Rooting out fraudulent e-mail by way of authentication

Share this content:

Despite marketers' best intentions to weed out e-mail spam, they are sometimes the victim of phishing or spoofing campaigns whereby a spammer uses their information to send fake e-mails to consumers, sullying their name and customer goodwill. The task of rooting out such spam often falls to the service providers, such as Google and Yahoo, but these services are far from fool-proof.

On Monday, Return Path rolled out a service designed to give marketers more control over this process. “Domain Assurance” is an e-mail authentication service designed to prevent phishing or spoofing e-mail from reaching the inbox. The service conducts a companywide e-mail domain audit to ensure each sender within the company – whether mailing transactional, marketing or corporate e-mail – is authenticated. These “authenticated” domain names then go into a registry that the Internet service providers (ISPs) and other e-mail inbox providers can access to determine whether the e-mail headed to your inbox is coming from the company it says it is. If anything looks remiss, i.e., the domain name is incorrect, the service provider can block the e-mail from the intended victim's inbox.

The service, which Return Path first debuted in beta last June, also provides clients with alerts about fraudulent e-mails and other e-mail intelligence on phishing and other scams related to their domain.

“We're using it to instill trust in our card holders, and if people trust our messages they're more likely to take an action,” said Nathan Fehler, e-mail marketing manger at prepaid debit card issuer NetSpend, a Domain Assurance user. “It alerts you to internal set up challenges or issues, as well as external threats.”

Financial services companies can be particularly prone to such e-mail phishing scams, noted Sam Masiello, Return Path's general manager and chief security officer who joined the company this month from McAfee. However, interest in Domain Assurance has come from a swath of industries, he said, including daily deal sites, large gaming companies and large hotel companies.

“Phishing and spoofing is a huge problem,” he said. “It can cause huge damage to a brand's reputation.”

Return Path also said Google is working with the program, in addition to Yahoo, Tucows and Cloudmark.

Fehler pointed out that the task of blocking fraudulent e-mail typically sits with the ISP, but NetSpend has additional protections in place through Domain Assurance.

“The ISPs are supposed to be doing this on their own,” he said. “They should be doing this, but a lot of it is falling through.”

Anne Mitchell, CEO and president of the Institute for Social Internet Public Policy (ISIPP), which offers e-mail accreditation services through its SuretyMail, suggested NetSpend might be in the minority when it comes to taking its e-mail marketing to this level of assurance.

“The people who care about the actual authentication of sending systems, it's not the marketers that care about that, it's the receivers,” she said. “That's because they're the ones being deluged with this incoming e-mail and they need a way to quickly differentiate, to triage, ‘Which ones should we pay attention to?'”

SuretyMail authenticates its customers' e-mail in a three-step process whereby the provider can look for the domain name and its corresponding IP address, as well as an IP address embedded in the e-mail's sending header. It works with “all the major ISPs,” according to Mitchell.

“So someone can spoof one of those things but not all three of those,” she added. “It's a system of checks and balances.”

Sign up to our newsletters

Company of the Week

We recently were named B2B Magazine's Direct Marketing Agency of the Year, and with good reason: We make real, measureable, positive change happen for our clients. A full-service agency founded in 1974, Bader Rutter expertly helps you get the right message to the right audience at the right time through the right channels. As we engage our clients' audiences along their journey, direct marketing (email, direct mail, phone, SMS) and behavioral marketing (SEM, retargeting, contextual) channels deliver information relevant to the needs of each stage. We are experts at implementing and leveraging marketing technologies such as CRM and marketing automation in order to synchronize sales and marketing communications. Our team of architects and activators plan, execute, measure and adjust in real time to ensure the strategy is working as needed and change things if it's not.

Find out more here »

Career Center

Check out hundreds of exciting professional opportunities available on DMN's Career Center.  
Explore careers in digital marketing, sales, eCommerce, marketing communications, IT, data strategies, and much more. And don't forget to update your resume so employers can contact you privately about job opportunities.

>>Click Here

Relive the 2017 Marketing Hall of Femme

Click the image above