Return Path Helps Detect Spoofed Addresses Beyond Brands’ Control

Return Path, a provider of email intelligence and anti-phishing solutions, this week announced that its has expanded the features of its Anti-Phishing Solutions to enable brand owners to combat phishing attacks from all email domains, including those beyond their control.

The updated solution helps identify fraudulent email from similar domains designed to trick users by using close variants of brand names, and from domains entirely unrelated to the brands being targeted in phishing or spoofing attacks.

According to Return Path, of the types of phishing attacks that target consumers on a daily basis, most fall into this category – not appearing to come from targeted brands’ addresses.

“This new capability provides companies with visibility into the entire spectrum of phishing attacks against their brands,” the company explained. “It complements traditional authentication-based solutions such as DMARC, which offer visibility into fraudulent email appearing to originate from a company’s own sending domains.”

Return Path said that more than half of phishing attacks against its clients’ brands appear to come from domains beyond their control.

“Authentication-based solutions have shown great promise to help stop phishing attacks targeting brand owners’ top level domains, but attacks targeting external domains continue to grow, creating a significant threat to consumers, the foundation of online trust,” said Craig Spiezle, Executive Director and President of the Online Trust Alliance.

“Now brands can detect and mitigate attempts to use their names to deceive consumers through email regardless of where the messages appear to come from,” said Ken Takahashi, general manager of Anti-Phishing Solutions at Return Path. “Phishing is a security problem, but solving it isn’t a conventional security challenge, it’s a big data challenge.”

When Return Path detects an attack, the company said it immediately details the duration and size of the attack, and connects brand owners to takedown protocols that can help stop the abusive mail and create documentation to support proactive measures, including prosecution of abusive operators.

Return Path’s anti-phishing solution was developed in conjunction with brands in the financial services, social networking, and retail industries, the company said.