MailFrontier Holds The Line Against Phishing

Looking to stem the tide of fraudulent e-mails MailFrontier, a vendor of security products for messaging applications, Monday launched the beta version of an application that could keep those evil e-mails from even showing up.

The company’s MailFrontier Matador 3.5 uses proprietary analytics software to automatically detect and categorize fraudulent e-mails for Outlook and Outlook Express users. It also alerts its customers when new types of fraud appear and has a tool within the application that lets users easily report any scam-mail (also known as Phishing) that gets through.

Phishing, the practice of scamsters setting up bogus Web sites that look like those of legit retailers in an attempt to trick unwary consumers into giving up their credit card numbers, is out of control.

According to VeriSign’s Internet Security Intelligence Briefing, released last week, the growth of online fraud is outpacing Internet use, with security events per managed device increased by nearly 99 percent between May and August of 2003. Data from the digital commerce and communication services provider ‘s fraud prevention systems showed that 6.2 percent of e-commerce transactions in the U.S. were potential fraud attempts.

Phishers typically spam out e-mails with spoofed addresses that seem to come from respected merchants. Online auctioneer eBay, it’s person-to-person payments subsidiary PayPal, electronic retailer Best Buy, and Microsoft are among the most common commercial victims. The e-mail subject headers warn the recipient of a problem with their account or, in the case of Microsoft, the need to install still another patch. In the e-mail is either a form to fill out with personal information, or a link to the crooks’ phony site.

MailFrontier executives say the choice to update its product line was simple considering such identity theft costs consumers an average of $1,400 per fraud as well as up to $16,000 in lost earnings, according to a September 2003 report by the non-profit Identity Theft Resource Center in San Diego, Calif.

“Our new detection algorithms will take [fraudulent] e-mails and drop them in a new fraud folder as opposed to the junk folder,” Gleb Budman, director of product management for the Palo Alto, Calif.-based company, told internetnews.com. First, the technology looks at what the company calls the “Seven Deadly Sins,” such things as hex- or binary-encoded parts of the URL or high-numbered ports on the URL.

Built on top of MailFrontier’s original spam filtering product, Matador, the application also considers whether links within the e-mail go to good sites. If all the links within a message point to bad sites, the message is probably spam, Budman said. “A strong indicator of fraud is if some links point to good sites, and some point to bad.” MailFrontier maintains its own database of junk sites, and also announced a strategic partnership with Cyveillance, a company that monitors Internet activity such as identity theft, counterfeit product distribution and brand abuse for corporate clients. MailFrontier and Cyveillance will exchange information about online fraud.

Todd Bransford, vice president of product marketing for Arlington, Va.-based Cyveillance, told internetnews.com that while MailFrontier’s core competency is keeping spam from getting inside the corporation’s firewall or into consumers’ e-mail boxes, Cyveillance has a complementary competency in monitoring the Internet itself.

“We provide MailFrontier with detailed information on all Web sites on the planet,” Bransford said. “They can use that to determine whether a piece of e-mail that purports to be from a specific domain is legitimate.”

He said Cyveillance information will help Matador be smarter. For example, Cyveillance could tell Matador that the domain from which a particular e-mail originated is a gambling site, which would be suspicious.

MailFrontier announced a public education campaign to alert Internet users about phishing and other online frauds. The company has joined the Coalition on Online Identity Theft, a recently launched industry consortium that includes Microsoft, eBay and RSA Security. It also will post information its Web site.

“There is educational information on the portal and a list of resources,” said MailFrontier CEO Pavni Diwanji. MailFrontier will operate the site as a community service and make it open to all.