Galexia
             home
       about us
        services
        projects
       research
          contact
» home » research » assets » eft review  

Subscribe to Galexia news and announcements.
More information »

Identity Management and Authentication - Technical Consulting: Galexia has specialist consultants in the architecture of distributed identity solutions, including authentication, authorisation, accounting, auditing, single sign-on, federation, provisioning, synchronisation, public key infrastructure and emerging user-centric approaches. Find out more »

[2018 Global Cloud Computing Readiness Scorecard]

2018 Global Cloud Computing Readiness Scorecard
Find out more »

Submission - Joint submission to the 2007 Review of the Electronic Funds Transfer (EFT) Code of Conduct to ASIC (May 2007)

[« previous] [next »] [up] [title page] [full contents]

Cloudmark Network Feedback System

Since phishing emails that attempt to lure users to spoofed websites will often be sent out to multiple recipients, if one recipient recognises that the email is fraudulent in nature there have been suggestions that they should be able to effectively communicate that information to other Internet users.[57]

An example of a collaborative technology which gives effect to these suggestions is provided by the Cloudmark Network Feedback System (CNFS), which allows users from around the world to report when they have received what they perceive as a phishing email. Fingerprints for each of these emails is generated using specific algorithms. Once a certain number of users (the number may vary depending on the trust rating of the various users who have made a report to Cloudmark) have identified a specific fingerprint as belonging to a ‘phishing’ email, all messages with the same fingerprint are filtered in real-time from the inboxes of other users that are part of the network. The algorithms which generate email fingerprints are flexible enough to accommodate minor changes to the email that may be made by an attacker as part of an attempt to avoid the message being recognised as a phishing email.

[57] Fette I, Sadeh N and Cranor L, Web Security Requirements: A Phishing Perspective, W3C Workshop on Transparency and Usability of Web Authentication, March 2006, <http://www.w3.org/2005/Security/usability-ws/papers/13-cmu-requirements>, page 1.

[« previous] [next »] [up] [title page] [full contents]

[view all] [download PDF version]

[up to research]

 

Search for:

HERE

PrintVersionprint this page

Sitemapsitemap

Subcribe to RSS newsrss news feed

Manage email subscriptionsmanage email subscriptions

Latest News

September 2019
Register of Public Galexia PIAs. Read more »

September 2019
Updates to Galexia Website. Read more »

September 2019
PM&C / Office of the National Data Commissioner (ONDC) releases Discussion Paper and accepts recommendations from Galexia’s PIA on the proposed Data Sharing and Release legislative framework. Read more »

August 2019
Galexia providing privacy advice and an independent public Privacy Impact Assessment (PIA) on 2021 Census for ABS. Read more »

June 2019
Galexia completes privacy advice and an independent Privacy Impact Assessment (PIA) on the Naval Shipbuilding College Workforce Register. Read more »

view all news items »

[Home] [Sitemap] [Print this page] [Privacy statement]

© Galexia Pty Ltd
Telephone: +61 (02) 9660 1111
Email: [email protected]