Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
Photo by Scott Webb on Unsplash
Itâs surprisingly difficult to know whether an email youâve received is trustworthy.
Why is this so hard? Well, you canât trust the sender name. You canât trust the emailâs aesthetics. And you definitely canât trust the copy. To be safe, you need to verify the senderâs domain name and the domain of all outgoing links.
Put yourself in the shoes of a random user and try to decipher âefax.hosting.com.mailru.coâ or âdrive.google.com.download-photo.netâ. Itâs unreasonable to expect the average user to be on high alert every time they open their inbox, so letâs find a better way.
Using color
The fundamental problem is that the information you need to determine whether an email is safe is 1) hard to find and 2) hard to understand. In a perfect world, this information would be 1) easy to skim and 2) impossible to misread.
There are a handful of ways to verify youâre talking with the right person. You can verify 1) something they are (biometrics), 2) something they have (2FA codes), or 3) something they know (passwords). Itâs not immediately clear how we might associate emails with sendersâ biometrics or 2FA codes, but we can definitely work off the idea of an âemail passwordâ.
We provide websites with passwords to verify who we are all the time. What if websites needed to provide us a password so that we could verify who they were? And what if these passwords werenât complicated strings but rather easy-to-skim colors?
https://github.com/turbomaze/colorful-phish
Imagine this: the moment you created a password for a website, they created one to use with you. In your welcome email, they told you what this password was: a specific color, unique to your account. From that moment forward, you could rest easy knowing that if an email didnât contain that exact color, then you were getting phished.
Hereâs an example of what one of these welcome emails might look like:
And weâre done. Colors are simple to implement, easy to skim, and impossible to misunderstand. Check out colorful-phish on GitHub for a Node.js implementation that will help you eliminate phishing on your site with 3 lines of code.
If you have any thoughts or want to riff on related ideas, you can find me on Twitter at https://twitter.com/@imigliu.
How Color Can Prevent Your Users from Getting Phished was originally published in Hacker Noon on Medium, where people are continuing the conversation by highlighting and responding to this story.
Publication date
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.