Tuesday, July 8th, 2008
No Phishing Allowed
eBay, PayPal and Google have partnered together to ensure that Google’s Gmail (https://mail.google.com) service will automatically detect PayPal and eBay phishing e-mails and prevent them from reaching your Gmail inbox.
“We’re very excited that Google has taken this step and is working with us to help protect your online safety,” said Michael Barrett, the chief information security officer for PayPal, in his post to the PayPal blog. “From now on, if you have a Gmail e-mail address, you will see a dramatic reduction in the amount of e-mails which purport to come from PayPal and eBay, but which aren’t in fact from us.”
The full post by Michael Barrett includes links to additional anti-phishing information (including a white paper and video tutorial). Gmail also posted to their blog.
A similar implementation with Yahoo! Mail was announced on the PayPal blog back in October. I have used Yahoo! Mail (http://mail.yahoo.com) for all things eBay/PayPal in the past and I can’t remember the last time an eBay/PayPal spam made it through the filter and into my inbox (I wish I could say the same for pharmaceuticals and/or ladies that apparently really, REALLY want to get in touch with me). The fact that I’m not getting “phished” tells me that something is working and it’s encouraging to see GMail users getting the same kind of attention.
To find out more about how Gmail deals with phishing and spam, check out the following LINK.
eBay also provides insight into preventing spoof emails and websites in its Security & Resolution Center. PayPal does the same in its “Fight Phishing” pages.
Cheers,
RBH
Tagged: antispam, customerservice, ebay, ecommerce, gmail, google, PayPal, phishing, spam, yahoo, yahoomail
HenriettaOn July 8, 2008 at 8:03 am Said:
The simplest, safest and most secure way to put an end to PayPal phishing would be for PayPal to cease putting clickable links in emails. Any customer communication requiring input from customers should be on the secure site.
“You have a message from PayPal which requires response, please log in to your account to access it.”
TheBrewsNewsOn July 8, 2008 at 11:35 am Said:
Now if only PayPal would devote some resources to fixing their system so that sellers would consistently receive email notifications of buyers’ payments, I would be happy. This has been a known problem for months.
Patricia1On July 8, 2008 at 12:14 pm Said:
I’d be happy if they’d just recognize what is phishing and what isn’t. I received an 11.50 payment from Squidoo – apparently it was from Google ads on my Squidoo page (which I was not aware of). I sent it to Paypal and they wrote back that it was, indeed, a phishing email and they would work hard to nab these evil-doers. Well, thankfully I remembered to go back to Squidoo and look in my account – there it was – $11.50 waiting to go to my Paypal account the minute I give them the right email address for it! So much for Paypal doing its job!
Abhinav SinghOn July 9, 2008 at 7:39 am Said:
Nice post, well I recieved an email yesterday itself asking me to update my card information as it has been deactivated and finally realized its a phishing site.
Read more and see the screen shots of the same here:
http://abhinavsingh.com/blog/2008/07/fake-email-from-paypal-cloned-sites/
Andy GeldmanOn July 9, 2008 at 7:43 am Said:
Phishing detection, like Spam detection, is an inexact discipline. There is always the risk of false positives (as reported by Patrica above) as well some malicious emails failing to get caught.
It’s been a long time since Bill Gates predicted the death of spam (he said in 2004 it would be eradicated by 2006!), but a proper technology-based solution is still nowhere in sight.
So come on technology companies, give us a modern email system!
We close the comments for posts after 30 days. If you would still like to comment on this post, please use our contact form.
5 Responses on this post. Click to add yours.