Home
Newsletter
Events
Blogs
Reports
Graphics
RSS
About Us
Support
Write for Us
Media Info
Advertising Info
Spam

Put an end to spam and phishing by reforming email

Monday, May 15, 2006
by Mike Adams, the Health Ranger
Editor of NaturalNews.com (See all articles...)
Tags: spam, phishing, email marketing


Most Viewed Articles
https://www.naturalnews.com/019384_spam_phishing.html
Delicious
diaspora
Print
Email
Share

It is way past time for the internet community to do something serious about spam and phishing attacks. The problem has gone way beyond spam now. Spam itself was quite annoying. We've all waded through hundreds, if not thousands, of emails in our inboxes, trying to find the legitimate emails that we wanted. Even all the anti-spam software, spam filters and schemes for authenticating inbound email and making senders click links to verify real people didn't really stop spam, because the spammers got creative. They said, "We can send emails with keywords that aren't spelled in a way filters will recognize, or we can send a message that looks like a lot of text, but it's really just a graphic, so there are no keywords to filter out." They can come up with any number of other tricks to keep sending spam to honest internet users all over the world. And they do.

For a long time, I was a proponent of the puzzle solution to ending spam, and to some extent I still am, but let me explain why the puzzle solution is not enough. The puzzle solution is designed to add friction to the sending of email by placing a processing burden on outbound mail servers. Essentially, it would slow mail servers so that spammers could never send 10 million emails in one day. It changes the economics of sending spam. Let's face it: Spam is really an economic question. The only reason spammers are sending spam is because it pays off. If you can change the economics so that it no longer pays off, then they will stop sending spam. They will go off and do something else to con people out of money, but they won't be sending spam.

Right now, spam is profitable, and that's why it persists. It's profitable because it's cheap to send and because some foolish people still click on spam and buy products from spammers. They are just as much to blame for this problem as the spammers themselves. It only takes one idiot out of 1,000 people clicking a spam email and buying a product to make it financially justifiable for that spammer to send 10 million more emails. In effect, one person can bankroll spam that will affect millions of other people. This is what's happening today all across the internet.

Phishing is identity theft via spam

Then, something new and horrifying came on the scene. Of course, I'm talking about "phishing." Phishing is really identity theft, and it's where spammers got even more creative. They said, "Hey, why make money selling products when we can just send emails to people and act like we're from their bank?" They get people to log in and type in their username, password and identity information. Then phishers use that information to log in to people's bank accounts and transfer money to offshore accounts.

This is phishing, and it's a huge problem. I must get two or three phishing emails from con artists every day. Of course, I ignore them. Most of them are from banks that I don't bank with. But every once in a while, something comes in from a bank that I do bank with. It's pretty convincing stuff. If I were a new user to the internet, or if I wasn't covering this kind of topic, I might click on it and I think it was legitimate. It all looks legitimate. The logo is there, and the domain name looks right. It all looks very official. These scammers are very good and creating these official-looking "phishing" websites. In fact, they're making a living doing it, and I'm sure they're making a very good living, because many people log in. They'll give their usernames, passwords and social security numbers right to the con artists.

Then, it's over. The con artists have got you. They've got everything they need to make your life miserable from that day forward in terms of your finances and your credit rating. Once your identity is stolen, it is very difficult to get your finances back in order.

By the way, if you want to know how to beat identity theft, credit fraud, phishing scams and other threats to your finances and personal safety, definitely check out our downloadable Real Safety Guides.

The worst may be yet to come

When it comes to email, we used to think that spam was the biggest problem. Now we know that spam was just the tip of the iceberg! Now we've got phishing, and the financial institutions are getting worried because customers of the big banks in the United States and around the world are falling prey to this scam. This is where it's really starting to get serious. Now we have the attention of powerful corporations, because it's hitting them where it counts. These crimes are being committed against their financial institutions.

I think that "phishers" or scammers have awakened a sleeping giant in using this tactic. They have enraged the financial world. The financial world has money, and it is influential. I believe it is going to get some laws put into place that will clamp down on these security breaches. What's at stake here is not just the personal victims of phishing attacks. What's at stake is the credibility of these financial institutions and the credibility of email as a medium of communication. If we can't get these problems solved, people may increasingly distrust email, period.

