Phishing (fish’ing – to trick people into providing their personal and financial information by pretending to be from a legitimate company, agency or organization) is a fairly new scam propagating itself on the internet in many different forms. Each has the same sole purpose of convincing you to volunteer your personal and financial information and hand if over to these crooks.

One such attack was targeting PayPal (www.PayPal.com) customers, by sending out mass email (spam) stating that there had been a security breach and the account has been suspended until you verify some information. Well this may sound reasonable, but the truth behind this was it was not from PayPal; rather a carefully orchestrated scam to capture your PayPal username and password, credit card information, debt card pin number, mailing address, and social security number among others. What made these even scarier was the fact that the message was designed so well—using PayPal’s logo and website layout perfectly—that even I had to take a second look. This convinced people of the legitimacy of the message and prompted individuals—estimated in the thousands—to happily provide their information over to the scammer.

There were a few items that made this email message stand out as a fraudulent spam message rather than legit communication:

• Greeting: The greeting at the top of the message was “Dear PayPal Member”. This should alert you as PayPal, along with most major companies will address you by name or company associated with the account. EX: Dear Steven

• Website address: The website address that was being linked to from within the message was not www.PayPal.com, but rather a very clever hoax. When you look at the link in the message it appears to go to PayPal’s website, but when you click on it a different address (one of the scammer’s website) loads.

Now that I have scared you enough for one article, which this is not my intention to do so, but you must also realize the severity of this issue; there are a few simple things to keep in mind. Do not trust email messages. Let me say that one more time DO NOT TRUST EMAIL MESSAGES. If something seems fishy (no pun intended), do not trust it. If it tells you to update your information, call the company up that it mentions or login to your account as you normally would. In this example, you could call PayPal’s customer service number or login at PayPal’s website (visit it by opening your web browser and manually entering http://www.PayPal.com–not through the link provided in the email). Doing so will verify that you are not falling victim to Phishing.

Steven Carlson is an expert in identity theft and issues relating to credit restructuring solutions. He is serves as the President and CEO of Digital Intelligence Group, Inc. (www.DigitalIG.com) a company that provides identity theft and credit restructuring services through its brand eCreditRx (www.eCreditRx.com).

Many companies have no idea their products are being sold on the black market or their customers are tangled in credit card frauds thinking they ordered something from your organization and are about to receive zip. These shifty sales schemes cost companies billions of dollars each year in lost customers and sales of products and services.

While Aunt Margaret may have served Hormel canned pork (SPiced hAM referred to as Spam), like it or not, you knew what was in it. With Internet spam (unsolicited bulk email or unsolicited multiple postings to one or more Usenet newsgroups), you don’t always know what you’re getting. Some spam messages are convincing. Some are plain annoying. Whether spicy or not, many of them result in criminal offenses on a worldwide level.

Producers of a popular product, a drug like Retin-A, a best-selling software program, or a service such as a vacation package, are all economically affected by spammers. When people buy these knock-offs, legitimate companies lose money. When people order something and don’t receive it, your company gets a bad name.

Five strategies for protecting assets

Whether your company sells pharmaceuticals, software, or other products, these five plans of action will help stop brand and revenue robbery:

1. Protect your intellectual property.
Follow these guidelines for managing the digital rights to your property and for protecting it.

- Verify everything is copyrighted and trademarks are registered. That includes registering with the U.S. Customs Service, because much of this criminal action happens overseas.

- Make formal contracts with your distributors or authorized resellers. Get it in writing that they agree not to send spam about your products.

Unfortunately, in most cases, your audience assumes you or one of your distributors is sending these spam messages about your product. Most of your customers or prospects have no idea someone completely unrelated to your sales organization would take the liberty to send a missive about your intellectual property.

2. Join industry associations.
Every member of the Internet community will be more effective working together than as individual organizations. One way to connect with other companies facing the same problem is by participating in lobbying efforts with them. If you work together, you can trade war stories and tap into additional valuable resources. Try to connect with people that share the same values your organization does. Communicate regularly about issues surrounding spam and the progress of your task force.

3. Be prepared to react.
Once you catch someone, be prepared to prosecute immediately. Spam prevention can only happen at the expense of current spammers, by taking legal steps to enforce the minimal standard out there, and prosecute those guilty of major crimes.

- Set up investigators to sleuth the problem.

- Set up an abuse email address (abuse@yourcompany.com) so buyers and customers can forward spam to you.

- Report anything that affects your brand to the authorities.

