- The Washington Times - Monday, November 10, 2003

It’s called “phishing,” the cyber-spoofing that lets someone grab your most personal financial information and, unless you catch on quickly, use it to plunder your bank account, credit card and even your good name.

As noted last week, your columnist was almost a victim. So, too, was another reader, who wrote: “I received a similar e-mail over my PayPal account and had exactly the same reaction you did,” writes this reader, “and the same experience as yours. It was only as I went through the deceptive form that I realized something was wrong and exited without submitting anything.”

What happens when a person’s trusting nature is used against them? That happened to a woman whom I’ll call “Florence.”

“I was a victim.” she wrote. “I received an e-mail that looked like [it was sent by] my [Internet service] provider. This was complete with logo. I gave the credit card and password as requested.”

She also asked a question by return e-mail; when it bounced back, she became nervous and contacted the ISP. The company’s fraud department confirmed her suspicions and she began the task of canceling her credit card, getting a new one, and rearranging the areas of her life on which that card was based: automatic payments and online shopping and the like.

“I am a retired police officer, and I fell for it,” my correspondent wrote. She said that Norton Internet Security didn’t pick up the e-mail as “spam,” and she emphasized how official-looking the item was.

Despite the fact that in this case, spam-filtering software didn’t catch the e-mail — it’s still a good idea, in my view, to have Internet security software on your computer as a first line of defense.

What else can you do? Digital entrepreneur and former Microsoft executive Phil Goldman wrote to suggest his firm’s e-mail system, Mailblocks, which remotely filters your e-mail using a “challenge/response” system. Readers may recall comments here last May about the service.

The way it works is simple: if I send you an e-mail and I’m not on your “approved” list of senders, I receive a reply from Mailblocks. It offers to deliver my e-mail to you, but only if I go to a Web site and enter a unique code. The e-mail from Mailblocks is the “challenge” and my entry of the code the “response.” The premise is simple: a human who wants to communicate with you will go to this trouble; a spammer or spoofer — or their automated mailing system — won’t.

For $9.95 per year, you get access to the service and a 12 MB mailbox that can be used to collect and process e-mail from a variety of accounts. If you are a heavy e-mail user, the $24.95 yearly price of a 50 MB mail box might make more sense. Details on both products are at www.mailblocks.com and I can recommend the service highly.

The only potential “downside” that some might see is this business of issuing “challenges” to people you should be able to do business with easily. The Mailblocks lets you maintain (and add to) an address book of “friendly” senders; my editors and my dad are already on it.

You can also use a “Tracker,” or special e-mail address, to get around the challenge/response system for such e-mail as purchase confirmations or mail lists to which you subscribe. These are, to me, acceptable ways of managing e-mail and avoiding spamming and “phishing.” Just ask my correspondent, the retired police officer.

E-mail MarkKel@aol.com or visit www.kellner.us


Copyright © 2018 The Washington Times, LLC. Click here for reprint permission.

The Washington Times Comment Policy

The Washington Times welcomes your comments on Spot.im, our third-party provider. Please read our Comment Policy before commenting.

 

Click to Read More and View Comments

Click to Hide