Google, Microsoft, Yahoo!, AOL and Facebook are setting aside their online rivalry to fight a common enemy: email spam and “phishing” attacks.
The Web giants said Monday they have teamed up with Bank of America, PayPal and others to combat spam and phishing, where emails seeking to obtain passwords or other information are sent to unsuspecting recipients.
Following 18 months of private collaboration, they’ve announced the formation of a technical working group known as DMARC.org, drawn from the acronym for Domain-based Message Authentication, Reporting and Conformance.
“Email phishing defrauds millions of people and companies every year, resulting in a loss of consumer confidence in email and the Internet as a whole, industry cooperation — combined with technology and consumer education — is crucial to fight phishing,” said Brett McDowell, the chair of DMARC.org and senior manager of customer security initiatives at PayPal.
The members of DMARC are proposing email authentication standards for email senders and receivers designed to make impersonation more difficult for the fraudsters behind phishing attacks.
Currently, email providers must rely on “complex and imperfect measurements to separate legitimate unauthenticated messages sent by the domain owner from fraudulent phishing messages sent by a scammer.
By introducing a standards-based framework, DMARC has defined a more comprehensive and integrated way for email senders to introduce email authentication technologies into their infrastructure.
AOL, Google, Microsoft and Yahoo!, the leading email providers, are members of DMARC.org along with Bank of America, Fidelity Investments, PayPal, American Greetings, Facebook, LinkedIn and email security providers Agari, Cloudmark, eCert, Return Path and Trusted Domain Project.
