According to Wired
On Monday, Google, Facebook, Microsoft, Yahoo!, and eleven others outfits announced they had formed a new alliance to combat phishing — a way of fooling email and web users into providing sensitive information, including credit card numbers. The alliance is known as Domain-based Message Authentication, Reporting and Conformance, DMARC for short, and the aim of this sprawling alliance is to lay down new email standards that help stop the nefarious practice.
“One of the worst experiences for a user is being phished,” Adam Dawes, a Google product manager and DMARC representative, tells Wired. “The best way to protect them is to make sure the email never reaches the spam folder at all.”
These scams can create some very serious issues for companies or all shapes and sizes. Of course, the most popular are banks. Raise your hand if you ever received an e-mail that really tried to look like it came from a bank, maybe even your bank, and it asked for updated information. If you haven’t raised your hand you’re either a liar or, well, something else.
The experienced online user looks at these things and wonders “How would anyone fall for this nonsense?”. Of course, you need to say that with a ridiculous amount of arrogance since you cannot relate to a commoner who is outside the Internet space. Well, it must work enough times to make it worth while for anyone to continue to run the scams, right? Otherwise, why would you need this coalition of competitors to come together and try to put an end to this online menace.
Other players in this group include PayPal and Facebook. No matter who is involved it’s an important issue and one that will hopefully protect more companies moving forward. There are limits, however.
PayPal’s (Brett) McDowell reiterates that the goal of DMARC — at least for the moment — is to defend legitimate domains, not to address what’s sometimes called “typo-phishing,” where scammers use something that looks like a common domain but is actually a slightly different spelling.
“Domain-based phishing cannot happen when both parties deploy DMARC,” he says.
As a marketer in the online world, just knowing search, social and mobile aren’t nearly enough these days. You better be thinking about security in everything you do. Are you?