Microsoft, Google, and Yahoo! this week announced their support of a new email-security initiative called DMARC that they say will lessen the impact of so-called "phishing" attacks. The firms are joining various financial services companies to promote a set of technologies offered by the initiative that authenticates the origins of individual email messages.
Previous to DMARC, technology firms had created their own email-security solutions. Microsoft, for example, backs the Sender Policy Framework (SPF), which attempts to prevent email spoofing that sits at the heart of most phishing attacks. And Google and other firms implement a technology called DomainKeys Identified Mail (DKIM), which uses digital signatures to validate email senders. DMARC builds on these and other technologies to create a solution on which many companies can agree and partner.
And there are some heavy hitters backing this initiative. In addition to Microsoft, Google, and Yahoo!, other involved tech firms include AOL, Facebook, and LinkedIn, as well as email-security solution providers such as Agari, Cloudmark, eCert, Return Path, and Trusted Domain Project. In the financial sector, Bank of America, Fidelity Investments, and PayPal have all signed on as well.