Put an end to spam and phishing by reforming email
It is way past time for the internet community to do something serious about spam and phishing attacks. The problem has gone way beyond spam now. Spam itself was quite annoying. We’ve all waded through hundreds, if not thousands, of emails in our inboxes, trying to find the legitimate emails that we wanted. Even all the anti-spam software, spam filters and schemes for authenticating inbound email and making senders click links to verify real people didn’t really stop spam, because the spammers got creative. They said, “We can send emails with keywords that aren’t spelled in a way filters will recognize, or we can send a message that looks like a lot of text, but it’s really just a graphic, so there are no keywords to filter out.” They can come up with any number of other tricks to keep sending spam to honest internet users all over the world. And they do.
For a long time, I was a proponent of the puzzle solution to ending spam, and to some extent I still am, but let me explain why the puzzle solution is not enough. The puzzle solution is designed to add friction to the sending of email by placing a processing burden on outbound mail servers. Essentially, it would slow mail servers so that spammers could never send 10 million emails in one day. It changes the economics of sending spam. Let’s face it: Spam is really an economic question. The only reason spammers are sending spam is because it pays off. If you can change the economics so that it no longer pays off, then they will stop sending spam. They will go off and do something else to con people out of money, but they won’t be sending spam.
Right now, spam is profitable, and that’s why it persists. It’s profitable because it’s cheap to send and because some foolish people still click on spam and buy products from spammers. They are just as much to blame for this problem as the spammers themselves. It only takes one idiot out of 1,000 people clicking a spam email and buying a product to make it financially justifiable for that spammer to send 10 million more emails. In effect, one person can bankroll spam that will affect millions of other people. This is what’s happening today all across the internet.
Phishing is identity theft via spam
Then, something new and horrifying came on the scene. Of course, I’m talking about “phishing.” Phishing is really identity theft, and it’s where spammers got even more creative. They said, “Hey, why make money selling products when we can just send emails to people and act like we’re from their bank?” They get people to log in and type in their username, password and identity information. Then phishers use that information to log in to people’s bank accounts and transfer money to offshore accounts.
This is phishing, and it’s a huge problem. I must get two or three phishing emails from con artists every day. Of course, I ignore them. Most of them are from banks that I don’t bank with. But every once in a while, something comes in from a bank that I do bank with. It’s pretty convincing stuff. If I were a new user to the internet, or if I wasn’t covering this kind of topic, I might click on it and I think it was legitimate. It all looks legitimate. The logo is there, and the domain name looks right. It all looks very official. These scammers are very good and creating these official-looking “phishing” websites. In fact, they’re making a living doing it, and I’m sure they’re making a very good living, because many people log in. They’ll give their usernames, passwords and social security numbers right to the con artists.
Then, it’s over. The con artists have got you. They’ve got everything they need to make your life miserable from that day forward in terms of your finances and your credit rating. Once your identity is stolen, it is very difficult to get your finances back in order.
By the way, if you want to know how to beat identity theft, credit fraud, phishing scams and other threats to your finances and personal safety, definitely check out our downloadable Real Safety Guides…
