Tuesday, July 08, 2008

Bye Bye Phishing

GMail has worked together with Paypal and EBay to make sure that email sent from those two web sites to GMail accounts are valid messages and not an attempt of phising. Here's some point from the GMail blog:
Now any email that claims to come from "paypal.com" or "ebay.com" (and their international versions) is authenticated by Gmail and -- here comes the important part -- rejected if it fails to verify as actually coming from PayPal or eBay. That's right: you won't even see the phishing message in your spam folder. Gmail just won't accept it at all. Conversely, if you get an message in Gmail where the "From" says "@paypal.com" or "@ebay.com," then you'll know it actually came from PayPal or eBay. It's email the way it should be.
It's said that they used DomainKeys and DKIM to verify each messages, so the reliability of this methods is based on those two. I just hoped they don't break too easy in the future resulting a false alarm big grin