Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Phishing

Return Path Helps Detect Spoofed Addresses Beyond Brands’ Control

Return Path, a provider of email intelligence and anti-phishing solutions, this week announced that its has expanded the features of its Anti-Phishing Solutions to enable brand owners to combat phishing attacks from all email domains, including those beyond their control.

Return Path, a provider of email intelligence and anti-phishing solutions, this week announced that its has expanded the features of its Anti-Phishing Solutions to enable brand owners to combat phishing attacks from all email domains, including those beyond their control.

The updated solution helps identify fraudulent email from similar domains designed to trick users by using close variants of brand names, and from domains entirely unrelated to the brands being targeted in phishing or spoofing attacks.

According to Return Path, of the types of phishing attacks that target consumers on a daily basis, most fall into this category – not appearing to come from targeted brands’ addresses.

“This new capability provides companies with visibility into the entire spectrum of phishing attacks against their brands,” the company explained. “It complements traditional authentication-based solutions such as DMARC, which offer visibility into fraudulent email appearing to originate from a company’s own sending domains.”

Return Path said that more than half of phishing attacks against its clients’ brands appear to come from domains beyond their control.

“Authentication-based solutions have shown great promise to help stop phishing attacks targeting brand owners’ top level domains, but attacks targeting external domains continue to grow, creating a significant threat to consumers, the foundation of online trust,” said Craig Spiezle, Executive Director and President of the Online Trust Alliance.

“Now brands can detect and mitigate attempts to use their names to deceive consumers through email regardless of where the messages appear to come from,” said Ken Takahashi, general manager of Anti-Phishing Solutions at Return Path. “Phishing is a security problem, but solving it isn’t a conventional security challenge, it’s a big data challenge.”

When Return Path detects an attack, the company said it immediately details the duration and size of the attack, and connects brand owners to takedown protocols that can help stop the abusive mail and create documentation to support proactive measures, including prosecution of abusive operators.

Return Path’s anti-phishing solution was developed in conjunction with brands in the financial services, social networking, and retail industries, the company said.

Written By

Click to comment

Expert Insights

Related Content

Nation-State

The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Cyberwarfare

The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Phishing

The Single Most Important Part of Dealing with a Phishing Attack is Preparing for the Attack Before it Actually Happens.

Phishing

The easiest way for a cyber-attacker to gain access to sensitive data is by compromising an end user’s identity and credentials. Things get even...

Application Security

Software maker Adobe on Tuesday released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...