ID is key in phishing battle

How do we defend against growing fraud on the internet? Many organizations post phishing and education alerts on their websites, but more robust approaches are necessary to mitigate the risk.

Sender authentication tools are available for email users that screen incoming email against authorized sender lists (whitelists), making sure that the sender is who they claim to be.

Some of these tools also provide disposable email addresses that may have whitelists associated with each address. This lets the user stop spam if the disposable email address is compromised.

There have been two main competing forces lobbying for an industry standard for reducing spam and better domain authentication. They are Microsoft's Sender ID Framework and SPF, and Yahoo! and Cisco's DomainKeys Identified Mail (DKIM).

The Sender ID Framework validates the domain, where the receiver queries the outbound email server of the chosen domain and performs a domain spoofing test. It does not determine whether the domain is "good" or "bad," so if a spammer properly registers with DNS they will be considered a valid domain.

DKIM uses cryptography-based authentication, adding a public key to the DNS record. It validates the message, not just the path, and is extensible from a domain approach to a per-user signing approach.

Implementation of either approach requires thoughtful planning and changes to the DNS record. SPF standards are available now and DKIM will be available in 2006.

But don't lower your guard too early. The one thing you can be sure of is that the cybercriminals will continue to find new ways to perpetrate fraud.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.