- Track the spammer down. Instead of starting at the sender of the spam, direct your search to the end result of the spam. You can do this by making a purchase. That way you will know immediately if the spam is criminal in nature. You will also know where the spammer collects his or her payment, and if the spammer is a pirate or credit card scam artist.

- If the party is guilty of pirating your product, work with that third party payment collection company such as Visa, PayPal, or BillPay and inform them of the problem. They will then get a court injunction to cease and desist, meaning they can shut the guilty spammer down. If the party is guilty of credit card fraud, inform the third party payment company, and also inform the internet service provider (ISP). In the U.S., the ISP will immediately shut down the spammer. Other countries have different laws, however, which is one of the reasons you want to register your product with the U.S. Customs Service.

Know that if you prosecute legally, once you get a court injunction and win your case, you are eligible for disgorgement. This legal term means you are entitled to all of the revenue that the spammer collects. While you may not get rich, at least you’ll help stop the problem at its source.

4. Establish great business relationships with distributors and customers.
This strategy relies heavily on public relations including enewsletters. Part of image building, your branding falls under ensuring good business relations. Plante recommends the following ways to build these relationships:

- Let your customers know that spam exists.

- Send out customer surveys about your products and their attitude about spam, piracy, and credit card fraud.

- Create publicity around your steps as a Spam Fighter. Position yourself as a leader in the fight. Perhaps, add an occasional article in your newsletter about your fight against spam or put a note that spam is not tolerated by the "unsubscribe to newsletter" information.

5. Don’t continue to spread spam to other users.
While legislation is one way to prevent spam from spreading, Robert Alberti of Sanction, Inc., recommends using technology such as firewalls, spam filters, and virus protection to help prevent and detect fraud. He also recommends using the task force to help end users become more knowledgeable about spam.

Position yourself in the eyes of customers and prospects as one of the "good guys." Regularly inform customers about the steps you’re taking and alert them about possible fraud. As long as you continue to communicate with your customers, they’ll realize the people at your company and throughout the Internet community don’t like the taste of e-mail spam.

Meryl K. Evans is the Content Maven behind meryl.net who increases conversion rates by writing and editing content so organization can focus on their core business. She is the editor-in-chief of the eNewsletter Journal and Shavlik’s The Remediator Security Digest. Visit her Web site at http://www.meryl.net/blog/.

Firstly, and this is a great, little known tip. You can get yourself a free email account, (the bigger the better) which is a great thing to have if you use a lot of FFA`s, Classified sites, Search Engine Submittals etc. When you create the junkmail account, be sure to save the information you`ve used to create it with into a Wordpad/Notepad file.

When the account is full, flit through it quickly, just to make sure there`s nothing of real importance there. If there is, copy and paste it to your favourite text document. Then just go ahead and delete the whole junkmail account. You`ve saved the info you used to create it with in the first place, so it`ll only take a couple of minutes to re-create it.

Next, whenever you join a program or a site, have your email client open at the same time, so you get the welcome mails immediately. Confirm the welcome immediately, then put the mail into a special folder, created for all emails from that particular address.

That way, different emails go to different folders, without getting too mixed up. If and when you decide to leave that program, delete all the mail you`ve saved from them, but please make sure that you DO actually opt-out before doing this.

Another thing to remember is if you`re getting mails from someplace and you`re pretty darned sure you have absolutely no reason to be getting them, DON`T click on the remove me link! What you`re really doing, is letting the spammers know that they`ve mailed to a real, used address, and they`ll mail more and more, and never stop. Some of the more unscrupulous ones will even sell your address to be used as part of a mailing list, which in turn with result in even MORE spam.

A lot of people seem to have forgotten where the delete button is, and scream the dreaded word "SPAM!!" as soon as an unfamiliar looking email drops into their inbox. This can be very damaging to legitimate business owners, so please, don`t ever say spam, unless it well and truly is.

If you really don`t have time or inclination to follow these tips, there IS software out there that can filter your mails automatically for you. The biggest drawback with these is that they can actually stop you receiving mail that you WANT to get if you don`t set it up properly.

Setting up the software filters can also be very confusing and time consuming, so if that`s the way you choose to go, make sure you set aside some time for it, and don`t get distracted by anything else until it`s done.

May you be prosperous in everything you do.

