No Phishing: RSS is Phish-proof and Secure

For increasing numbers of online consumers and businesses, imitation is proving to be the sincerest form of thievery.

In the 12 months ending May 2005, an estimated 1.2 million U.S. consumers lost nearly $1 billion to the high-tech online swindle known as "phishing." And 72 million said they had received an average of more than 50 phishing emails during the previous year.

Such staggering numbers have had a chilling effect on online consumers. Many experts blame the rise in account hijacking and Internet identity theft for a slowdown in the growth of both online banking and e-commerce.

What is Phishing?
Phishing is an online form of fraud in which an email pretends to be from a company with which a customer may have a relationship, such as a bank, retailer or Internet service provider. Typically, it seeks verification of certain information, such as account numbers and passwords. And because these emails and their corresponding fake Web pages look so official, as many as one-in-five unsuspecting recipients may supply the requested information, resulting in financial losses, and even full-blown identity theft.

By now, most people know that their bank or ISP will never send them an email asking them to "verify" an account number or password. But as people have gotten wise, so have phishers. They are now targeting a wider array of commercial institutions, creating sophisticated messages that are virtually indistinguishable from legitimate email. The growing ranks of the technically savvy who have been scooped up in phishing's net attest to its evolving ability to collect the wise along with the gullible.

In a May 2004 report, "Is Your Brand Phishing Bait?" Forrester Research warned that, "Continued growth in identity theft incidents will erode the trust and comfort level people have in using the Internet. Consumers will grow more reluctant to engage in online activity and to divulge information that companies need to complete business transactions."

That prediction seems to be coming true. Phishing has forced consumers to alter their Internet behavior as they learn how to recognize and guard against online fraud. A September 2005 annual survey of online banking customers by market research firm Ipsos Insight found that fear of information theft has slowed the ascent of online banking. After years of dramatic growth, the percentage of Americans who conduct personal banking activities online remained virtually unchanged for the 12-months ending August 2005.

A June 2005 consumer survey by JupiterResearch found that consumers are truly concerned about identity theft. When asked what factors had the strongest negative impact on their Internet usage, the leading response was viruses at 47 percent, followed by identity theft at 37 percent.

To protect against the threat of phishing, and the erosion of trust and ensuing drop in response by wary consumers, companies need to  implement solutions that assure customers their communications are safe.

RSS Thwarts Phishing
One such solution is Really Simple Syndication, the technology known for delivering Web logs and news headlines to consumers' desktops. RSS enables companies to distribute content through secure "feeds" that cannot be accessed by phishers. Put simply, RSS feeds are really just Web pages residing on a company's site. By leveraging the security and authentication already built into companies' secure Web sites, RSS thwarts phishing.

While phishing "pushes" fraudulent information to potential victims, RSS relies on the power of "pull." When someone signs up for an RSS feed from a company's Web site, the company gives that person a specific Web address to put into his or her Web-feed reader. The reader then goes out to that Web address at specific intervals to check for new messages. Since the reader "pulls" messages from that Web address, it is virtually impossible for anyone to intercept or spoof the communications stream.

This quality, known as "transparent authentication," means that RSS messages, by their very nature, can only be from the company whose messages a recipient has actively subscribed to receive. For additional privacy protection at the desktop, RSS communications can even be encrypted and require a password before they can be opened and read.

Links Reforged
Because phishers place links in emails that direct recipients to fraudulent Web sites, many companies have simply stopped putting links in their email messages. Instead they require recipients to actively navigate to secure pages on their Web sites. While this is one way to help recipients recognize authentic messages and avoid phished sites, it creates extra work for consumers and degrades response.

Now with RSS, companies can once again send links in messages, and consumers can click on them without fear that phishers will use the same technique to redirect them to copy-cat sites.

Individualized RSS
Clearly, a phish-proof channel holds promise for companies and their online customers. But traditional RSS has its limitations. Because subscribers all pull information from the same feed, marketers have been unable to send individualized content.

But a new generation of RSS is changing all that. Today's RSS solutions enable marketers to issue subscribers their own individual feeds through which they can send uniquely-tailored messages, making truly individualized RSS (IRSS) messaging possible for the first time.

With the one-to-one messaging capability offered by the new generation of IRSS technology, companies finally have a way to protect their reputations from the inevitable blemishes associated with online fraud or identity theft perpetrated in their name, while avoiding flagging response rates to their online marketing initiatives.

The Silverpop RSSDirect(SM) Phishing Solution

Take the risk out of customer communications:

  • Enable customers to "pull" information directly from their own individual page you have created for them on your secure Web site.
  • Offer encryption and password protection for secure documents such as billing and account statements.
  • Cut off phishers' access to your customers.
  • Protect your brand and company reputation from damage caused by fraudulent messages sent in your name.
  • Use open technology that more than six million Americans already have installed, and that will be ubiquitous in the next generation of Web browsers.
Section Links


Bill Nussey
CEO,
Silverpop		Welcome to RSSDirectSM, a revolutionary product that combines the technology powering the explosive growth of blogs with the three attributes today's marketers need: personalization, targeting and measurability.

JupiterResearch Commissioned Report & Silverpop RSS Handbook


Sign up now to be among the first to receive a copy of JupiterResearch's new study, commissioned by Silverpop. Learn what this top analyst firm thinks about RSS and the future of this exciting technology as a consumer marketing tool. Along with JupiterResearch's report, you also will receive our RSS marketer's handbook.

Product Demo
See RSSDirectSM in Action
The RSSDirect SolutionSM

RSSDirect's individualized RSS solution gives marketers a valuable alternative to email for reaching present and potential customers. Assured security, permission, and freedom from spam and phishing enhance consumer confidence and participation, while assured deliverability increases marketing response and return.

Read More