Google, Microsoft and Facebook team up to take on phishing attacks

Google, Microsoft and Facebook are teaming up with banks and secruity vendors to develop a platform for blocking phishing attacks.

The Domain-based Authentication, Reporting and Conformance group (DMARC) will seek to develop a system which can authenticate the sender of an email message and weed out potential phishing messages.

The group's aim is to create a feedback system where both the sender and recipient can be authenticated and impersonation attempts can be automatically blocked.

The group said its aims to create a standards-based platform that will allow service providers to set policies on their messages which can block unauthenticated emails and provide reports on how security protections are operating.

Among the firms who are currently participating in the development process are AOL, Google, PayPal, Yahoo and Facebook. Financial firms such as Bank of America and Fidelity are also working within the group.

"Email phishing defrauds millions of people and companies every year, resulting in a loss of consumer confidence in email and the internet as a whole," said Brett McDowell, PayPal senior manager of customer security intiatives and chair of the DMARC.org project.

"Industry cooperation, combined with technology and consumer education, is crucial to fight phishing."

Phishing attacks have become increasingly sophisticated in recent years. Criminals have been developing techniques to create more personalised and believable phishing messages and pages.

Additionally, phishing has spread to social networking platforms, where the trust users place in their contacts can be exploited to increase the effectiveness of an attack.