Application security, Threat Management, Malware, Phishing

Online auction site goes to war on spam

Google and eBay have joined forces to protect users from spam and malicious emails by leveraging an authentication technology called DomainKeys.

The development will mean fewer fake emails claiming to be sent by eBay and subsidiary PayPal, according to Google.

The two companies are, far and away, the most phished brands, accordingto a study released last fall by PhishTank, a clearinghouse forphishing sites. And according to the spring 2008 "Brandjacking Index" from MarkMonitor, phishing attacks against auction brands made up 60 percent of all phishing attacks in this year's first quarter.

“We're always looking for ways to eliminate unwanted email from our users' inboxes," Brad Taylor, senior staff software engineer in charge of Gmail's anti-spam efforts said in a statement this week. "Phishing is an especially nasty form of spam, so we appreciate having another weapon in our arsenal against it. We're glad to be working with eBay and PayPal to protect our users.”

DomainKeys technology adds another layer to spam and phishing protection by enabling internet service providers to see whether messages are real and that they should be delivered to a customer's inbox.

It cryptographically verifies the domain of email senders -- that is, it allows e-mail providers to validate an email's originating domain, making use of blacklists and whitelists more effective.

“The Gmail team's decision to work with eBay and PayPal on this issue is a significant step forward in our fight to keep consumers safe from phishing and cybercrime,” said Michael Barrett, chief information security officer of PayPal, in a statement.

Yahoo signed a similar agreement nine months ago.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.