Will Phishers Take the Bait?

Three internet heavies have developed a new plan to stop, or at least harass phishers. Yahoo!, eBay and PayPal have joined forces to create a tool to protect their users from the constant scams that flood their inboxes. The new technology is an email authentication tool that validates the origins of an email and makes black and white lists work more effectively.

Phishing
Phishing is the fastest growing internet crime. In a phishing scheme, an email is sent to an individual demanding immediate action for their account – usually a bank or ecommerce account. The individual clicks through the email to visit the site and the phisher is able to record as much personal information as possible as the individual types in their usernames, passwords, credit card information and even their social security number.

Phishing is obviously illegal, but is growing more common despite this. Often websites like eBay and PayPal as well as credit card and banking sites are subjected to phishing scams where their site is targeted as the sender of email. This makes it difficult for individuals who use the services to recognize when an email is authentic and when it is part of a scam. You should not even open email from phishers as they can download Trojans or software to record keystrokes.

The Initiative
The new tool is called DomainKeys Identified Mail” (DKIM) and uses cryptography to verify the server of the one sending emails. eBay and PayPal are prime targets of phishers, but with this new development, Yahoo Mail will be able to trace and ensure that emails from eBay are actually from eBay and the same for PayPal. This makes it harder for phishers to get past the block, and Yahoo! will be able to identify the server sending the mail.

This means that white lists and black lists can be used more effectively. Phishing emails will be blacklisted and user inboxes will be safe. Or at least as safe as possible. It is virtually impossible to stay ahead of phishing schemes and the fight ahead for law enforcement and ecommerce websites will be tough. But initiatives such as this one take a giant step forward in detecting and preventing the scams.

Experts in the industry are cautiously optimistic about the new endeavor. They realize how challenging it will be implement the system in a wide area, and of course, at the moment it is only available for Yahoo!. But the three companies involved are demonstrating that they are excellent corporate citizens by trying to protect their customers.

PayPal and Ebay are two of the most targeted sites and with these two companies take the first big steps to help identify and prevent phishing scams, one can only assume that other companies will step up the plate shortly. Of course, like all illegal entities online, the phishers will work diligently to find ways around the block and simply adapt to the times. But perhaps the new block will keep inboxes cleaner if not pristine, and give the phishers at least one obstacle to circumvent as they search for their next targets.

Hasan

View Comments