| |
| |
| Reduces E-mail Hoaxes |
| |
RPost's Digital Seal™ is the sender's
e-mail signature that protects from hoaxes and misrepresentations
of what he or she originally sent. The
Digital Seal™ feature provides
the receiver, or any future recipient, with the
ability to ensure integrity, verify e-mail origin,
or obtain third-party certification of authorship.
What makes this service particularly unique, versus
PKI digitally signed e-mail, is
that the Digital Seal™ is durable, works on
all e-mail systems, and can be signed by the author.
Specifically, any future or "forwarded"
recipient (second, third+) can (1) verify origin,
(2) regenerate original e-mail, and (3) verify author's
signature and original content. The Digital Seal™
works for all e-mail systems (web, PINE, Terminal,
etc.).
What is Phishing
and Spoofing?
“Phishing”
is the term coined by hackers who imitate or steal
legitimate companies’ e-mails to their customers,
for the purpose of enticing people to share their
passwords or personal financial information. Over
the years, Internet scammers have moved from small
lures to “fish” for passwords and financial
data, into a more sinister criminal enterprise.
The more sophisticated lure in use today is for
the scammer to copy the website code from a major
site, such as AOL, and use the code to set up a
replica page that appears to be part of a company’s
official site – a ploy that is also called
“spoofing.” A fake
e-mail is then sent out with a link to this copied
website, which solicits the customer’s credit
card data or password. When the customer responds
with the requested information, the data is then
sent to the scammer, while leaving the customer
on the company’s website without suspecting
that he or she has fallen victim to identity theft
or credit card fraud and is likely to suffer financial
loss.
Internet Threat
The FBI has recently called phishing “…the
hottest and most troubling, new scam on the Internet.”
Phishing attacks are targeted at users of online
banking, payment services and online e-commerce
sites. Since August 2003, it has been reported that
phishing attacks have grown quickly in number and
sophistication and that most major banks in the
United States, the United Kingdom and Australia
have fallen victim. It is estimated that as many
as 5% of the phishing targets fall prey and respond
to the fraudulent websites and spoofed e-mails of
the trusted brands of well-known banks, online retailers
and credit card companies. In one two-month period,
the Citibank website alone reported forty different
phishing hoax e-mails sent around the Internet to
millions of people.
How
to Protect Your Customers
Protect against phishing and spoofing using the
RPost Digital Seal™ feature:
Digitally Sealed messages protects
against an e-mail hoax. It provides the receiver,
or any future recipient, the ability to ensure the
integrity and to verify e-mail origin. It protects
the sender against misrepresentation or hoaxes in
the form of phishing and spoofing attacks. Further,
the Digital Seal™ feature provides third-party
certification of authorship and original content
of the Registered E-mail® message. What makes this service
particularly unique, versus PKI digitally signed
e-mail, is that the Digital Seal is durable, it
works for any e-mail systems that the recipient
may have, and it allows the sender to sign the e-mail
in a manner that any recipient can verify.
Specifically,
(1) Any future recipient (second, third+) can verify
origin, integrity.
(2) Any recipient can regenerate the original e-mail,
for validation.
(3) Any recipient can verify the author’s
signature and original content.
(4) It works for all e-mail systems (web mail, PINE,
Terminal, AOL, etc.). |
| |
 |
| |
| The sender organization could begin to educate
its customers by posting on its website the following
message: |
| |
| “To protect
you against e-mail hoaxes, you will be able
to verify the origin and content of e-mails
sent from us as all of our e-mails sent to
our customers will be “Digitally Sealed™.” |
| |
|
| “Our Digitally
Sealed™ e-mails are being used for your
protection and those safeguards are explained
here, as well as at the beginning of any e-mail
that a customer might receive from us. Should
you question the authenticity of one of our
e-mails to you, before you click to a referenced
website, or reply with any personal or account
information, you may verify the content and
the origin of the e-mail message, by following
these simple steps: |
| |
|
| 1. |
Please forward the e-mail in question to
the verification address: verify@rpost.net
[Note: this is the only verification address
we will ever use and is the only verification
address that you are to use.] |
| |
|
| 2. |
If the e-mail you submitted for verification
is a valid e-mail, meaning that it came from
us and has not been altered by a third party,
the original e-mail and all attachments will
be re-generated and delivered to your in-box
as a “Registered E-mail Authentication
Receipt™.” Should you question
the authenticity of the verification receipt
for any reason, likewise you may forward the
receipt to be authenticated at the same verification
address, verify@rpost.net. |
| |
|
| 3. |
If the verification system determines that
either the e-mail content was altered or that
someone has misrepresented our name as “sender,”
the original e-mail will not be re-generated
and instead, you will receive a reply that
the e-mail is not authentic. If, however,
you do not receive an authentication receipt,
please assume that the e-mail you received
“from us” is not authentic as
it could not be validated and we ask that
for your protection you immediately delete
the e-mail.” |
|
| |
| For more information on how to use this feature,
click here to
go to the Digital Seal™ section. |
|
