Microsoft has denounced phishing, so now we all know what a big problem it is. Actually, the TechWeb article (see Microsoft Says Phishing Bad, Offers Little New For Defense) does point out that the big guys in Redmond have a “technology safety group”, and that everyone can breath easier if they just use Hotmail (which has MS’s SenderID implementation). Also noted was the fact that SenderID and related measures will be part of Outlook and Exchange sometime soon.
There is a problem with all that, folks. If you aren’t using Microsoft platforms (many are not server side, and many are leaving client side), none of this does a heck of a lot of good. But that is how Microsoft likes it.
We need to develop open standards for this issue. Letting Yahoo and Microsoft fight over which is best (DomainKeys or SenderID) is not getting us any closer to a solution, as there will be too many people left out in the cold. A system just won’t work to prevent phishing or any other type of electronic fraud unless it is a platform independent, cost effective, and ubiquitously available solution.