Collaborated Effort towards Evading Spam
The social networking sites including Facebook, Google Inc, and Microsoft Corp integrated with financial organizations including the Bank of America Corp, eBay Inc's PayPal, and Fidelity Investments towards creating a set of norms to be followed for the prevention of criminals from distributing spam e-mails that appeared to be coming from the e-mail addresses of the corporates. The combined Group is affiliated to be known as DMARC.org, meaning Domain-based Message Authentication, Reporting and Conformance, as reported in the website of moneycontrol on January 30, 2012.
Spammers masquerading authentic entities like the banks or other authenticated firms' attempts to gain the trust of recipients towards obtaining their personal information including bank account information, payment card numbers, and other confidential data or attract them towards clicking the links that could destroy their systems with malware.
According to Google Product Manager and DMARC Representative, Adam Dawes one of the worst experience of compromise is being phished. However, he sorted out the best method of protecting oneself is to restrict it from reaching the spam folder, as reported in WIRED on January 29, 2012.
Sophisticated technologies widely being used in protecting e-mails and identifying the message sender includes digital signatures that can be applied to a large extent towards combating spams. However, spammers hardly authenticate the messages that they send, which again compels recipients towards accepting the spam and befall the trap.
Taking into consideration the flaws in the system, the new approach bags the usage of two latest technologies for authenticating e-mails, including SPF and DKIM, which are yet to be adapted on a large scale.
According to Brett McDowell, Security Manager at PayPal serving as chairman of the Group developing new standard, on event of receipt of an e-mail by Yahoo or Google, claiming to be sent by PayPal is not delivered until not authenticated properly with SPF or DKIM. However, the incompetency of the system includes its incapability to restrict the delivery, on occasions of spoofed mails from PayPal or similar, as per news in moneycontrol on January 30, 2012.
To conclude, McDowell however acknowledged that even if every e-mail could be authenticated, the system would still not be able to combat fraud totally. Nevertheless, it calls for spammers towards finding new addresses for carrying out the legacy of spam.
Related article: Celebrity Image Used For Spamming Once Again
» SPAMfighter News - 07-02-2012