The companies will use Yahoo's Domain Keys technology to block e-mail messages that claim to come from eBay or PayPal but really originate elsewhere.

Thomas Claburn, Editor at Large, Enterprise Mobility

October 4, 2007

2 Min Read

eBay, PayPal and Yahoo said on Thursday that they have begun collaborating to keep Yahoo Mail customers safe from phishing.

Phishers use forged e-mail messages that purport to come from brand name services like eBay or PayPal to dupe computer users into clicking on Web links that lead to phony Web sites. Unsuspecting consumers may then enter personal or account information and passwords under false pretenses. Phishers typically use this information for fraud or theft.

To prevent phishing messages from reaching users of Yahoo Mail, the companies are now using Yahoo's Domain Keys technology in the U.S. to block e-mail messages that claim to come from eBay or PayPal but really originate elsewhere. Yahoo expects to make the system available globally in the next few weeks.

Domain Keys was developed by Yahoo as a way to make sure that e-mail comes from where it says it comes from. In May, the Internet Engineering Task Force adopted the DomainKeys Identified Mail (DKIM), which incorporates Cisco's Identified Internet Mail system, specification as a Proposed Standard.

Dave Cullinane, chief information security officer at eBay, described the effort as a significant milestone in the effort to protect eBay and PayPal customers.

"[W]e hope today's news gets the attention of information security officers at some of the more obvious phishing targets so we can help protect even more consumers from the havoc these scams wreak," said Nick Dugan, blog editor for Yahoo's Yodel Anecdotal blog. "We're already actively working with many financial institutions, for example, and hope to continue the momentum."

In June, the Anti-Phishing Working Group, a consortium of organizations opposed to cyber crime, reported 31,709 unique phishing Web sites. About 95% of phishing attacks that month targeted financial services companies.

About the Author(s)

Thomas Claburn

Editor at Large, Enterprise Mobility

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful master's degree in film production. He wrote the original treatment for 3DO's Killing Time, a short story that appeared in On Spec, and the screenplay for an independent film called The Hanged Man, which he would later direct. He's the author of a science fiction novel, Reflecting Fires, and a sadly neglected blog, Lot 49. His iPhone game, Blocfall, is available through the iTunes App Store. His wife is a talented jazz singer; he does not sing, which is for the best.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights