How ISPs Fight Smarter Fraud with Shared Email Intelligence

Scams have been part of the email user experience for a generation. As a result consumers have become increasingly sophisticated, and few fall for the old 419 “Nigerian” scheme these days. But scammers too have become more sophisticated, and new types of email fraud have evolved. Most target legitimate accounts to steal passwords, sometimes by scanning inboxes for password resets (i.e., subject line “Forgot your password?”), or to dupe people on the address book into sending money (i.e., the “Spanish Prisoner” scam.) Others rely on a low-key informal peer request to “check out” a bad link; or they phish accounts through legitimate brands or sites that allow peer-initiated invitations. (For more background, download this report:

The resulting theft and fraud from these scams is a big problem, not only for the victims, but for the entire email ecosystem. Fraud erodes consumers’ trust in email; it poisons mailbox providers’ customer relationships; it undermines marketers’ campaign performance. It’s stunting the growth and development of email and it needs to stop.

ISPs and other mailbox providers are taking the lead. More and more are using data analysis to combat fraud, and while their efforts may benefit everyone on the email ecosystem, they’ve got a vested interest in working with all stakeholders to fix this problem. First, from a mailbox provider’s perspective, security compromises are a headache. Users often cancel or abandon their accounts. So do their friends, especially when they, too, fall victim to scams. Second, the damage extends beyond the provider’s network reputation and users’ loyalty. Our data shows an increase in fraud targeting mailbox providers’ infrastructure, systematically using ISPs’ networks as a base for fraudulent activity. We now see more complaints originating from ISP accounts to other ISP accounts than those that were induced by botnet and malware. (For more information on this and compromised mailboxes mailing to spam traps, download our latest Email Intelligence Report.)

Because sharing data across mailbox providers makes the analysis exponentially more valuable, ISPs have recently begun working together to combat fraud, and Return Path is proud to play a central role in this effort. We created a solution that combines our expertise in email analytics with data from the “Trusted Cooperative Network” – a private industry collaboration between ISPs worldwide and Return Path.  We recently unveiled our Fraud Protection Services to give mailbox providers three products that protect against phishing, prevent outbound abuse and detect account compromises, and enable ISPs to share data to catch spam faster to ensure that their networks stay healthy.

The last product is a result of a joint collaboration with ETIS (, the global IT Association for Telecommunications, grouping several prominent European telecom and network infrastructure providers, and enables us to further expand our already extensive coverage worldwide. For Return Path this creates a virtuous cycle by increasing the breadth of our coverage and improving the depth of our insight, enabling us to better serve the ISP community at large as more mailbox providers look to join cooperative efforts to protect themselves, their businesses, and their customers from fraud. In addition to Fraud Protection Services, we also leverage the email intelligence we gain to offer two sets of services that help to protect the email ecosphere:

  • Anti-Spam Services – These include blacklisting, whitelisting, and a publicly available reputation index called Sender Score
  • Postmaster Services – We help automate ISP-Sender relations by processing the largest volume of end-user complaints globally on behalf of ISPs

Our work with mailbox providers around the globe is improving the user experience by preventing unwelcome and fraudulent mail from reaching the inbox. A more secure, trusted inbox is a measurably better environment for marketers whose brands are less likely to suffer reputation damage in phishing attacks, and whose messages no longer compete with increasing volumes of spam and other forms of abuse. The email ecosystem is changing, and the next generation of email users may experience nothing like the lawless free-for-all of yesterday’s inbox.

And if email’s future unfolds along these lines, we’ll owe a debt to mailbox providers and their decision to cooperatively analyze network data across borders and business units for the good of the entire ecosystem. Shared email intelligence is already proving to be an effective antidote to bad actors’ increasing sophistication – it may turn out to be the key to marketing profitability, inbox security, and a new phase of email as a revolutionary communications medium.

If you’re a mailbox provider and you haven’t joined the Trusted Cooperative Network, please consider becoming a part of this effort. Our cloud-based products are easy to set up, you’ll see instant results, and you’ll stand with the world’s biggest ISPs to make email better for all users.

minute read

Popular stories



BriteVerify email verification ensures that an email address actually exists in real-time


The #1 global data quality tool used by thousands of Salesforce admins


Insights and deliverability guidance from the only all-in-one email marketing solution

GridBuddy Cloud

Transform how you interact with your data through the versatility of grids.

Return Path

World-class deliverability applications to optimize email marketing programs

Trust Assessments

A revolutionary new solution for assessing Salesforce data quality


Validity for Email

Increase inbox placement and maximize subscriber reach with clean and actionable data

Validity for Data Management

Simplify data management with solutions that improve data quality and increase CRM adoption

Validity for Sales Productivity

Give your sales team back hours per day with tools designed to increase productivity and mitigate pipeline risks in real-time