Twitter announced via its blog today that it has begun using a new method called Domain-based Message Authentication, Reporting and Conformance (DMARC) to help prevent email phishing.
DMARC is actually a standard for preventing email spoofing, in order to make it harder for attackers to send phishing emails that appear to come from_ twitter.com_ addresses. Sometimes it’s not easy to figure out if an email is legitimate or not. It implementing the SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) email message validation and authentication systems.
Twitter says it started using the DMARC earlier this month. While the DMARC specification does need support from e-mail services, outfits including AOL, Gmail, Hotmail or Outlook and Yahoo already make use of it. It has also been implemented by services like Facebook, PayPal, Amazon and now Twitter.
If you don’t use Gmail or one of the other email providers listed above, you may not be protected. It might be a good time to migrate your email service to one of these for better security or ask your email provider to add DMARC support too.
For instance, if you see an email from support.twitter.com asking you to type in your account info, you should know to delete the email and report it, as Twitter will never ask you for such information.
Written by : Priyanshu Sahay from (__HackersOnlineClub)