Anti-Phishing Working Group Report

October 30, 2010


The Anti-Phishing Working Group (“APWG”) is worldwide watchdog organization composed of more than 1,800 companies, government agencies and solutions providers.  APWG is committed to wiping out internet scams and fraud.

The APWG just released their First Half 2010 Report.  You can get the full report here:

The report discusses the disturbing trend we reported in our October 22, 2010 IRS Warning posting.  This is the trend of using fraudulent emails to trick people into infecting their own machines with malware.  The APWG explains that unlike the bad old days, where the criminals took victims to fake websites to steal log-on credentials, this new class of malware allows the criminals to hi-jack the victim’s computer – the “criminals can even log into the victim’s machine to perform online banking transactions using the victim’s own account details, which is difficult for banks to detect as fraud… It is simply more profitable to control someone’s computer remotely and make large amounts of money than to simply steal victims’ online banking credentials.”  This malware is so effective in stealing money that the APWG has coined a new term for it — crimeware – “malware designed specifically to automate identity theft and facilitate unauthorized transactions.”

Other disturbing trends reported included longer uptimes for criminal websites and the use of short URLs to evade spam filters and spoof URLs that are commonly shared using social networks.  This chart from the APWG shows the rapid growth of the URL Shortener scheme:

url shortener graph

This report concludes that phishing may not be growing in overall numbers (attacks, etc.), but the shift to crimeware makes the impact larger than ever, so users must take advantage of every defense available.  eMail ID from Iconix is part of that defense by identifying real email from thousands of senders.


IRS Warning – It’s a Phishing Scam

October 22, 2010

You may have received an email claiming to be from the IRS warning you about a problem with a tax payment. It may say something like, “LAST NOTICE: We decline your Federal tax payment,” followed by an ID number. Or, “LAST NOTICE: The Identification Number used in the company identification field is not valid.”

fake irs emails

Jane Bryant Quinn has written an excellent posting about this scam. You can find it here:

Among the points she makes is that if the IRS is really after you, they will send you a written notice using the U.S. Postal Service – they will not send you an email.

She also points out that this scam is coming from a very sophisticated criminal gang which has brought a new twist to the fraudulent email scam. In the old-fashioned phishing scam, the criminal would ask you to click a link and then take you to a website that asked for your key data – passwords, account numbers, social security number. This phishing scam is different. If you click a link, you will be taken to a safe-looking web page. In the background – and completely unknown to you – they will load a piece of malicious code known as the Zeus banking Trojan. This malware will probe your computer and your computer activity to discover your crucial financial access data. The criminals will then drain your accounts.

Ms. Quinn reiterates the warning that you need to be careful about clicking links in email. To that advice, we would add – install eMail ID from Iconix. While Ms. Quinn is correct that the IRS does not send important legal notices by email, the IRS does send real email. Because our finance department at Iconix subscribes to the IRS Guidewire Service, we do get real email from the IRS. This is what real IRS email looks like when you use eMail ID in Outlook. You will notice that in Outlook eMail ID uses the Check-lock icon to highlight confirmed real messages. You may also notice that the fake IRS message lacks a Check-lock.

real irs email

If you file your taxes electronically using the popular TurboTax service from Intuit, you will be looking for real emails that your taxes have been filed and your refund is coming. Again, eMail ID helps you by identifying real TurboTax email. This is an example of TurboTax email in a Gmail account that is enhanced with eMail ID.

real tax refund email

The sidebar shows you where to get eMail ID for free.

Sixth Annual UK National Identity Fraud Week

October 19, 2010

Iconix commends the sponsors of the Annual UK National Identity Fraud Week, which commenced October 18, 2010, for their continuing efforts to extend awareness of the problem of identity theft.  Now in its sixth year, the campaign seeks to help prevent identity fraud by providing practical help, tips and guidance to safeguard your identity. This awareness drive has been put in place by an expert group of public and private sector partners, including the CIFAS, The Association of Chief Police Officers, The City of London Police, The Metropolitan Police, National Fraud Authority, The Identity and Passport Service, The British Retail Consortium, The Federation for Small Business, Fellowes, Callcredit, Experian, Equifax, British Chamber of Commerce and Royal Mail.

According to the CIFAS, the UK’s Fraud Prevention Service, during the first three quarters of 2010, identity fraud increased almost 10% when compared with the same period in 2009.

Among the identity fraud schemes discussed at is phishing.  As you probably know if you follow Iconix, phishing is on-line fraud which is perpetrated by the impersonation of legitimate email senders.   How can you tell real emails from fake ones?  This is where Iconix can help. 

We mark legitimate emails from thousand of senders representing every industry imaginable, from banking to travel to social networking.  UK-based examples include Tesco, Argos, Friends Reunited, Nectar,, HSBC, Marks and Spencer, Genes Reunited, Travelzoo, CreditExpert, BBC, Cheapflights, and HMV.  Of course, we also mark legitimate emails from well-known worldwide companies such as PayPal, eBay, Facebook, Twitter, HP, Ticketmaster, Skype, LinkedIn, TripAdvisor, Walmart, and Expedia.    

sample inbox

You can immediately find the real ones and avoid the fake ones.  This is why PayPal endorses the Iconix solution and distributes it for free: 

paypal button

A similar tool is available for free from Trend Micro, a leading internet security provider:

trend micro button

Iconix Supports Google Conversation Modes

October 13, 2010

You may have noticed this recent entry in the Gmail Blog

What happens to your Iconix icons if you elect to use turn off Gmail’s conversation view? The icons will continue to work in both conversation viewing modes. So, you can pick either conversation viewing mode and you will have icons to give you visual information identifying the senders. The personal icons from link to see ME service, our person icon service, will also display in both viewing modes.

      Conversation View On                             Conversation View Off

 conversastin mode on and off

You can also toggle between the modes if you so desire and our icons will continue to work. You can find what you want in the view you prefer.

Phishing – Costco Connection Article

October 7, 2010

The October 2010 edition of “The Costco Connection” references the article “Cyber security” on the cover. (    When I turned to the article, I found it was all about phishing.  As you probably know if you follow Iconix, phishing is on-line fraud which is perpetrated by the impersonation of legitimate email senders.  Highlighted in the center of the article was this guidance from Peter Cassidy, secretary general of the Anti-Phishing Working Group:

 This is not a technical issue; it all happens between your ears.

 The point he is making is that in phishing fraud, the criminal is not using technology to access your stuff (money, accounts, password, email addresses, etc.) – the criminal is deceiving you to compromise your stuff.  How can you tell if you are being deceived?   Cassidy acknowledged that even with research, you may have trouble separating the fake from the legit. 

The sidebar to the article provides practical guidance in avoiding being deceived by phishing scams.  The first word of advice is to be suspicious.  While this is sound advice, how do you actually do that?  Sometimes it is easy.  If you don’t pay for things with PayPal or buy things from, any email claiming to be from these senders is probably fake and is suspicious.  But what if you just made a payment using PayPal or bought an item from  In that case an email from PayPal or is not suspicious — you are expecting to get a confirming email.  In your inbox will be the real email you want and the fake ones you don’t want.  Armed with suspicion, how can you find the ones you want?  How do you tell the real ones from the fake ones?  This is where Iconix can help. 

We mark real emails from thousand of senders including PayPal, eBay, Costco, Bank of America, Twitter, Facebook, and representing every industry imaginable, from banking to travel to social networking.   

 inbox sample



You can immediately find the real ones and avoid the fake ones.  This is why PayPal endorsed the Iconix solution and distributes it for free: 

paypal button



A similar tool is available for free from Trend Micro, a leading internet security provider:

trend micro button

Iconix Issued Fourth U.S. Patent for Email

October 1, 2010

ICONIX, Inc., the industry leader in visual email solutions, announced that the United States Patent and Trademark Office has issued Iconix’s fourth patent titled

The abstract for U.S. Patent 7,801,961, dated September 21, 2010, states: “A system and method for e-mail authentication. The method includes aggregating a plurality of headers associated with an e-mail message and transmitting the aggregated plurality of headers to a validation service. A validation response is then received from the validation service. The e-mail is authenticated based on the validation response.” Iconix filed the patent on May 9, 2008.

“Among other things, various claims of this patent address using standards-based authentication, such as SPF and DKIM, to provide email recipients with visual indications of the integrity of the sender,” said Jeff Wilbur, vice-president of marketing at ICONIX. “In accordance with one aspect of the inventions covered within the patent, giving consumers visual indications of emails’ integrity allows consumers to easily distinguish real email from fake email in their inboxes.”

“The focus of our Online Trust and Cybersecurity Forum in Washington, D.C. is to educate businesses, government organizations and consumer advocacy groups regarding best practices and the latest technologies to ensure safer online experiences,” said Craig Spiezle, Executive Director of the Online Trust Alliance. “The technology delivered by ICONIX in this patent is exactly the type of innovation that helps increase consumer trust in online activity.”

You can read the entire press release here: