Phishing is one of the most subtle and devious threats to Internet security today. Passwords and digital databases are encrypted and secure. The weak link in the chain is, and always will be, the human involved. While database compromises do happen, and network security is always an issue, social hacking is the easiest way to steal someone’s password.
Phishers most commonly use e-mails designed to look authentic and ask you for your information. These e-mails generally use the templates of legitimate e-mails. World of Warcraft, a bank’s correspondence, your Facebook profile or Google’s homepage are all common targets. They will have legitimate unsubscribe links, valid links to the appropriate pages on the actual site, but they will ask you to click a link to reset your name and password.
The site that link takes you to will look legitimate, but when you put in your name and password, it won’t go to the actual site. Instead, it will be recorded and given to the phisher. This is how your identity is stolen, your passwords recorded and your internet security compromised.
Facebook, Microsoft, and Google are all primary targets for phishing scams, and they’re tired of dealing with it. It creates hassles for the companies, for the affected users and for other users. Together they’ve decided to take a stand against phishing attacks and try to do something about them. They’re working with a number of banks and security vendors to form a group to fight phishing. They’re calling it the Domain-based Authentication, Reporting and Conformance group, or DMARC.
DMARC’s goal is to create a system where e-mails can be authenticated on both ends, sender and receiver. This way the sender can make sure that they’re sending correspondence to the right person, and the receiver can make sure the e-mails they receive come from who they claim to come from. Phishing attempts and other similar scams can be weeded out and blocked automatically.
The group is working to create a standardized set of policies and a platform that will allow service providers to add security to their e-mail correspondence. This platform would have the added benefit of providing reports to the service provider, to show them what phishing attempts are being used and to learn from them.
Along with Google, Microsoft, and Facebook several other companies are getting in on the game. AOL, Paypal and Yahoo are participating alongside financial firms such as Bank of America and Fidelity. All of these companies lose millions every year to phishing schemes, both directly and indirectly. The loss of consumer confidence and the resulting loss of revenue is astounding.
As phishing schemes grow more and more sophisticated, so too must the security measures put into place to prevent them. The DMARC partnership hopes to provide just such a sophisticated platform to ensure that e-mail correspondence can have the trust it deserves. While currently in a basic draft, the DMARC platform should go a long way towards minimizing identity theft through e-mail and social networks.
White Chalk Road SEO Perth are online marketing professionals dedicated to helping your business succeed online. For online market research, organic search, paid search or social media, contact White Chalk Road.