-=-=-=-=-=-=-Resource Box-=-=-=–=-=-=-=-
Avoid scams, shams and spam with Not Just Another Ezine!
Full of free downloads, ebooks and information to maximize
your time online. Subscribe free! http://annamarketing.com
admin@annamarketing.com subject=subscribe
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
This article is available for reprint in your opt-in ezine,
web site or ebook. You MUST agree not to make any changes
to the article and the RESOURCE BOX MUST be included.
(c) 2002 - 2004 AnnaMarketing.com. All Rights Reserved

But lately it’s got out of control. Over half of my email is now spam, and it was growing by the week - until I took action.

This article shows you some strategies for winning the war on spam.

————————————————

How Do They Get Your Address?

————————————————

In the old days, spammers got their addresses mainly from Newsgroups - if you didn’t post to Newsgroups, you were reasonably safe. But they’re now using a much more efficient method to build their lists - email harvesters.

Email harvesters are robots that roam the Internet collecting email addresses from web pages. Examples are EmailSiphon, Cherry Picker, Web Weasel, Web Bandit and Email Wolf, to name just a few.

How can you protect yourself from email harvesters?

By ‘munging’ (mung = ‘mash until no good’) or cloaking your email address.

There are many ways of munging your address - the easiest technique is to use ASCII code for the punctuation in your email address (instead of symbols).

For the colon after mailto use : and for the @ symbol use @ and for the period use . . With this method, your email address would become:

mailto:yourname@yourdomain.com

but it will display as:

mailto:yourname@yourdomain.com

Your email address will appear exactly as it did before, and it will still be ‘clickable’, but email harvesters will ignore it and move on.

There are also JavaScript’s that you can insert into your web page that will make your email address visible to humans but invisible to harvesting programs. Here’s one that works very well: http://pointlessprocess.com/JavaScripts/anti-spam.htm

—————————–

How To Fight Spam

—————————–

The most important thing is never, ever, reply to spam.

Most spam contains an innocent-looking ‘remove me’ email address. Do not use it. Here’s why:

Spammers typically buy a CD containing a million or so email addresses, but they have no idea how many of those addresses are active. So before beginning their marketing campaign in earnest, they send out a ‘test message’ to the entire list.

The test message contains an email address for removing yourself. When you reply to that address, it confirms to the spammer that your address is active and therefore worth spamming.

Worse still, the spammer may be distilling from that CD a list of confirmed active addresses that he will then sell to another spammer.

The key to dealing with spam is to report it to a 3rd party: (1) the affiliate program that the spammer is advertising, (2) the spammer’s web host, or (3) the ISP the spammer used to connect to the Internet.

When you report spam to a 3rd party, remember to be polite - they didn’t send the spam and they’re probably just as anti-spam as you are.

(1) Reporting to Affiliate Programs

Many spammers are affiliates advertising someone else’s products or services. So look for a website address that contains an affiliate link, something like this: www.affiliateprogramdomain/841526

Then just send an email to the affiliate program (abuse@affiliateprogramdomain.com), informing them that you are receiving spam from one of their affiliates.

Most affiliate programs have zero tolerance for spamming and will remove an affiliate spammer without warning.

Now, affiliate spammers don’t want you to see their affiliate link, so many of them send their email as HTML. All you see in the message are the words ‘Click Here and Order Now’.

But in your browser just click on ‘View Source Code’ and search for the letters ‘http’. That will take you to the spammer’s affiliate link.

(2) Reporting to Web Hosts

If the spam doesn’t contain an affiliate link, it’s likely that it is coming from the owner of the domain name. In that case you’ll have to report it to the spammer’s web host or their ISP.

To make a report to the spammer’s web host just go to Whois, the directory of registered domain names: http://www.netsol.com/cgi-bin/whois/whois

Type in the spammer’s domain (the website address that appears in the spam) together with the extension (.com, .org, .net etc).

The host for that domain will usually be listed as the Technical Contact in the Whois record and there will be an email address for contacting them.

(3) Reporting to ISPs

To report a spammer to his Internet Service Provider, you’ll have to look at the spam’s ‘extended headers’.

Extended headers show the servers that the message passed through in order to get to you. The instructions for viewing extended headers will vary depending on what email client you are using.

=> In Pegasus Mail, open the offending message and then

right-click and choose ‘Show raw message data’.

=> In Eudora Light, click on ‘Tools’ in the top menu

bar, and then ‘Options’, and then select the

checkbox option that says ‘Show all headers (even

the ugly ones)’ and click OK.

=> In Outlook Express, open the offending message,

select ‘Properties’ from the File menu and then

click the ‘Details’ tab.

Reading and understanding extended headers is quite a detailed subject. Here’s an excellent free tutorial on how to decipher extended headers: http://www.doughnut.demon.co.uk/SpamTracking101.html

As an alternative to these reporting techniques, you could use a web-based spam reporting service such as SpamCop (www.spamcop.net). SpamCop deciphers the spam’s message headers and traces the mail back to its source.

Wishing you every success in the fight against spam!

————————————————————
Michael Southon has been writing for the Internet for over 3
years. He has shown hundreds of webmasters how to use this
simple technique to build a successful online business. Click
here to find out more: http://ezine-writer.com/
————————————————————

The first paragraph reads: "I had received this program before and threw it away, but later I wondered if I shouldn’t have given it a try. Of course, I had no idea who to contact to get a copy, so I had to wait until I was mailed another copy of the program - eleven months passed, then it came. I DIDN’T throw this one away. I made $41,000 on the first try!!" Signed by D. Wilburn, Muncie IN.

In order to get your attention quick, Mr. or Ms Wilburn shares their experience of making the mistake of throwing the letter away. A normal person will say to themselves: "I don’t want to make the same mistake Wilburn did. He had to wait another 11 months before he had the chance, so I better really read this thing." But in reality you’ll find out that this piece of garbage has been floating around for years and if you miss this copy, you’ll get another one tomorrow or the day after.

The next thing you see is a bold headline reading: "You are about to make at least $50,000 in less than 90 days - in the comfort of your own home. Read the enclosed program, then read it again." The average person is skeptical but the idea of money has been planted in your mind right up front. This will cause you to read a little while longer.

The rest of the page is completely filled with hype - informing you everything is LEGITIMATE and LEGAL. (We all want to be legitimate and legal don’t we?) Claims are made that the program works 100% every time and how thousands have used the program to raise capital to start their own business, pay off debts, homes, cars, etc., and even retire. You can ALWAYS recognize a scam because your emotions are appealed to in a big way. Think about it - doesn’t everyone on the planet earth want money to start a business? Pay off debts? Have homes, cars, etc.? Would anyone turn this offer away? NO! That’s what makes it so easy to recognize these scams - they appeal to everybody and do nothing! Your emotions are cruelly played with!

Okay, let’s move on. Frank T of Bel Air MD relates his personal testimonial at the top of Page 2. Try to look in the phone book and find either D Wilburn or Frank T. Notice how only a partial part of their names and addresses are ALWAYS presented. This is so nobody can find them. But why bother? They don’t exist!

The instructions are presented on the rest of Page 2. They consist of precise directions for ordering four reports, paying $5 cash for each one and moving the names around on the list. This is a typical chain letter and they don’t work because 99.9% of everyone receiving it replaces their name and members of their family with the people listed.

These instructions are completely stupid. They make you go through a bunch of bull just to make you believe you are doing something worthwhile. Actually - all they’re doing is selling you some worthless reports - which you may or may not ever receive.

Page 3 instructs you to get a mailing list to mail the letter you are reading to. Of course, when you order the reports, you will get information on where to purchase this mailing list. Don’t you see that these people only care about selling you a mailing list? They could care less if you get a response or not because they made their money from you purchasing their bunch of worthless names and addresses. In fact, you are even told to get names and addresses from your phone book. Come on! This is the ABSOLUTE WORST way to sell anything simply because you have no idea what these people are interested in. Even if you sold a real product, let’s say: baby-sitting services - you wouldn’t sit down and advertise it by writing letters to everyone in the phone book. Instead, you’d place an ad in the paper and have people only interested in baby-sitting contact you.

Now comes the guarantee. It says: "The check point which guarantees your success is simply this: you must receive 15-20 orders for Report 1. This is a must. If you don’t within 2 weeks, send out more programs until you do. Then, a couple weeks later, you should receive at least 100 orders for Report 2." Notice the word "should." The fact is, you could mail until the day the Lord comes back and you’ll NEVER get 15-20 orders. You’d be lucky to get even one. Believe me - 1,000’s of people have put the chain letter theory to a variety of tests and actually given it every chance in the world to make money. None have ever worked.