This threatens the very foundation of trust between customers and their financial institutions. What would happen if we all had to go back to banking by paper and postal services? Can you imagine actually writing out a physical check, licking a stamp and mailing it to your bank? We need to find a way to crack down on phishing and stop the spammers cold.

Solutions for safeguarding online safety

Many of you out there are nodding your head and saying, "Yes, we know all this. What about some solutions?" Remember, I've been in this industry for more than 12 years. I am the president of a software company that's focused on permission email marketing software. I've seen the problems and trends in this industry.

My personal belief is that we're going to require a global system of sender authentication. I regret saying that, because I think it's going to add a layer of bureaucracy to the internet and ultimately make it less free. Freedom is very, very important, especially in terms of online speech. But this problem is becoming so serious that we are looking at a situation where we need to know who is sending email.

Essentially, we need a system in which people who send email must effectively show their ID to send that email. I don't mean that they would send you a copy of their driver's license, but there must be some mechanism by which the identity of a company or individual is permanently and irrevocably attached to that particular message. Then there needs to be a system so that we, as end-users or receivers of the email, can click a link or go to a website to verify the identity of that sender.

This is no small proposal. There are many problems in making this a reality. The first of those problems is that not everybody agrees that this is a viable solution. The second problem is that if there is a cost involved, it becomes an economic issue, and you automatically exclude those who don't have the money to afford this personal identification mechanism, whatever it happens to be. You don't want to punish people in third world countries, people with lower incomes or non-profit organizations. You don't want to say to them, "You can't send email because you can't afford the filing fee." On the other hand, we need a system of authentication. We need to know who's sending emails, and we need to be able to verify it. I think we're past the point now of arguing that everybody should be able to anonymously send email. We must start requiring email sender certification.

At the same time, I do not believe that any particular government should do this. I think if the government gets involved, it will take two or three years longer than necessary to put it in place. This solution must come from the industry itself, and it should probably come from the big companies leading the industry: Microsoft, AOL, Yahoo and MSN. These are the companies that have the influence, the technology and the user base required to put something like this in place.

But here's the catch: These companies have to agree. Imagine sitting all these competitors in the same room and saying, "Map out a solution. Shake hands on it, implement it and exchange these certification systems with each other. Then, propagate it to the entire world." This is no small task, but I believe it is the very task that we must ask these industry leaders to undertake. We must agree to do this if we are going to live in a world where email communications can be trusted. We're at a crossroads now. We can go down the path of allowing email to continue being the Wild West, with anonymous emails flying around with no real control standards and no real authentication system, but things are going to get worse.

Spamming and phishing will only get worse if email isn't reformed

There are going to be more victims of phishing. There are going to be more spammers finding new, creative ways to get into your inbox. The problem is going to get worse. There may be new things coming down the road that we don't even know of yet. Who would have thought of phishing five years ago? What's going to happen two or three years from now? It will probably be something new and even more horrifying in terms of identity theft, credit theft or financial scams. Who knows what these people can come up with?

Or, we can go down another path. We need to reshape the email medium. We need to have a trusted system so that we can authenticate the identity of senders. It's a difficult thing to do, but we can go down that path. We can move on as a society, living in a world where the information technology infrastructure is more secure and more trusted, and we can experience all of the efficiencies of technology and communication that go along with that.

That is the path I think we must choose as a society. It has taken too long to get these big companies to sit down and agree to things. Here's the danger: If they cannot agree on a set of standards, eventually there will be enough pressure from financial institutions, internet users and legitimate email marketing companies to get Congress to pass new laws mandating some kind of sender certification or authentication system. That, my friends, is what we don't want. Again, I think the government won't do it right. It will be very bureaucratic, costly, delayed and inadequate. We do not want the government to come and regulate this medium. We want a private industry solution, and it probably needs to come from the big leaders and the big corporations.

