Cyber fraudsters are devising
various ways of launching attack on unsuspecting victims. This time they are
forging email header and even mimicking one’s contact to look as if such a mail
is coming from your contacts. They have already phish(disguising as an official
mail) Yahoo mail, Google mail and other free email providers. This has been a
source of worry to these free email service providers as many users lose access
to their accounts including other intrinsic damages to the users.
In cutting the excesses of these
fraudsters, Google has announced recently that it is transitioning to the
strictest setting of the anti-phishing and spam tool “DMARC”
(Domain-based Message Authentication, Reporting, and Conformance), stating the
transition to a DMARC policy of "reject" would occur in June 2016. DMARC's
anti-phishing and anti-spam functions work by authenticating messages with their
sources, so that email with parody headers would be rejected. DMARC policy
settings range from "none", used as an initial gateway into the
protocol, meaning that no actions are taken regarding delivery of the messages
flagged, though they may be reported. Under the intermediate "quarantine"
policy, the mail receiver reports messages that fail to authenticate as
suspicious and place them in a spam folder or flags them for further
examination. Google is transitioning to the strictest setting,
"p=reject", which means the recipient rejects any messages that fail
to authenticate.
DMARC depends on two older tools
for authenticating messages as having originated from the domain in the From:
header of the message: the Domain Keys Identified Mail (DKIM), which makes it possible to cryptographically
authenticate that a message originated from the From: address in the message
header; and the Sender Policy Framework (SPF), which gives large mailbox providers a way for recipients
to determine whether or not a host that has forwarded mail is authorized to do
so.
Yahoo and AOL moved to the
strictest DMARC policy setting
in April 2014, and also recently Yahoo announced they would transition its
Rocketmail and Ymail services to that policy starting this November 2015. When
AOL followed Yahoo's move to the stricter policy last year, there were some
glitches in the transition. Some legitimate senders, such as email distribution
list services and websites that forward messages on behalf of their users, were
having messages flagged and rejected, but the relatively simple fixes mostly
involved making sure that messages were not sent with forged headers indicating
inaccurate message sourcing.
This proposed policy Google is
about to adopt will make it very difficult for spammers and hackers to mimic an
organization or individual headers in their nefarious act. It also avail the
recipient the opportunity to report suspicious mail for further action by
Google. It was reported that some hackers who used email parody to forge emails
and launch attacks in the pretence that such mail is coming from Yahoo account
were almost apprehended.
No comments:
Post a Comment