PayPal tells users to download anti-phishing software

PayPal is asking UK customers to download software from Iconix to help identify genuine e-mails sent by the eBay unit and weed out phishing messages.

  0 4 comments

PayPal tells users to download anti-phishing software

Editorial

This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.

PayPal, which has long been a favourite target for phishers, says Iconix eMail ID can help protect customers by visually identifying genuine messages. After a customer installs the software, they'll see an icon (a gold lock with a tick) next to a PayPal logo whenever they receive authentic e-mails from the firm.

The free program works with most of the major e-mail services like Gmail, MSN Hotmail, Windows Live Hotmail, Yahoo Mail, Outlook and Outlook Express.

Garreth Griffith, head, risk and security, PayPal UK, says: "Staying safe online needn't be a headache. By taking a few simple steps you can outsmart the fraudsters and protect your money and your identity.

According to recent research carried out for PayPal by Opinium, 58% of Brits have responded or clicked on a phishing e-mail link while only 58% make sure they look for the padlock icon when carrying out financial transactions.

The potential difficulty involved in identifying genuine PayPal e-mails was highlighted recently when Randy Abrams, director of technical education at online security vendor ESET, received a genuine message from the firm, containing a link.

He forwarded the message to the firm suggesting it stop this practice because links make e-mails look like phishing attempts. PayPal responded, thanking him for forwarding the "suspicious-looking" message, claiming "it was a phishing attempt".

Sponsored [Webinar] Trusted Transactions: The Future of Risk-Based Authentication

Related Company

Keywords

Comments: (4)

Anthony Cossey

Anthony Cossey Project Manager at Fixnetix ltd

this functionality is supported under google mail anyway, go to 'settings' then 'labs' then enable the appropriate option called "Authentication icon for verified senders".  its experimental but works well, its limited to paypal and ebay emails presently

John Dring

John Dring Digital Services and mCommerce at Intel Network Services

Sorry, if you mean Google Chrome, I don't see it?

Anyway - what is to stop Phishers from just emulating the padlock and tick logo in their plain emails?  Even if it is a secured part of the email window, the padlock will just be placed elsewhere and most punters will simply not know whether its secured or not.

A Finextra member 

The gold key displays in the header of messages in Gmail and is visible in both your message list and the opened e-mail.

Rolling your mouse over the key in either view (msg list or opened email) a pop-up confirms that the e-mail has been verified as coming from the sender. Not so easy for scammers to fake...... but anything given time..........

Bob

Michael Wright

Michael Wright ex-CEO, NED at Tilte, Taxd, Welleasy

Striata has been supporting Iconix for visual email authentication for a while now. However it's the classic challenge of consumer technology adoption. Our new customers always ask - "who else is using it".

It needed a big brand to get behind it to make consumers aware of the solution.

I hope with Paypal (the most phished brand in Feb 2010 according Avira) can start to really encourage the use of this type of visual technology.

 

New Event Report – Natural Capital FinanceFinextra PromotedNew Event Report – Natural Capital Finance