Google, Microsoft And Others Announce Anti-Phishing Initiative

Google, Facebook, Microsoft, PayPal and 11 other companies have announced a proposed standard for email sending and receiving in an attempt to stamp out phishing.

DMARC, or Domain-based Message Authentication, Reporting and Conformance, is a system that will aid communication between companies and consumers by creating a standardised way of authenticating emails.

Fighting the phishers

The other companies working in the DMARC group are AOL, Yahoo, Bank of America, Fidelity, LinkedIn, American Greetings and email security providers Agari, Cloudmark, eCert, ReturnPath and Trusted Domain Project.

The group came together roughly 18 months ago and last November it emerged that Google, Yahoo, AOL, Microsoft and Agari were authenticating for Facebook, YouSendIt and other e-commerce organisations and social networks. Today’s move sees DMARC expand its list of participants in the hope that the system will be more widely recognised.

Backed by the Online Trust Alliance (OTA), BITS, and the Messaging Anti-Abuse Working Group (MAAWG), the eventual goal of the DMARC collaborators is to “develop an operational specification to be introduced to the IETF (Internet Engineering Task Force) for standardisation” and eventually become an official internet standard.

“One of the worst experiences for a user is being phished,” said Adam Dawes, DMARC representative and Google product manager, told Wired. “The best way to protect them is to make sure the email never reaches the spam folder at all.”

The DMARC system ensures that email senders are protected by SPF (Sender Policy Framework) and/or DKIM (DomainKeys Indentified Mail) and receivers are informed and advised should messages fail to meet the authentication methods.

Phishing persists as a major problem, with data from the OTA suggesting that hundreds of thousands of accounts are hijacked daily. The hope is that as more companies adopt DMARC’s standard, the scamming practice will be rendered useless.

Jiten Karia

Recent Posts

UK’s CMA Begins Probe Of Viasat Acquisition Of Inmarsat

British competition regulator the CMA, begins phase one investigation of $7.3 billion merger between Inmarsat…

7 hours ago

Cisco Admits ‘Security Incident’ After Breach Of Corporate Network

Yanluowang ransomware hackers claim credit for compromise of Cisco's corporate network in May, while Cisco…

9 hours ago

Google Seeks To Shame Apple Over RCS Refusal

Good luck convincing Tim. Google begins publicity campaign to pressure Aple into adopting the cross…

10 hours ago

Elon Musk Wants Staff Names Of Twitter’s Bot Counters

Fight with Twitter, sees Elon Musk's legal team requesting names of those employees who calculate…

11 hours ago

Former Twitter Executive Convicted Of Spying For Saudi Arabia

Spying scandal. Former Twitter executive found guilty in San Francisco courtroom of spying for Saudi…

15 hours ago

Meta Raises $10 Billion In Bond Offering

First ever bond offering sees Facebook parent Meta Platforms raise $10 billion, as it seeks…

16 hours ago