Most people that regularly use an email account have encountered one or more phishing messages, so-called because these emails essentially are fishing for private information that account holders may be duped into providing. The typical phishing attack consists of an email that purports to be from a major bank. The email will have the correct fonts and imagery to match actual communications from the bank and may even have a return address that at first glance looks authentic. The email usually explains there is some problem with your account and asks for information that can help solve the problem: your account number, social security number, date of birth, or mother's maiden name, for example.
Individuals who disclose the information are unknowingly assisting a cyber criminal who may use it to drain your accounts or commit identity theft.
Sometimes, phishing is easy to detect, such as when you have never done business with the bank that supposedly has found a problem with your account. It has caused serious problems for many people however.
This week in San Francisco, IT support experts gathered to discuss DMARC, or the Domain-based Message Authentication, Reporting, and Conformance standard being developed to combat phishing. While some experts view it as a decisive step in the right direction, others caution that online fraud will continue to be a problem as long as end-users can be fooled. Excellent email filters are one tool that can be used right now to keep phishing emails from reaching employees. Such a system can be implemented through a managed programs approach for IT support.