Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

6/15/2010
07:48 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Truedomain Launches Service To Stop Email Phishing Attacks

Truedomain Antiphishing Network enables visual identification of authenticated email from legitimate and trustworthy senders

Menlo Park, Calif., June 8, 2010 – Truedomain' (www.truedomain.net), a trusted provider of authentication and antiphishing solutions for email, today announces the launch of the Truedomain Antiphishing Network, the first solution that connects domain owners and email receivers through a cloud-based authentication technology architecture and powerful analytics framework to block email-borne phishing attacks from reaching their intended targets and prevent the financial and identity theft commonly inflicted by these attacks.

Through a successful beta deployment with FastMail [http://fastmail.fm], a recognized provider of high quality and ultra-fast email services, Truedomain validated its technology, and subsequent to commercial launch, is now working with major email providers and online brands to protect approximately 300 million consumer email accounts from phishing attacks.

Truedomain officially debuts the service today at Launch: Silicon Valley 2010, co-presented by Silicon Valley Association of Startup Entrepreneurs (www.svase.org), Garage Technology Ventures and Microsoft, a platform for the next generation of emerging technology companies to launch their products to the world. Selected from more than 400 companies vying for a spot onstage, Truedomain was recognized as one of the most interesting startups by the event’s prestigious board of venture advisors.

In conjunction with its launch, the company has also closed a Seed funding round, bringing the total amount of funding raised to date to more than $1.2 million.

The Truedomain Antiphishing NetworkTM

The Truedomain Antiphishing Network combines a multi-tiered, standards-based authentication framework with a comprehensive feedback loop and analytics layer to provide the highest level of phishing protection for email. In addition to stopping fraudulent emails, Truedomain enables visual identification of authenticated email from legitimate and trustworthy senders. By connecting legitimate domain owners with email receivers, Truedomain provides a clearinghouse for the consistent application of email authentication and enforcement of handling rules, along with a unified view into authentication performance and delivery results throughout its network of email receivers.

“As VeriSignTM has done for the browser, we bring trust back to email by offering both the authentication technology to stop email-based phishing before any damage is done, as well as visually identify all authenticated email originated from legitimate, trustworthy senders,” said Robert Pickup, Founder & CEO, Truedomain. “Unlike reactive solutions available today, Truedomain takes the ‘prevention is the best cure’ approach by proactively blocking the attack before it reaches its target.”

FastMail partnered with Truedomain in beta, helping to validate and refine the architecture and integration approach with mail providers.

“We’ve built our business on providing the fastest, most reliable and most secure email services to our customers,” said Rob Mueller, CTO, FastMail. “We chose Truedomain because they help us keep our customers safe from phishing attacks, and in doing so, allow us deliver the security and quality of service our customers expect.”

Open Standards + Proprietary Innovation = Maximum Effectiveness

The Truedomain Antiphishing Network is built on a foundation of authentication standards including DKIM, Domainkeys and SPF. To complement and reinforce those standards, Truedomain developed proprietary authentication technologies that maximize the effectiveness and reliability of its antiphishing solution, while shoring up inherent weaknesses of the existing standards that cause “false positives” or legitimate email to be blocked.

The key benefits delivered by the Truedomain Antiphishing Network include:

Real, measurable ROI. By blocking malicious emails before they are delivered, Truedomain prevents potential victims from ever being exposed to the attack. As a result, Truedomain eliminates the identity and financial theft, data loss, customer support costs and operational overhead that inevitably follow in the aftermath of phishing attacks.

Strengthens brand integrity and customer trust. By protecting our customers’ brands from being used as phishing bait, Truedomain preserves customer loyalty and boosts retention and acquisition. Truedomain’s email trust certification process ensures that every email authenticated from its customers’ domains originated from the legitimate owner of that domain – something the current self-administered standards cannot deliver on their own.

Clear visibility into the end-to-end email delivery chain. Truedomain provides critical visibility into authentication performance and message level metadata from emails that fail authentication. What has historically been an anonymous ‘black-box’ ecosystem is now a rich source of data that domain owners can use to optimize their outbound security and authentication processes, track authentication and delivery performance, and pursue enforcement efforts against criminals that commit financial and identity theft against their businesses and their customers.

Phishing – A Clear and Present Risk

Phishing, or posing as a trustworthy entity to steal money or identities, is one of the most common forms of identity theft and costs consumers and businesses over $3B per year according to Gartner. A study by VeriSign found that 88% of consumers cannot distinguish between a legitimate website and its phishing clone. No longer confined to only the biggest banks or online retailers, the volume and reach of phishing attacks continues to rapidly accelerate, hitting an all-time high in January 2010 with a 21% increase in that month alone (RSA).

New tricks and cheap tools allow phishers to develop more sophisticated schemes, such as highly targeted – or “spearphishing” – attacks aimed at smaller “soft-targets,” including enterprises and their employees, social networks, colleges and universities, government agencies and professional associations. The increase in both breadth and uniqueness of phishing attacks underscores the need for proactive solutions that provide protection based on open and widely adopted security standards.

About Truedomain

Founded in 2009, Truedomain delivers the most effective and reliable solutions to stop email phishing attacks. Built upon a standards-based authentication framework, the Truedomain Antiphishing Network™ combines multi-tiered email authentication and consistent policy application with direct visibility into authentication results and performance across our network of email receivers. We have partnered with the largest email providers in the world and are protecting some of the most recognizable online brands to eradicate phishing and bring trust back to email. For more information, please visit www.truedomain.net.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
More SolarWinds Attack Details Emerge
Kelly Jackson Higgins, Executive Editor at Dark Reading,  1/12/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).