lunes, 30 de enero de 2012

How to stop phishing

phishing DMARC and email security
Email security is a huge problem nowadays and phishing is one of the biggest security problems with email. Phishing is when a spammer manipulates an email so that it seems as if someone else sent it thus fooling the recipient into opening it and believing it's authentic. In this way phishers get confidential information from unsuspecting users. This causes millions of dollars in losses every year.

DMARC (Domain-based Message Authentication, Reporting & Conformance) is a coalition of companies that have come together to try to solve the problem. Google, AOL, Yahoo and other large providers are some of the companies involved. DMARC's announcement yesterday could represent a great improvement in anti-phishing protection.

DMARC builds upon previous email security standards like SPF and DKIM by creating a standardized protocol where providers can measure the authenticity of email. 

Your company can also be alert to this threat by training employees to follow the following best practices when they open email:
- check the header of received emails
- never provide a password on the phone to anyone
- make them aware that banks and service providers do not request passwords, if someone asks for that it is suspicious and they should check with the technical staff

Sources: