eBay, PayPal, And Yahoo Join To Fight Phishing

eBay, PayPal and Yahoo have begun collaborating to keep Yahoo Mail customers safe from phishing by using Yahoo's Domain Keys technology in the U.S. to block e-mail messages that claim to come from eBay or PayPal. Yahoo expects to make the system available globally in the next few weeks.

Domain Keys was developed by Yahoo as a way to make sure that e-mail comes from where it says it comes from. In May, the Internet Engineering Task Force adopted the DomainKeys Identified Mail, which incorporates Cisco's Identified Internet Mail system, specification as a Proposed Standard. With the aim of fraud and theft, phishers use fake e-mails to convince the receiver that information is required for their eBay, PayPal or similar account and to click on links that lead to phony Web sites where they then typically enter personal or account information and passwords.

News source: InformationWeek

Report a problem with article
Previous Story

Senate adds $1 billion to NASA budget

Next Story

Wi-fi sharing plan launched in UK


Commenting is disabled on this article.

Duh! I receive lots of these phishing emails, but they usually come from numerical domains, with /ebay or /paypal tacked on. The problem is the gullibility of the people who respond, usually thinking they are getting something for nothing. Deal with human greed first, and the email system will take care of itself.

While this sounds like a good idea I can see two immediate concerns.

1) Why do we need yet another "standard" for email authentication? What's wrong with S/MIME or GPG? Most email clients already support S/MIME and a few have plugins or extensions for GPG.

2) Many email clients do not display the email address but the sender's name instead. Those people who are likely to fall for phishing attempts will likely be the same people who would not think to check the email address.

Sweet! Although I don't think I've received a fake eBay or PayPal email since last year.... so they must be doing something right.