Archive for the 'DomainKeys' Category

Holiday coupon phishing scams

Thursday, December 6th, 2007

859179849_bf878c8116_m.jpgThe Associated Press is warning email users yesterday to be wary of coupons that they have received via email.

Instead of money saving deals, e-mailed coupons could lead recipients into “phishing” schemes where the consumer is redirected to a copycat site, whose real purpose is to siphon the user’s credit card information, passwords and other financial data, IBM Corp. security executive Christopher Rouland warned.

If you are a Boxbe member and have approved email from say, messages from a an address that claims to be from Amazon, but really aren’t, won’t make it through to your inbox.

Boxbe uses two email authentication methods (DKIM and SPF) to verify that the emailer is who they claim to be. DKIM and SPF are two email authentication standards backed by Google, Microsoft, Yahoo!, and AOL. Boxbe blocks messages that come from senders who claim to be someone that they are not

Be safe out there this holiday season and let us worry about your email.

image from Flickr user skrewtape.

DKIM gets IETF approval

Thursday, May 24th, 2007

218948748_36df4c81df_m.jpgA few days ago, Domain Keys Identified Mail or DKIM, was approved by the Internet Engineering Task Force (IETF). DKIM is one of the standards that we use at Boxbe to keep your email safe from phishing attacks and fake emails in general.

What is DKIM?

From Yahoo:

DKIM is an email authentication framework that addresses the widespread issue of email forgery, using cryptography to verify the domain of the sender. It allows email providers to validate an email’s originating domain, making use of blacklists and whitelists more effective. It also makes phishing attacks easier to detect by helping to identify abusive domains.

DKIM is good for the internet and will help detect forged email addresses. However, DKIM alone won’t stop spam originating from non-faked addresses nor will it stop other forms of unwanted email. Email expert Richi Jennings says “At best, they give a partial indication whether a message is spam or not, but their main use is to allow recipients to look up the reputation of the sending domain.”

The UK’s PC Advisor says “To make it work, DKIM now has to be adopted and incorporated by independent software vendors into their email applications and related infrastructures.”

That said, this is a step forward in stopping phishing schemes and other illegal activities that originate from non-authenticated senders and we are happy to see the DKIM standard approved and hopefully more widely adopted.

More about DKIM

DKIM Workgroup
Yahoo! Anecdotal

More discussion of the standard approval

Promising antispam technique gets nod – CNET News
IETF backs new cryptographic scheme to battle the effects of spam – Ars Technica
Junked: Is this the end of spam and spoof email? –
Bye Bye Spam and Phishing with DKIM? –
New Spec Could Cut Phishing, Spam – Dark Reading
IETF approves DKIM to fight spam and phishing – A Canadian Geek
Why DKIM will fail – Spin on Cue
Promising new anti-spam techique gains key approval – Geeks Are Sexy

photo from Flickr user lordcuauhtli

What is phishing?

Friday, February 16th, 2007

In an earlier post, I mentioned a spammer who was phishing getting convicted and facing up to a 101 years in prison as a result. But what exactly is phishing?


Photo by Flickr user thermodynamix

Wikipedia defines phishing as

“a criminal activity using social engineering techniques. Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication. Phishing is typically carried out using email or an instant message, although phone contact has been used as well. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, and technical measures.”

In a nutshell, phishing is something criminals do to trick people into giving them sensitive information. The stolen information is then used by the criminal for further illicit activities.

Boxbe and phishing

So, what does Boxbe do about phishing? First, the only email that you receive when using Boxbe is from senders that you have approved, have passed a human test or have paid a fee. Second, we use two emerging industry standards, SPF and DomainKeys to increase the likelihood that the sender isn’t spoofing or faking their email address.

Is it a 100% solution? No. Unfortunately, we can’t guard against all forms of social engineering or deception. What we can do is guard against emails from entering your inbox that make false claims as to their point of origin. The rest is up to you.

Learn more about phishing

We suggest that everyone educate themselves against phishing. Here are some great places to learn more about phishing: