Bogs Women's Classic Mid Tuscany Rain Boot
THANX
Post a Comment