{"id":19418,"date":"2022-06-23T06:30:09","date_gmt":"2022-06-23T14:30:09","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2022\/06\/23\/news-13151\/"},"modified":"2022-06-23T06:30:09","modified_gmt":"2022-06-23T14:30:09","slug":"news-13151","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2022\/06\/23\/news-13151\/","title":{"rendered":"Apple says it\u2019s time your business ran BIMI"},"content":{"rendered":"

<\/p>\n

Credit to Author: Jonny Evans| Date: Thu, 23 Jun 2022 06:41:00 -0700<\/strong><\/p>\n

Apple will add another obstacle against successful phishing attacks in iOS 16, iPadOS 16, and macOS Ventura<\/a>, which will show a company\u2019s official logo to help recipients recognize genuine from fake emails.<\/p>\n

Apple\u2019s forthcoming operating systems will support Brand Indicators for Message Identification (BIMI). This is a specification to enable the use of brand-controlled logos within emails and will be a way to tell recipients that an email genuinely comes from the company concerned. Google has supported BIMI since 2021<\/a>.<\/p>\n

BIMI requires that companies authenticate their email using DMARC. Described by the IETF in more detail in a March 2015 document<\/a>, DMARC helps mail administrators\u00a0prevent hackers and other attackers from spoofing their organization and domain.\u00a0<\/p>\n

The feature won\u2019t provide complete peace of mind.<\/p>\n

But what BIMI does provide is a visual way to assess trust when receiving a message, helping protect us against phishing and ransomware exploits by making it far more challenging for criminals to impersonate brand names in emails.<\/p>\n

That\u2019s important in the pluralistic sense \u2014 we\u2019ve all experienced attempts at malware infection buried in emails that purport to come from big brands.<\/p>\n

It may also help protect enterprise communications by making it more challenging to successfully launch phishing and targeted attempts against companies or supply chain partners.<\/p>\n

This is particularly important given that ransomware attackers are currently targeting smaller firms as larger entities put better protection in place \u2014 and that manufacturing firms often rely on outmoded security practices. That is why the relatively recent US Cybersecurity & Infrastructure Security Agency<\/a> has designated manufacturing as one of the critical US sectors that need better security protection.<\/p>\n

The main use is B2C marketing, of course. Marketers will make extensive use of BIMI as they attempt to persuade customers to open email marketing campaigns.<\/p>\n

The magic marketing sauce of combining a trusted brand with relevant content will remain essential to success. It is worth taking note of a recent study <\/a>that suggests consumers are more likely to open emails that display a logo beside the email, and that this kind of branding also improves brand recognition over time.<\/p>\n

BIMI lets brands verify the authenticity of emails they send. Once verified, the system can show the company logo in a relevant position within a supporting email client. BIMI is a text file that is kept on the sender\u2019s server, which ISPs handling end-user traffic can then check to verify authenticity.<\/p>\n

That integration between BIMI, DMARC, and the email client makes it challenging for spammers to figure out how to show their spoof logo in the same spot. The effect is that customers can see if an email is genuine and can delete those that aren\u2019t without ever opening the offending message, further reducing the risk of accidentally running malicious code.<\/p>\n

Apple\u2019s decision to support BIMI in Mail echoes industry acceptance of the standard.\u00a0 Google, Yahoo! Mail, AOL, Verizon, and Microsoft all support it. Apple\u2019s addition means the standard has achieved critical mass.<\/p>\n

This isn\u2019t the only attempt to lock down the internet experience taking place across Apple\u2019s platforms in its next OS updates. Its decision to standardize an alternative to CAPTCHA<\/a> will reduce friction online (and help protect user IP addresses). Its support for next generation authentication in the form of passkeys will be seen as a major step toward replacing password protection<\/a> with more effective biometric account\/service security. Apple continues to invest in privacy, with better protection against cross-site scripting on the way and improvements in endpoint security<\/a> also on the horizon as declarative device management comes to the Mac<\/a>.<\/p>\n

Please follow me on\u00a0<\/em>Twitter<\/em><\/a>, or join me in the\u00a0AppleHolic\u2019s bar & grill<\/a>\u00a0and\u00a0<\/em>Apple Discussions<\/em><\/a>\u00a0groups on MeWe.<\/em><\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Jonny Evans| Date: Thu, 23 Jun 2022 06:41:00 -0700<\/strong><\/p>\n

\n
\n

Apple will add another obstacle against successful phishing attacks in iOS 16, iPadOS 16, and macOS Ventura<\/a>, which will show a company\u2019s official logo to help recipients recognize genuine from fake emails.<\/p>\n

Brand Indicators for Message Identification<\/strong><\/h2>\n

Apple\u2019s forthcoming operating systems will support Brand Indicators for Message Identification (BIMI). This is a specification to enable the use of brand-controlled logos within emails and will be a way to tell recipients that an email genuinely comes from the company concerned. Google has supported BIMI since 2021<\/a>.<\/p>\n

To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[2211,13942,10480,10403,714],"class_list":["post-19418","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-apple","tag-email-clients","tag-ios","tag-macos","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/19418","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=19418"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/19418\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=19418"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=19418"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=19418"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}