homepage Welcome to WebmasterWorld Guest from 54.205.254.108
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Social Media / Twitter
Forum Library, Charter, Moderators: not2easy & rumbas

Twitter Forum

    
Twitter Uses DMARC to Act Against Email Phishing For User Passwords
engine




msg:4547697
 12:17 am on Feb 22, 2013 (gmt 0)

Earlier this month, we began using a new technology called DMARC that makes it extremely unlikely that most of our users will see any email pretending to be from a Twitter.com address. DMARC is a relatively new security protocol created by a group of organizations to help reduce the potential for email-based abuse.Twitter Uses DMARC to Act Against Email Phishing For User Passwords [blog.twitter.com]

 

Chris_Boggs




msg:4547849
 2:16 pm on Feb 22, 2013 (gmt 0)

thanks for sharing this, engine. I really feel there should be a greater PSA effort by all of these social and email sites to better educate unsuspecting users.

Personally, I think it could be one simple slide: NEVER click on a link in an email or on a social network that makes you login. Rather, always go directly to the site and look for the alleged message, friend invite, etc."

By following this rule I have done a pretty good job protecting my passwords. What are some of the rules of thumb other savvy webmasters and members in here use?

dkap




msg:4548691
 4:13 pm on Feb 25, 2013 (gmt 0)

"What are some of the rules of thumb other savvy webmasters and members in here use?"

If I'm less than 100% sure of the validity of any email, I always hover over embedded links to see what they point to before actually clicking on them. Unless they're doing something sneaky with close misspellings (or 1 vs. l), it's usually quite obvious.

Dan

engine




msg:4548767
 6:28 pm on Feb 25, 2013 (gmt 0)

Perhaps it's just me that is even more cautious. I avoid the clicks for stats, if possible, to avoid the tracking.

Passwords are important, but you can also help by having a unique e-mail for the service you're using.

The services have to pick up their game, imho, but users need to be educated about their own security.

bill




msg:4549723
 5:46 am on Feb 28, 2013 (gmt 0)

I implemented DMARC on several domains last year. It's interesting to see reports on mail that can't be tracked as coming from my servers. There's not much, but it does exist.

I hope more big companies implement this. It's simple to setup, and you can run it in reporting mode until you're ready to move to the stricter settings.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Social Media / Twitter
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved