Return Path Launches Domain Assurance, An Anti-Phishing Service
New Return Path Data Reveals Many Reputable Email Senders Continue to Struggle With Email Authentication, Leaving Their Brand Vulnerable
New York, NY – February 22, 2011 Today Return Path, the world’s leading email certification and reputation management services company, announced the full commercial launch of its anti-phishing service, Domain Assurance. Return Path is also announcing that Google has joined Yahoo!, Tucows, and Cloudmark in supporting Domain Assurance as an innovative way to reduce phishing and spoofing on the front line of the attacks.
According to RSA, more than 260 million malicious emails are sent to consumers every day pretending to be from a trusted company in an attempt to lure them into downloading malware or inputting private account information into fraudulent websites. These attacks make the email channel less secure, decreasing consumer trust in all commercial email.
There are also direct costs incurred, particularly by financial services companies who often bear the cost when fraud is perpetuated against their customers. Gartner estimates that the direct costs of repairing the damage from phishing and spoofing are $3.6 billion annually.
“Phishing and spoofing attacks destroy consumers trust in email and are no longer limited to a particular industry. We’ve detected phishing attacks against e-commerce, travel and social networking, in addition to the expected targets in financial services. Basically, any brand that is a household name, has become a target for phishing,” said George Bilbrey, President, at Return Path. “Currently companies can only react to a phishing attack, Domain Assurance changes the game by blocking phishing emails before they get delivered to the customer mailbox.”
“Google’s Gmail service has supported several email authentication standards since it began in 2004, and we’ve developed anti-phishing features that help protect millions of users every day,” said Google Product Manager, Adam Dawes. “Return Paths’ commitment to helping organizations authenticate their outgoing mail more easily is a positive step toward further reducing phishing and other fraudulent email.”
How Domain Assurance Works: Blocking Malicious Email
Domain Assurance helps protect companies from being spoofed and phished by blocking fraudulent emails before they reach the consumer’s inbox.
With Domain Assurance, email senders first have their domains audited to be sure they are properly authenticated. Email authentication methods like SPF and DKIM are industry-accepted standards that confirm the identity of the sender of the email. In the Domain Assurance Dashboard, email senders can review authentication results from Return Path’s mailbox provider partners and the proprietary ISP-based Return Path Reputation Network. Senders can readily detect any malicious activity and initiate a proactive course of action to mitigate any damage.
Additionally, senders can validate email authentication results across all the email sent under their domains, including transactional, marketing, and corporate.
Once the sender has ensured that all their email is being authenticated, they can add their domains and sub-domains to the Domain Assurance Registry list for ISPs to automatically reject all mail coming from these registered domains that fail authentication. Email senders using Domain Assurance have access to rich data reports about their email, get alerted when fraudulent emails using their domains are observed, and are provided with email intelligence on attackers and phishing URLs so they can initiate the take down of fraudulent websites.
Email Senders Continue To Struggle With Authentication Leaving Their Brands Wide Open to Phishing Attacks According to New Return Path Data
Despite the importance of authentication to protect their outbound emails, even email senders with generally good reputation metrics struggle with implementing the protocols leaving their brands open to spoofing and phishing attacks. Return Path research found that little more than half of IPs with Sender Scores over 80 passed DKIM. Even fewer about 34% — of IPs in that range passed SPF. IPs with high Sender Scores have low complaint rates, low unknown user rates, stable sending volumes and rarely hit spam traps. By all measures they represent the best email senders.
About Return Path
Return Path makes email work better. We certify email senders from around the world. Our trusted sender registry protects brands and retains trust in the email channel. We help marketers, publishers and other large-volume email senders increase their response rates by providing the world’s leading inbox deliverability solution. Return Path helps mailbox providers and email administrators at ISPs and enterprises block unwelcome and malicious email by providing near real-time IP reputation scores and other data-driven tools. Taken as a whole, these tools and services improve the consumer experience of email by protecting them from spam, phishing and other abuse. Return Path offers free access to Sender Score, the email reputation measure compiled through our cooperative data network of ISPs and other email receivers, at our reputation portal senderscore.org. Information about Return Path can be found at returnpath.com.