Phishing Prevention
Reflexion Makes Phishing Attacks Immediately Self-Evident
According to the Anti-Phishing Working Group (www.antiphishing.org), “Phishing attacks use both social engineering and technical subterfuge to steal consumers' personal identity data and financial account credentials.” Phishing is a known problem across the email community. Reflexion combats Phishing exploits through the use of two anti-phishing engines, but goes beyond content analysis to allow users the capability to disclose a Protective Address-on-the-Fly.
The use of protective addresses can be particularly valuable to protect one's primary email address from attracting spam as a result of higher risk public disclosures. However, the practice provides a number of other advantages, such as enabling a user to detect if an address is shared with a third party, and to make future choices about restricting inbox access on that address. This capability also extends to detecting and blocking phishing exploits for identity theft and acquiring financial credentials.
Utilizing Reflexion's protective address model, an individual user can disclose an Address-on-the-Fly to a particular Web site, and this will ensure that all mail on that address arrives at the destination mailbox without examination by a traditional content filter. For example, if Julie Smith has an online account with eBay, Julie can disclose jsmith.ebay@domain.com, and once the first message arrives from that disclosure, the sender confirmation@ebay.com will own that address. Now anyone communicating with Julie from ebay.com must use jsmith.ebay@domain.com, otherwise, it will be viewed as a phishing exploit.
In order for a phishing attack to now arrive, the sender must not only send it from the correct address, but also to the correct address, and since there are an infinite number of “to-from” pairs, that will be virtually impossible.
In this case, Reflexion Total Control will extend beyond phishing and allow Julie to track who confirmation@ebay.com shares your address with, and furthermore, limit her acceptance of mail to those legitimate correspondents who used the address before the flow of spam began, or disable the address altogether. All the while, Julie’s primary email address is protected from this new source of spam.