Rooting out fraudulent e-mail by way of authentication

Share this content:

Despite marketers' best intentions to weed out e-mail spam, they are sometimes the victim of phishing or spoofing campaigns whereby a spammer uses their information to send fake e-mails to consumers, sullying their name and customer goodwill. The task of rooting out such spam often falls to the service providers, such as Google and Yahoo, but these services are far from fool-proof.

On Monday, Return Path rolled out a service designed to give marketers more control over this process. “Domain Assurance” is an e-mail authentication service designed to prevent phishing or spoofing e-mail from reaching the inbox. The service conducts a companywide e-mail domain audit to ensure each sender within the company – whether mailing transactional, marketing or corporate e-mail – is authenticated. These “authenticated” domain names then go into a registry that the Internet service providers (ISPs) and other e-mail inbox providers can access to determine whether the e-mail headed to your inbox is coming from the company it says it is. If anything looks remiss, i.e., the domain name is incorrect, the service provider can block the e-mail from the intended victim's inbox.

The service, which Return Path first debuted in beta last June, also provides clients with alerts about fraudulent e-mails and other e-mail intelligence on phishing and other scams related to their domain.

“We're using it to instill trust in our card holders, and if people trust our messages they're more likely to take an action,” said Nathan Fehler, e-mail marketing manger at prepaid debit card issuer NetSpend, a Domain Assurance user. “It alerts you to internal set up challenges or issues, as well as external threats.”

Financial services companies can be particularly prone to such e-mail phishing scams, noted Sam Masiello, Return Path's general manager and chief security officer who joined the company this month from McAfee. However, interest in Domain Assurance has come from a swath of industries, he said, including daily deal sites, large gaming companies and large hotel companies.

“Phishing and spoofing is a huge problem,” he said. “It can cause huge damage to a brand's reputation.”

Return Path also said Google is working with the program, in addition to Yahoo, Tucows and Cloudmark.

Fehler pointed out that the task of blocking fraudulent e-mail typically sits with the ISP, but NetSpend has additional protections in place through Domain Assurance.

“The ISPs are supposed to be doing this on their own,” he said. “They should be doing this, but a lot of it is falling through.”

Anne Mitchell, CEO and president of the Institute for Social Internet Public Policy (ISIPP), which offers e-mail accreditation services through its SuretyMail, suggested NetSpend might be in the minority when it comes to taking its e-mail marketing to this level of assurance.

“The people who care about the actual authentication of sending systems, it's not the marketers that care about that, it's the receivers,” she said. “That's because they're the ones being deluged with this incoming e-mail and they need a way to quickly differentiate, to triage, ‘Which ones should we pay attention to?'”

SuretyMail authenticates its customers' e-mail in a three-step process whereby the provider can look for the domain name and its corresponding IP address, as well as an IP address embedded in the e-mail's sending header. It works with “all the major ISPs,” according to Mitchell.

“So someone can spoof one of those things but not all three of those,” she added. “It's a system of checks and balances.”

Sign up to our newsletters

Company of the Week

Since 1985, Melissa has helped thousands of companies clean, correct and complete contact data to better target and communicate with their customers. We offer a full spectrum of data quality solutions, including global address, phone, email, and name validation, identify verification - available for batch or real-time processes, in the Cloud or on-premise. Our service bureau provides dedupe, email/phone append and geographic/demographic append services for better targeting and insight. For direct mailers, Melissa offers easy-to-use address management/postal software, list hygiene services and 100s of specialty mailing lists - all with competitive pricing and excellent customer service.

Find out more here »

Career Center

Check out hundreds of exciting professional opportunities available on DMN's Career Center.  
Explore careers in digital marketing, sales, eCommerce, marketing communications, IT, data strategies, and much more. And don't forget to update your resume so employers can contact you privately about job opportunities.

>>Click Here

Relive the 2017 Marketing Hall of Femme

Click the image above