I urge those reading to recognize that now is the time to call for serious reform of the email medium. We need a technical change. It's going to require upgrading all of the SMTP servers and all the POP servers. It needs to cover both the open source community -- all the Linux users and the Unix users -- and of course the Microsoft and Mac world, as well. It must be an open source standard. It can't be a proprietary technology, yet it needs to be secure. It needs to be unbreakable and unhackable. There can be no back doors.

The time for a move toward change is now. If we don't change, the very credibility of the email medium is at stake. If we don't change, governments are going to come in and mandate a solution that none of us want to live with. You can be sure of that.


Receive Our Free Email Newsletter

Get independent news alerts on natural cures, food lab tests, cannabis medicine, science, robotics, drones, privacy and more.




About the author:Mike Adams (aka the "Health Ranger") is a best selling author (#1 best selling science book on Amazon.com) and a globally recognized scientific researcher in clean foods. He serves as the founding editor of NaturalNews.com and the lab science director of an internationally accredited (ISO 17025) analytical laboratory known as CWC Labs. There, he was awarded a Certificate of Excellence for achieving extremely high accuracy in the analysis of toxic elements in unknown water samples using ICP-MS instrumentation. Adams is also highly proficient in running liquid chromatography, ion chromatography and mass spectrometry time-of-flight analytical instrumentation.

Adams is a person of color whose ancestors include Africans and Native American Indians. He's also of Native American heritage, which he credits as inspiring his "Health Ranger" passion for protecting life and nature against the destruction caused by chemicals, heavy metals and other forms of pollution.

Adams is the founder and publisher of the open source science journal Natural Science Journal, the author of numerous peer-reviewed science papers published by the journal, and the author of the world's first book that published ICP-MS heavy metals analysis results for foods, dietary supplements, pet food, spices and fast food. The book is entitled Food Forensics and is published by BenBella Books.

In his laboratory research, Adams has made numerous food safety breakthroughs such as revealing rice protein products imported from Asia to be contaminated with toxic heavy metals like lead, cadmium and tungsten. Adams was the first food science researcher to document high levels of tungsten in superfoods. He also discovered over 11 ppm lead in imported mangosteen powder, and led an industry-wide voluntary agreement to limit heavy metals in rice protein products.

In addition to his lab work, Adams is also the (non-paid) executive director of the non-profit Consumer Wellness Center (CWC), an organization that redirects 100% of its donations receipts to grant programs that teach children and women how to grow their own food or vastly improve their nutrition. Through the non-profit CWC, Adams also launched Nutrition Rescue, a program that donates essential vitamins to people in need. Click here to see some of the CWC success stories.

With a background in science and software technology, Adams is the original founder of the email newsletter technology company known as Arial Software. Using his technical experience combined with his love for natural health, Adams developed and deployed the content management system currently driving NaturalNews.com. He also engineered the high-level statistical algorithms that power SCIENCE.naturalnews.com, a massive research resource featuring over 10 million scientific studies.

Adams is well known for his incredibly popular consumer activism video blowing the lid on fake blueberries used throughout the food supply. He has also exposed "strange fibers" found in Chicken McNuggets, fake academic credentials of so-called health "gurus," dangerous "detox" products imported as battery acid and sold for oral consumption, fake acai berry scams, the California raw milk raids, the vaccine research fraud revealed by industry whistleblowers and many other topics.

Adams has also helped defend the rights of home gardeners and protect the medical freedom rights of parents. Adams is widely recognized to have made a remarkable global impact on issues like GMOs, vaccines, nutrition therapies, human consciousness.

In addition to his activism, Adams is an accomplished musician who has released over a dozen popular songs covering a variety of activism topics.

Click here to read a more detailed bio on Mike Adams, the Health Ranger, at HealthRanger.com.

comments powered by Disqus



Natural News Wire (Sponsored Content)

Science.News
Science News & Studies
Medicine.News
Medicine News and Information
Food.News
Food News & Studies
Health.News
Health News & Studies
Herbs.News
Herbs News & Information
Pollution.News
Pollution News & Studies
Cancer.News
Cancer News & Studies
Climate.News
Climate News & Studies
Survival.News
Survival News & Information
Gear.News
Gear News & Information
Glitch.News
News covering technology, stocks, hackers, and more