If you're new to Cheap Hosting Directory, you may want to subscribe to our RSS feed. Thanks for visiting!

Tacoma, Washington - (Cheap Web Hosting Directory) - April 18, 2006 - According to new research conducted by anti-phishing services provider, Internet Identity, revealed that 88 percent of all phishing attacks forge the target company’s domain name in the ”from” address.

The study also indicates that almost all of the remaining messages used related domains, like pay-pal.org instead of paypal.com, in bait e-mails designed to lure victims to phishing web sites.

The study looked at phishing e-mails from over 1,000 different attacks launched against more than 60 targeted brands from February 1 to April 10, 2006.

Internet Identity performed the study in its ongoing efforts to better protect its banking and e-commerce clients and to help add to the general anti-phishing community knowledge base.

The results were somewhat surprising since existing, inexpensive e-mail authentication technologies can easily detect such spoofing, and since using the targeted company’s domain name to send phishing lure e-mail will quickly alert an attentive company to the attack.

Rod Rasmussen, Director of Operations at Internet Identity commented, ”There are three immediate and useful take-aways from these results. First, widespread adoption of e-mail authentication by ISPs and companies could virtually stop phishing e-mail as it currently is practiced. Second, phishing targets today can learn about almost all new attacks immediately just by watching the messages that are bounced back to their own mail servers. Third, phishing targets need to control the core domains around their main domain name to prevent their use in phishing.”

Microsoft Corp. has proven these three points by reducing phishing attacks against its brands by more than 80 percent during the past year. Craig Spiezle, Director of Microsoft’s Technology Care and Safety Group explained, ”By implementing Sender ID in MSN Hotmail, we now have a mechanism to verify our brand identity to help customers know when e-mail from MSN is actually coming from MSN, and it’s had a significant impact on our efforts to keep phishing scams out of customers’ inboxes. In addition, we are working to aggressively detect and shut down new phishing sites that spoof our brands and are working with leading organizations like Internet Identity on our domain defense programs to help further protect our brands from online threats.”

The release of the study results coincides with the Anti-Phishing Working Group Spring General Meeting today, and the E-Mail Authentication Summit 2006 on April 19. Both events take place at the Hilton Hotel in downtown Chicago, Illinois.

As an active participant in both industry groups, Internet Identity will also be showcasing at both events its RealPhish real-time feed of URLs of 100 percent verified phishing web sites.

Mr. Rasmussen concluded, ”Today, Internet Identity’s RealPhish data enables ISPs, anti-spam vendors and web browser toolbar makers to immediately obstruct delivery of phishing e-mails and block access to phishing web sites with complete confidence. We look forward to in-depth discussions with the other attendees at both conferences on how best to rid the world of phishing and other email threats.”

To learn more about the Email Authentication Summit 2006, please visit: www.emailauthentication.org/summit2006.

For more information about the Anti-Phishing Working Group meeting, please visit: www.antiphishing.org/events/2006_springGeneralMeeting.html.

Related posts brought to you by Yet Another Related Posts Plugin.