The award for the longest title ever could go to this one. But it's good news actually. Both Email services are "supporting email authentication standards including DomainKeys and DomainKeys Identified Mail (DKIM) to verify senders and help identify forged messages" for a few years now but could not eliminate all phishing emails because of companies signing their mails only partly.
The filter was therefor not perfect which still meant that users were seeing phishing emails in their inbox and spam folders.
PayPal and eBay finally made the decision to sign all emails originating from their servers including the international versions which means that it is possible to eliminate PayPal and eBay phishing emails before they even reach the inbox or spam folder. The system was tested for a few weeks silently and only a few users did notice according to the official Gmail blog.
Now any email that claims to come from "paypal.com" or "ebay.com" (and their international versions) is authenticated by Gmail and -- here comes the important part -- rejected if it fails to verify as actually coming from PayPal or eBay. That's right: you won't even see the phishing message in your spam folder. Gmail just won't accept it at all. Conversely, if you get an message in Gmail where the "From" says "@paypal.com" or "@ebay.com," then you'll know it actually came from PayPal or eBay. It's email the way it should be.
Sounds like a dream come true and could pose an end to phishing if more companies, and mail providers, would jump on the bandwagon of signed emails. Companies that come to my mind first are financial companies and other online stores. I still would not blindly trust any email from PayPal or eBay that would arrive in my inbox but it definitely is a step in the right direction. The best way to handle it is to visit the websites manually and perform the eBay or PayPal login there.Advertisement
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.