Now, here’s the hype that really gets most people. Here it is reprinted in it’s entirety: "Let’s say you decide to start small, just to see how it goes, and we will assume you and all those involved send out only 200 programs each. Let’s also assume that the mailing receives a 5% response. Using a good list, the response could be much better. Also, many people will send out thousands of programs instead of 200! But, continuing with this example, you send out 200 programs. With a 5% response, that is, 10 orders for Report 1 (ten people responded by sending out 200 programs each) for a total of 2,000. The 5% response that brings 100 orders for report 2. Those mail out 200 programs for a total of 20,000. The 5% response to those is 1,000 orders for Report 3. The 1,000 send out 200,000 total and the 5% response to that is 10,000 orders for Report 4 (10,000 $5 for you.) Your total income in this example is $50 + $550 + $5,000 + $50,000 + $55,550. Remember friend, this is assuming that 95 out of 100 people you mail to will do absolutely nothing and trash this program. Dare to think what would happen if everyone sent out 1,000 programs instead of only 200. Believe it, many people will do that and more. By the way, at current prices, your cost to send out 200 programs is less than $100. The participation fee is ridiculously low when you consider what you stand to gain! Consider yourself fortunate to be invited to participate in an exclusive program that really works. Have faith. Think positively, Keep in mind that your investment is minimal and it’s easy money invested in you."

Give me a break! What a bunch of lies. Anybody that reads this and really believes it can work must also believe that Snow White really lives in the forest with the 7 dwarfs.

The truth of the matter is that it really would work if everyone did what they were supposed to do - but they won’t. I’ll prove it. Go to a place where there are a lot of people (like a mall). Walk up to the first person you meet and ask them to give you a $5 bill. In return for their $5, they will get $50,000 if they will just find 10,000 other people to give them $5 by promising them the same thing. How many people do you think will take you up on your offer? If you do find one person to do it they will either be mentally retarded or hard of hearing. So if you couldn’t work the program in person, what makes you think it will work through the mail with people who have no idea who you are? The truth is - it doesn’t work. It NEVER will!

Page 4 tells you all about these four wonderful reports you will be purchasing. Their titles are beautiful: "How to Make $250,000 Through Multi-Level Order Sales" and "Sources For The Best Mailing Lists." I’m sure we all can’t wait to order them right away.

Page 5 is a personal note from the originator of the program - Edward L. Green. He doesn’t have a city and state beside his name. Why? Because his full name is used. (Remember, they don’t want you to try and find these people.) A real testimonial would be proud to give you the full name, full address and phone number of the individual so you could get in touch with them to find out more about the program. Anyone hiding so that you can’t call them up or write to them directly is a scam artist. No doubt about it!

Edward L Green tells you about how poor he was in 1979. He also says that he will never see a penny of your money. He has already made $4 million and wants to retire. Give me a break. If you made $4 million wouldn’t you want $5 million or $10 million or $20 million. Why stop at a measly $4 million when you could star on the Lifestyles of The Rich and Famous and be interviewed by Robin Leach? $4 million is chicken feed if something really worked to bring in this amount of money!

Amazingly though, on Page 6, Johnson Distributing gives a real name and address. But try to get a phone number on them with an address of "PO Box 7, SAFB IL 42225-0007." It doesn’t exist!

Page 7 and 8 contain letters from Chris Johnson, Paul Johnson, A. Zurki, Carl Winslow, A.S. Jalosyk, Bill Nelson, J.T. Adams, Charles Fairchild, Tommy Jayhet and Mary Rockland. They all tell you some hard luck story about how this program changed their life. Again - try to contact them. If you live in Waco TX, try and find Tommy Jayhet and see what he has to say about all this.

Do you get the picture yet? Almost all scams follow this same general theme. Don’t get taken!

———————————————————
Julia Tang publishes Smart Online Business Tips, a fresh
and informative newsletter dedicated to supporting people
like you! To find out the best online business opportunities,
and to discover hundreds more proven and practical internet
marketing secrets, plus FREE internet marketing products
worth over $200, visit: http://www.best-internet-businesses.com
———————————————————-

Note: Feel free to publish it with the resource box and content unchanged

Spam is text or URL, in one or several exemplars, neither being waited nor wished, not having, neither directly nor from its shipper, no relationship neither with the recipient nor with a possible
resource related to the recipient.

How does spam appears in blogs ?

• Through the comments’ body and commentator’s URL.
• Through trackbacks’ excerpt and permalink’s URL

What are the anti-spam methods?

• Authentication by connection
• CAPTCHA
• Black List
• Bayesian Filter

Other methods to minimize spam :

• Time Interval between submissions / Number of submissions per hour.
• DDD.
• Secure Form Mode : force page and submission to be manual.
• Rank Denial : Directs hyperlinks an intermediary server.
• Autoclose after N days: entry stops accepting comments or trackbacks.

