Finally, a fix for email
It’s 2024 and email phishing attempts and fraudulent emails are still a large problem for individuals and companies of all sizes, especially bulk email senders such as banks, utilities, and insurance companies.
The damage resulting from a network breach includes steep financial/legal costs, and it can severely damage an organization’s reputation. Financially-motivated phishing and spear-phishing attacks are increasingly putting people and organizations at risk of a breach.
There is a clear need in the market for a simple solution that anyone can use. Consumer data privacy concerns are rising. It’s not an exaggeration to say people are often afraid to open emails, and have to spend time looking at each email before determining whether it is safe to open. While some people unfortunately still fall for phishing scams, more and more people are saying "if I don't trust that email, I don't open it, I just delete it." Deleting is a way people can protect themselves, but there needs to be a way that email senders can help recipients know that emails from them are legitimate, trustworthy and safe to open.
Other anti-phishing solutions are complicated, expensive, and have been often unreliable and ineffective, and so have not been widely adopted. User training, fraudulent web page recognition, augmented login passwords, spam filters, and two-factor verification have not solved the problem of email phishing and fraud. It’s time for something new.
But PhishFlagger™ brings a breath of fresh air to the anti-phishing space with a new anti-phishing safeguard that is easy enough for anyone to understand and use. The goal is simple: help stop phishing and make email safer.
PhishFlagger™ is a licensable email safeguard that detects and prevents phishing email attempts so individuals, businesses, and their customers can verify the authenticity of emails. The heart of PhishFlagger™’s simple idea is expressed in its tagline, “We number emails. Why? To help protect you from phishing attempts and fraudulent email.” PhishFlagger™'s patented method of using a sequential series of numbers, right in the subject line of each email that is sent to a specific recipient, can solve the phishing problem. People don’t have to risk opening an email; they will be able to tell if an email is safe just by checking the email number.
It works this way: every time you send an email to a specific recipient, you prefix the subject line of the email with a number. (This can be a manual process, or the bulk mailer or corporation can optionally use the downloadable Implementation Guide to have their IT departments integrate PhishFlagger within their internal systems.)
Say you’re a business communicating with your client base by email:
So, the first email you send to potential client@market.com would be something like "001- Don't miss out on this unique opportunity to grow your sales."
The second time you send an email to this same person, the subject line would be something like "002 - Last chance to take advantage of this special, limited-time offer!"
The third one would be something like "003 - Another chance to..."
Since the person receiving the email knows that the last email sequence number they received was 003, the next email from that particular sender should be 004. If they receive an email with no number, or with numbers 008 or 017, or anything other than 004, then that email is suspicious and should be viewed as a potential phishing email.
It's so amazingly simple, but since it is virtually impossible for anyone else but the actual sender and receiver to know what the next sequence number is, the receiver should feel much safer when opening a correctly numbered email.
If the correct sequence number is missing there is no need to open the email, thus enhancing safety by avoiding the risk of malicious payloads like a rootkit or other malware that can comprise a system.
Think of it: a sequence of email numbers, like page numbers in a book, helps verify the authenticity of each email. The method is easy enough for anyone to understand and use, even senior citizens who struggle with the waves of malicious email scams aimed at them.
PhishFlagger™’s initial target audience is bulk email senders (banks, insurance companies, financial institutions, and corporations) and it seems like a match made in heaven. Getting people to open all those emails bulk mailers send is critical to converting leads to sales, and extending the lifetime value of a customer. A bulk email sender that uses PhishFlagger™ gives their customers confidence that their emails are safe and that it takes client privacy seriously.
If you are a bulk email sender, PhishFlagger™ has many benefits for you:
Helps protect clients from phishing attempts so people won’t get fooled by fraudulent emails claiming to be from you
Gives your clients confidence that your emails are safe, and authentic, and reminds them that you take their customer privacy seriously
Trust is critical to converting leads to sales and extending the lifetime value of a customer
The PhishFlagger™ brand increases the likelihood that clients will trust and open all those emails you send (very often emails go unread if someone is uncertain whether a given email is safe to open)
PhishFlagger™’s email numbering method is simple and easy for anyone to understand, like page numbers in a book (whereas other anti-phishing solutions are complicated, expensive, and unreliable)
As a bonus that is worth mentioning, the numbering helps people quickly find specific emails when they need to!
Additional information about how PhishFlagger™ works is embedded in every email that is sent, to instill more trust so PhishFlagger™ adoption spreads quickly.
It’s “future-ready,” as they say, and can work as email systems grow and change over time. PhishFlagger™'s method works with existing email systems but can also be adopted by email service providers, IT teams, and developers of email tools and plug-ins to automate the sending of sequentially numbered emails. For example, automated alerts--if the correct email sequence number does not match the message could turn red, start flashing or display an on-screen pop-up message. It could also trigger a mail rule to take further actions, e.g., forwarding the email to a safe place where IT staff could take a look at it too, and reporting the offender to the private PhishFlagger database of suspected phishers.
However, companies that send out emails do not need a new software application. No complex configurations are required. IT staff or IT providers only need to add a sequential counter to the subject line of each email they send to each recipient (tracked in a simple database), following the easy steps in the Implementation Guide.
The problem is clear, andPhishFlagger™’s fix for email is spot on. At first glance, numbering emails like page numbers in a book to prevent email phishing and fraud may sound a little too simple or old-fashioned to work, but maybe simple and old-fashioned are exactly what we need right now. We’ve been numbering book pages for a LONG time. It's a human-compatible approach that can easily be implemented.
William Pearce, Founder, PhishFlagger™