Dateline: April 1, 2015; Berkeley, California – Today major mailbox providers and email senders expressed their frustration that nobody is phishing their customers and domains. The universal adoption of email authentication technologies such as SPF, DKIM, and DMARC, and the sudden elimination of spam, has caused criminals to abandon this once-popular activity.
“I guess I can let our engineers get back to Minecraft” — John Ray-Ban, JeezMail
Phishing had been an endemic problem for companies large and small until recently. Part of the reason for its decline has been the near universal deployment of effective email authentication technologies. “We’re very pleased to see that all the email coming in is covered by some kind of email authentication,” said John Ray-Ban of popular webmail service JeezMail. “There were all kinds of spiffy technical things we were working on, which seems like a waste. Maybe we’ll find something else to do with them eventually, but I guess I can let our engineers get back to Minecraft now.”
“I predicted this back in 2004” — Bill Gates, Gates Foundation
The other factor in the decline of phishing is the surprising disappearance of spam, which once accounted for more than 90% of all email and provided camouflage for phishing activities. Apparently when spam failed to be solved by 2006 as he predicted, Bill Gates added spam to the list of things that the Bill and Melinda Gates Foundation would eradicate. “I predicted this back in 2004 at the World Economic Forum, and people have been having a good laugh at my expense over that. But it always takes a few versions before anything really works,” commented Gates. “And by the way: You’re welcome. Now please tell everybody to stop asking me for $5,000 for clicking something on Facebook.” Unfortunately urban legends are not covered by the Foundation’s spam breakthrough.
“Now what am I supposed to do?” — J. Gomez Addams, PayNow
This development has caught many in the industry unprepared. Online payments site PayNow has been leading the charge against phishing for many years, and suddenly faces an unexpected change in direction. “We had all these cross-industry initiatives, international policy programs, and consumer education projects in the pipeline – things that would take years to complete. Now what am I supposed to do all day, watch trailers for the upcoming Star Wars movie?” said J. Gomez Addams, a senior Internet security advisor at PayNow.
“I’m just like the Maytag repair man.” — Mike Sledge, Canadian Farewells
Many email security professionals are now concerned about their future. “I’m just like the Maytag repair man now,” according to Mike Sledge, a security analyst for Canadian Farewells. Readers in North America may remember a decades-long series of television commercials created by the Maytag appliance company, in which a company repair man laments that he has no work to do because their products are so reliable.
Canadian Farewells is best known for sending extremely polite “thank you” messages on behalf of newlyweds and ungrateful children who simply don’t have time for these social niceties. “There are no abuse reports coming in any more,” said Sledge, “so I’ve got nothing to do but watch the fungus growing on the walls of my office. There’s something that’s not about to be eradicated – maybe I’ll make fungus my next career.”
DMARC.org’s mission was to promote the use of DMARC and related email authentication technologies to reduce fraudulent email, in a way that could be sustained at Internet scale – until the whole problem of fraudulent email went away on April 1st. For more information on the significance of this date, and the absurdity of this blog post, please refer to this Wikipedia article.