Which data are analyzed by these methods ?

Active methods do analyze the shipper to check if it’s:
• a spamer by coparing its IP address with blacklisted ones.
• authorized by authentication
• a human by CAPTCHA

Passive methods do analyze :
• comment’s data:
  • nickname
  • eMail address
  • URL
  • message
• trackback’s data (concerning the shipping blog):
  • blog’s name
  • entry’s title
  • entry’s excerpt
  • permalink’s URL

What are the limits to these methods ?

Cross use of several of these methods allows excellent results concerning comments, but weak results concerning trackbakcs.
Difference between comments and trackbacks is that comments are sent from the recipient’s blog, which allosw all above methods to be used, whereas trackbacks are sent from the shipping blog (this avoids the use and need of 2 interfaces).
- Consequently it’s not possible to use CAPTCHA, authentication and Secure Form Mode methods with trackbacks.
- Another big problem, when all the trackback’s data are unknown, especially the IP address, it is quite impossible to avoid spam, mainly because the blacklist and the bayesian filter are becoming inefficient.
- Last inconvenient, trackback autodiscovery is usefull for bookmarklets but also to spamers to who it gives the trackback URL.

Glimpse on futures anti-trackback-spam methods

Copyright © 2004 - Reflexive-Blog - Bobby Masteria
Webdesigner - WebMaster - MetaBlogger - Multi-Blogger - BlogMaster
Licence - Reflexive-Blog - Anti Trackback and Comment Spam Methods - Méthodes Anti Spam de Trackback et de Commentaire
Always use the URL Associated with this article. - Always use and mention my full name. - Never mention my eMail address.

Spam is a very real problem that many people have to deal with on a daily basis. For those that have decided to do something about it and start to investigate the options available in spam filtering, this article provides a brief introduction to your options and the types of spam filters available.

Despite the bewildering array of spam filters available today, all claiming to the best one “of its kind” there are really just five filtering methodologies in general use today and all products rely on one, or a combination of these:

Content-Based Filters

“In the beginning, there were content-based filters.”

These filters scan the contents of the and look for tell-tale signs that the message is spam. In the early days of spamming it was quite simple to look out for “Kill Words” such as ”Lose Weight” and mark a message as spam if it was found.

Very soon though, spammers got wise to this and started resorting to all kinds of tricks to get their message past the filters. The days of “obfuscation” had begun. We started getting messages containing the phrase “L0se Welght” (Notice the zero for “o” and “l” for “i”) and even more bizarre – and sometimes quite ingenious – variations.

This rendered basic content-based filters somewhat ineffective, although there are one or two on the market now that are clever enough to “see through” theses attempts and still provide good results.

Bayesian Based Filters

“The Reverend Bayes comes to the rescue”

Born in London 1702, the son of a minister, Thomas Bayes developed a formula which allowed him to determine the probability of an event occurring based on the probabilities of two or more independent evidentiary events.

Bayesian filters “learn” from studying known good and bad messages. Each message is split into single “word bytes”, or tokens and these tokens are placed into a database along with how often they are found in each kind of message.

When a new message arrives to be tested by the filter, the new message is also split into tokens and each token is looked up in the database. Extrapolating results from the database and applying a form of the good reverend’s formula, know as the a “Naive Bayesian” formula, the message is given a “spamicity” rating and can be dealt with accordingly.

Bayesian filters typically are capable of achieving very good accuracy rates (>97% is not uncommon), and require very little on-going maintenance.

Whitelist/Blacklist Filters

“Who goes there, friend or foe?”

This very basic form of filtering is seldom used on its own nowadays, but can be useful as part of a larger filtering strategy.

A “whitelist” is nothing more than a list of e-mail addresses from which you wish to accept communications. A whitelist filter would only accept messages from these people and all others would be rejected

A “blacklist”, conversely, is a list of e-mail addresses - and sometimes IP Addresses (computer identification addresses) - from which communications will not be accepted.

While this may seem like a good idea from the outset, a whitelist methodology is too restrictive for most people and, as virtually all spam e-mails carry a forged “from” address, there is little point in collecting this address to ban it in future as it is very unlikely to be the same next time.

There are bodies on the internet that maintain a list of known “bad” sources of e-mail. Many filters today have the ability to query these servers to see if the message they are looking at comes from a source identified by this Internet-based blacklist, or RBL. While being quite effective, they do tend to suffer from “false positives” where good messages are incorrectly identified as spam. This happens often with newsletters.

