Banks & Internet Companies Are Teaming Up Against Spam. Finally!

by | posted: January 30, 2012 0 comment
Spammers are the party-poopers when it comes to the Internet. Yes, the web helps us in discovering new information, connecting with other people and increasing our productivity. This has been going for a long time since the advent of the Internet but no one has come close to removing this threat and annoyance from the web in its entirety.

Cyber Criminals always seem to be one step ahead.

Even Google has not yet perfected its algorithm to detect and filter spam which is why we still end up with some ‘Lottery Winner’ mail in my inbox. The cases of spam, e-mail scams, phishing and general online malpractices are on the rise in India and the world and for once everyone is concerned about it. Some of the biggest Internet companies are teaming up with banks and coming up with a new approach to battling spam online. Banks are involved in this because majority of these cyber-criminals pose fraudulently as banks when they are sending out their ‘phishing’ emails. A person’s bank account credentials can easily be gotten if they person interacts with such a mail due to unawareness or sheer conviction of the mail being legit.

Facebook, Microsoft and Google will be joining hands with the bank of America, Fidelity Investments and PayPal so that they can once and for all sort out this mess. Apparently, the only way to defeat these spammers is to set up a new standard when it comes to authenticating incoming e-mails. Two existing authentication technologies, SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) are being considered for the new standard. These technologies are highly effective but not widely adopted. Thus for wider adoption, they need the support of these big companies so that they can lobby to make it a standard across their services.

Currently, PayPal is the only service which uses these two new technologies to fight against fraudulent emails in partnership with Yahoo and Google. The group DMARC.org has developed these technologies and consists of employees of PayPal and other companies. Right now, if the incoming email from PayPal is not authenticated by SPF or DKIM, the e-mail isn’t allowed to be delivered to the user. The same e-mail will be delivered when it comes to other e-mail providers and this is the nub of the problem, wider adoption!

“What we need is an Internet standard that allows this level of protection to work at scale – without any discussion, without any partner agreements,” Brett McDowel, Security Manager at Paypal and Chairman of DMARC.org said. “That is what DMARC does.”

Besides PayPal, other companies involved in DMARC are  American Greetings, LinkedIn and Yahoo as well as privately held Agari, Cloudmark, eCert, Return Path and the Trusted Domain Project. The approach taken by the group has shown to be credible by IDC Security analyst Michael Versace.

If this standard gets widely adopted, then spam might just become a thing of the past and the Internet might just be that clean Utopia that we want it to be. But spammers and cyber criminals are sharp people too. We are sure they will also make advances in circumventing these technologies. This is why Internet companies and other institution need to work hand-in-hand to always stay one step above these criminals!

What are your thoughts on the current state of Internet spam? Do let us know.


Tags: , , , , , , , ,

Denzil

I grok Technology and Digital Media. http://gravatar.com/blindpixel

Related Posts

No comments yet.

Leave a Comment