Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity

    Spam Tools Take on Anti-Fraud Chores

    By
    Cameron Sturdevant
    -
    June 20, 2005
    Share
    Facebook
    Twitter
    Linkedin

      Even as some e-mail sender authentication schemes appeared stalled by implementation problems, participants at Inbox, the pre-eminent e-mail confab held earlier this month in San Jose, Calif., discussed server-to-server message authentication mechanisms and focused discussions on ways to combat phishing.

      Less high-profile, but just as important to IT managers—especially in light of regulatory requirements—are e-mail storage and archiving technologies, which were also explored at the conference. The first principle of e-mail storage—that junk e-mail should be stopped at the perimeter before it is delivered to in-boxes—hasnt changed. But figuring out the best place to store delivered e-mail remains an open question at many organizations.

      One bright spot at a conference dominated by messages of doom and gloom came from Bank of America. The banks report on its implementation of SPF (Sender Policy Framework) was good news because it shows that a large financial institution has started taking steps toward trying to stop the growing threats of phishing and pharming. Because these schemes can cost businesses vast amounts of money, not to mention their potential to erode customer confidence, other companies will no doubt be joining the fight.

      The next step will be using authentication to build reputation.

      Just prior to the conference, Bank of America announced SiteKey, a new Web site authentication service. The service, which is scheduled for phased release starting this month, aims to make it easier for users to know when they are really using Bank of Americas Web sites and thereby avoid being taken in by phishing scams.

      /zimages/1/28571.gifClick here to read more about Bank of Americas use of SPF and SiteKey to stop phishing and pharmers.

      Two similar server-to-server message authorization and authentication standards are about to join forces. Announced at Inbox, the newly minted DKIM (DomainKeys Identified Mail) is the result of Yahoo Inc. merging its DomainKeys with Cisco Systems Inc.s Identified Internet Mail. DKIM, which has been submitted to the Internet Engineering Task Force, uses public-key cryptography and DNS (Domain Name System) infrastructure, along with upgraded e-mail MTA (Message Transfer Agent) servers, to strengthen e-mail message authenticity.

      Yahoos DomainKeys and Ciscos Identified Internet Mail are conceptually similar, according to Miles Libbey, anti-spam product manager at Yahoo.

      “The technology is available today, and while there will be slight tweaks to the specification as DomainKeys evolves to DKIM, the core technology pieces that enterprises can put in place will be the same from DomainKeys today to DKIM tomorrow,” said Libbey.

      Next page: No-spam, no-phish diet.

      Page Two

      Message technology companies that process, protect, store and filter e-mail, instant messages and, soon, SMS (Short Message Service) and possibly VOIP (voice over IP) messages are moving from plain old spam fighting to providing anti-fraud protection. What eWEEK Labs observed at the conference confirmed that no really new anti-spam technologies lie ahead. Instead, anti-spam vendors are offering beefed-up e-mail authentication and sender-reputation services. Reputation services verify that digital message senders are good, bad or unknown based on a senders e-mail transmission patterns and practices.

      If senders obey laws (including the CAN-SPAM Act), send mail that is likely to be of interest to recipients and allow receivers to opt out, they will generally be categorized as good. ISPs will also likely vet senders to ensure that senders arent consuming undue bandwidth.

      The future of reputation services was a hot topic at Inbox, but a more pressing problem, phishing, got the most attention at the show. Phishing uses e-mail to direct users to fake Web sites that imitate commerce sites. Once at the fake site, users are enticed to turn over identity and account data, which often is used to promptly steal money from users.

      According to Oliver Friedrichs, senior manager at Symantec Corp.s Security Response Center, which screens approximately 25 percent of worldwide Internet e-mail messages, phishing e-mail increased from 9 million messages per week in July 2004 to about 33 million messages per week by December 2004. Further, representatives from Symantecs Brightmail Inc. unit said that 54 percent of nefarious code captured is e-mail with a malicious payload, such as a keylogger or back door, that can access confidential data.

      The increase in malicious code that will likely infect corporate computers should be a key concern for IT managers. As phishers accumulate sensitive corporate data, it is likely only a matter of time before this data is used for financial gain.

      Phishing isnt the only malware IT managers need to worry about. Pharming—where hackers exploiting weaknesses in the DNS infrastructure can redirect traffic intended for a real domain to a fake site—surfaced at the end of last year. And in the not-too-distant future, threats that combine phishing with pharming, in which bogus e-mail entices users to visit pharmed sites, are likely to outstrip phishing alone as a major problem for e-commerce, said experts at Inbox. “The reason pharming will exist in the future, and will eventually take over from phishing, is stealth,” said Scot Chasin, chief technology officer of e-mail security company MXLogic Inc., during an Inbox seminar.

      /zimages/1/28571.gifClick here to read more about pharming.

      “The attackers dont want to be caught, Chasin said. “Sending out millions of e-mail messages that pose as a financial [as phishers do] arouses suspicion. The idea of [pharming] crimes is to create stealth.” Instead of sending millions of messages indiscriminately, pharmers send carefully crafted e-mails that tempt users to go to Web sites and divulge personal data. While no studies were cited, Inbox attendees said phishing/pharming campaigns have a much higher potential payoff than is normally associated with typical spam campaigns.

      For IT managers, this means anti-spam tools will need to catch specially crafted messages sent at much lower volumes—thousands of messages rather than millions. This attack will likely require more user training on spotting fake Web sites, protecting personal data and keeping malware off corporate computers.

      Finally, although sessions on storage were a small subset of the shows offerings, they raised some of the most interesting technical questions. Aside from determining where and how to store e-mail information, the clear trends show that large amounts of corporate intellectual property are stored in e-mail systems. This raises questions that IT should list among its strategic concerns.

      Labs Technical Director Cameron Sturdevant can be reached at [email protected]

      /zimages/1/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Avatar
      Cameron Sturdevant
      Cameron Sturdevant is the executive editor of Enterprise Networking Planet. Prior to ENP, Cameron was technical analyst at PCWeek Labs, starting in 1997. Cameron finished up as the eWEEK Labs Technical Director in 2012. Before his extensive labs tenure Cameron paid his IT dues working in technical support and sales engineering at a software publishing firm . Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his analysis is grounded in real-world concern. Follow Cameron on Twitter at csturdevant, or reach him by email at [email protected]

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×