Challenge/Response Filters

“Open sesame!”

Challenge/Response filters are characterised by their ability to automatically send a response to a previously unknown sender asking them to take some further action before their message will be delivered. This is often referred to as a "Turing Test" - named after a test devised by British mathematician Alan Turing to determine if machines could “think”.

Recent years have seen the appearance of some internet services which automatically perform this Challenge/Response function for the user and require the sender of an e-mail to visit their web site to facilitate the receipt of their message.

Critics of this system claim it to be too drastic a measure and that it sends a message that "my time is more important than yours" to the people trying to communicate with you.

For some low traffic e-mail users though, this system alone may be a perfectly acceptable method of completely eliminating spam from their inbox - one step above the "Whitelist" system outlined above.

Community Filters

“A united front”

These types of filters work on the principal of "communal knowledge" of spam. When a user receives a spam message, they simply mark it as such in their filter. This information is sent to a central server where a “fingerprint” of the message is stored.

After enough people have “voted” this message to be spam, then it is stopped from reaching all the other people in the community.

This type of filtering can prove to be quite effective, although it stands to reason that it can never be 100% effective as a few people have to receive the spam for it to be “flagged” in the first place. Just like its similar cousin the Internet black list (RBL), this system also can suffer from “false positives”, or messages incorrectly identified as spam.

Hopefully you are now armed with a little more information to be able to make an informed decision on the best spam filter for you.

For further information, consider reading the reviews and articles found at http://www.whichspamfilter.com

Alan Hearnshaw is a computer programmer and the owner of http://www.whichspamfilter.com, a web site which conducts weekly in-depth reviews of current spam filters, provides help and guidance in the fight against spam and provides a useful community forum. alan@whichspamfilter.com

This fraudulent activity is considered the fastest growing crime of modern times. The favorite target groups of phishers seem to be very young children and senior citizens, as they do not often ask for credit reports, fill out credit card applications or solicit loans. This allows the thieves to go undetected for longer periods of time; but still, be careful. We all are potential targets.

Remember when throwing away unshredded documents with personal information in the trash bin was considered a big risk for identity theft? While this still happens, identity thieves have become more sophisticated in recent times, and this is how they do it…

Phishers create bogus e-mails that look as if they came from large, well-known institutions and banks, such as eBay, Paypal, Citibank, EarthLink, and Wells Fargo among others. These e-mails claim that you are due for an account update, or that the account number, password, social security number or other confidential information needs to be verified. Then they warn you, stating that if you do not do it within a certain period of time, that your account will be closed, terminated, the service discontinued, or something to that effect.

They even provide you with links to websites that look legitimate, because they hijack the real logos of these well known banks, and trusted institutions and companies. And that is the scary part… these e-mails look 100% legitimate, but they are not.

In some cases it goes even further… some of these phishers are installing spyware on your computer to monitor your online activities. So… should you leave the online world for good? Not necessarily.

These are a few things you can do to protect yourself from these scammers:

1. Do not respond to any e-mail that asks for personal information from you, such as account number, credit card number, user names, passwords, etc. If you suspect that the e-mail, indeed, be legitimate, contact your bank or institution to verify this.

2. When in doubt, visit the Anti-Phishing Working Group for an update of the latest scams, and tips to avoid becoming a victim. The website’s URL is www.antiphishing.org

3. Websites like www.Paypal.com, www.citibank.com, and www.ebay.com, offer security tips and tell you what information they’d never ask for in an e-mail.

4. Get anti-virus software and keep it up-to-date.

5. If you suspect you have received a fraudulent e-mail, do not click on any links within it, and forward it to the FTC at uce@FTC.gov

Finally, if you suspect you’ve been a victim of this fraud, get a copy of your credit report immediately to check for unusual activity. If you discover that you’ve been a victim of identity theft, close your account at once and…

- Call the Credit Bureau.

- File a police report.

- Call the FTC ID theft hotline at (877)IDTHEFT.

- Alert other financial institutions where you have accounts.

According to the Anti-Phishing Working Group, phishers send millions of e-mails a day, getting about 5% response. Even with this low response, it is estimated that about 150,000 Americans have fallen prey to these scams since May of 2004. Get informed. Do not become a victim yourself.

==============================================

You have permission to publish this article electronically or in print, free of charge, as long as the bylines are included. A courtesy copy of your publication would be appreciated.

