Make email links more secure with one easy solution
Spoofing has become a real problem and is only getting worse. Everyday we hear about spoofers sending fake emails pretending to be organizations or sites they are not.
One of the latest tricks is using a set of alphabet characters that look like English. For example Greek alphabet characters can look very similar to some English characters. The spoofers use the similar characters to create domains that look like official domains. The emails themselves are also very difficult for users to determine what is official and what is a spoof.
Given our complex lives and all the services the average person uses, the spoofers have an advantage. However there is hope with safe fields.
If organizations simply add one more value to a user’s profile that can contain a word, phrase, or image url to identify the organization. This will be the safe field the organization can use to identify themselves to the user in official communications.
When a user registers an account and adds their information, a password to identify the user is standard, however a safe field can identify the organization. A user can select anything they want that is easy to remember such as “Sea Cucumber” or an image of the Starship Enterprise.
When the organization sends official communications to that user the organization can include that safe field in the communication. The users will have an easy way to determine if an email or communication is authentic. Official communications will become easier for the users to identify provided the safe fields follow some basic common sense rules.
An easy rule is to ensure the safe field is unique from the password. It is also recommended that users keep these safe fields unique per site (if possible). Also organizations should never use the safe field to authenticate the user. The safe field is strictly to identify the organization to the user in electronic communications.
Safe fields have the potential to be a very inexpensive and simple solution that could easily add one more layer of protection for your organization and users. Safe fields also have the ability to scale among the general population. As the tech community adopts the practice of using safe fields then the concept will be more easily understood among the public and the effectiveness of safe fields will only increase.
Feel free to contact me for implementation recommendations and other engineering support.
