Quantcast
The MFWire
 Manage Email Alerts | Sponsorships | About MFWire | Who We Are

Subscribe to MFWire.com's News Alerts [click]

Rating:Fidelity, Facebook and Google Fight Spam Not Rated 0.0 Email Routing List Email & Route  Print Print
Monday, January 30, 2012

Fidelity, Facebook and Google Fight Spam

News summary by MFWire's editors

Fidelity [profile] is helping amp the fight against spam. The Boston Behemoth has joined hands with other financial services and technology giants to take the fight against scam-filled messages to the next level with DMARC.org: Domain-based Message Authentication, Reporting and Conformance.

Finextra, Reuters and the Wall Street Journal reported on the group, which also includes AOL, Facebook, Google, Microsoft, Yahoo, eBay unit PayPal and Merrill Lynch parent Bank of America.

Online scammers usually pose as financial institutions or banks to get the bank details or credit card information of individuals.

"What we need is an Internet standard that allows this level of protection to work at scale --without any discussion, without any partner agreements," says Brett McDowell, Paypal security manager and chairman of DMARC.org.

Company Press Release

SAN JOSE, CA, Jan 30, 2012 -- Fifteen leading email service and technology providers are today announcing DMARC.org, a technical working group that has been developing standards for reducing the threat of deceptive emails, such as spam and phishing. DMARC.org draws upon a history of private industry collaboration with 18 months of dedicated work, to outline an enhanced vision for email authentication that can scale up to today's Internet needs. The group's work includes a draft specification that helps create a feedback loop between legitimate email senders and receivers to make impersonation more difficult for phishers trying to send fraudulent email.

"Email phishing defrauds millions of people and companies every year, resulting in a loss of consumer confidence in email and the Internet as a whole," said Brett McDowell, Chair of DMARC.org and Senior Manager of Customer Security Initiatives at PayPal. "Industry cooperation -- combined with technology and consumer education -- is crucial to fight phishing."

The DMARC specification addresses concerns that have traditionally hindered widespread deployment of an authenticated, trusted email ecosystem. Today, email receivers lack a reliable way to know the extent to which an email sender uses standards like SPF and DKIM for authenticating their messages. As a result, providers must rely on complex and imperfect measurements to separate legitimate unauthenticated messages sent by the domain owner from fraudulent phishing messages sent by a scammer.

By introducing a standards-based framework, DMARC has defined a more comprehensive and integrated way for email senders to introduce email authentication technologies into their infrastructure. For example, a sender could set policies to easily request a provider to discard unauthenticated email in order to block phishing attacks. The specification also creates a mechanism for email providers to send detailed reports back to email senders to help catch any gaps in the authentication system. This feedback loop raises the trust level within the email ecosystem and makes it easier to detect and stop phishing attempts.

"BITS has been committed to defining and improving email authentication standards and practices to meet the financial services industry's needs. DMARC's evolutionary approach is critical in assuring these needs are met for years to come," said Paul Smocer, President of BITS, the technology policy division of The Financial Services Roundtable.

After gathering data and input from field usage of the technology, DMARC.org intends to submit its DMARC specification to the IETF for standardization. Interested organizations are encouraged to read the specification, join the dmarc-discuss mailing list at www.dmarc.org , and begin testing and deploying email authentication standards SPF, DKIM, and DMARC. DMARC.org members will be participating in discussions about the specification at MAAWG and RSA conferences in February. See www.dmarc.org for details.

About DMARC.org

DMARC.org (Domain-based Message Authentication, Reporting and Conformance) is an unincorporated working group made up of many of the world's leading email providers (AOL, Gmail, Hotmail, Yahoo! Mail), financial institutions and service providers (Bank of America, Fidelity Investments, PayPal), social media properties (American Greetings, Facebook, LinkedIn) and email security solutions providers (Agari, Cloudmark, eCert, Return Path, Trusted Domain Project). The group is dedicated to developing Internet standards to reduce the threat of email phishing and to improve coordination between email providers and mail sender domain owners.

The draft specification and further information can be found at www.dmarc.org. 

Edited by: HFD


Stay ahead of the news ... Sign up for our email alerts now
CLICK HERE

0.0
 Do You Recommend This Story?


GO TO: MFWire
Return to Top
 News Archives
2024: Q2Q1
2023: Q4Q3Q2Q1
2022: Q4Q3Q2Q1
2021: Q4Q3Q2Q1
2020: Q4Q3Q2Q1
2019: Q4Q3Q2Q1
2018: Q4Q3Q2Q1
2017: Q4Q3Q2Q1
2016: Q4Q3Q2Q1
2015: Q4Q3Q2Q1
2014: Q4Q3Q2Q1
2013: Q4Q3Q2Q1
2012: Q4Q3Q2Q1
2011: Q4Q3Q2Q1
2010: Q4Q3Q2Q1
2009: Q4Q3Q2Q1
2008: Q4Q3Q2Q1
2007: Q4Q3Q2Q1
2006: Q4Q3Q2Q1
2005: Q4Q3Q2Q1
2004: Q4Q3Q2Q1
2003: Q4Q3Q2Q1
2002: Q4Q3Q2Q1
 Subscribe via RSS:
Raw XML
Add to My Yahoo!
follow us in feedly




©All rights reserved to InvestmentWires, Inc. 1997-2024
14 Wall Street | 20th Floor | New York, NY 10005 | P: 212-331-8968 | F: 212-331-8998
Privacy Policy :: Terms of Use