E-mail: marketingplanet1@aol.com
November, 2004.

==============================================

Tamara Baruhovich is the author of "Straight Talk about Network Marketing" A no hype, no B.S. e-course that shouldn’t be missed if you are serious about starting a successful career in Network Marketing! Get your complimentary copy here… e-course04@aweber.com

Again, if it is sent unsolicited and in bulk, it is spam plain and simple. Sure we want spam to stop. Nobody wants their e-mail address cycling around from spammer to spammer. We can delete it, but have you ever stopped to consider how much time we actually spend each day hitting the ‘Delete’ button? We should not have to beg to be removed from something we did not ask to be put on in the first place! So where do we draw the line? When do we start thinking it is not worth logging into our email account to read our messages? Despite the effort of thousands of angry spam victims pushing for stronger laws against spammers over the last few years, not much progress has been done in this respect. Moreover, in January 2004 the U.S. Government has passed the CAN-SPAM Act, a law backed overwhelmingly by spammers and large corporations, because it legalized spamming instead of banning it. With the passage of CAN-SPAM, spamming has become legal throughout the United States. Now 23 million U.S. businesses can all begin spamming email addresses as long as they give users a way to opt-out. What CAN-SPAM makes illegal is the use of open proxies or any form of resource misappropriation as well as use of false headers, which for the top spammers to avoid is business as usual.

We will not argue here about the motives of the US law makers to pass the CAN-SPAM, but rather focus on the problem of doing something about the spam in your mailbox. By doing more than "just hitting delete", you are helping to solve the problem. We should all exercise our right of control, or we will lose it.

The million dollar question is whether it is possible to stop spam. The most honest answer to this question is probably not — but you can significantly reduce it. Below are some clear and simple tips to greatly reduce the amount of spam you get:

1) Use a separate email address when you post messages to public forums, such as newsgroups and mailing lists. Never use your personal email address for this purpose — or it will end up flooded with spam.

2) Consider acquiring multiple email addresses for different purposes. This helps to identify different sources and senders, and allows you to filter more effectively. For instance, you may have one for personal use only by friends, family or colleagues that is never used to request information or to subscribe to newsletters, discussion lists, etc. Another might be used just for sales inquiries or orders, or for making online purchases.

3) You can subscribe to services online that provide you with disposable addresses that can be deleted if they begin to attract spam messages. This works because the disposable email addresses actually forward to a real email address of yours. The software lets you track which addresses are getting spam, and you can just resubscribe using a new, spam-free address. One company that offers disposable email accounts is Sneakemail.

4) Remove your email address from your website. If you list or link to your email address, you can expect to be spammed. Thus, remove them wherever possible and use web-based forms instead. This will drastically cut down the amount of spam you receive if you have a website.

5) NEVER buy anything from a company that spams. Do not visit their sites or ask for more information from a spam email that you have received. Over 95% of spam offers are scams! In fact, not responding to spam is the single most effective way to not get scammed on the Internet.

6) Filter your email. Using filters is key to managing your email effectively.

7) Consider subscribing to a spam prevention service. Make sure that any software or system you select gives you control of which email you get and does not automatically erase messages. Also, safeguard your newsletter and discussion list subscriptions. If you, your ISP or web host use spam filters or white lists, be sure to let them know that you want to receive messages from any newsletters or discussion lists that you subscribe to.

8) Report the spam to agencies that maintain statistics. Such agencies generally compile statistics that may be useful in setting policy. One trusted anti-spam organization where you can report spammers is the Anti-SPAM League. Learn how to become a member for free by clicking here.

9) Report fraudulent or otherwise illegal content to appropriate authorities. While fraud per se is an issue separate from spam, unsolicited email often contains offers for illegal or fraudulent products.

10) Contact your Internet Service Provider. Although this is unlikely to affect the amount of spam you receive since it is not their fault that their system was attacked from outside, ISPs want to know about spam attacks, either to learn how to protect their system, or to set policy.

11) Contact the sender’s Internet Service Provider(s). Most ISPs in the world forbid their members to send spam. Therefore, if your complaint is valid, then there is a good chance the spammer will lose connectivity.

12) Demand restitution from the spammer. If you continually receive spam from a single source, you have a right to demand repayment for the time and resources the spammer used.

13) Initiate legal action against the spammer. This should be a last resort, as legal action is troublesome and expensive. However, well-executed legal action may do more than just get one spammer off your back: it may lower the amount of spam on the Internet in general. By forcing unsolicited and objectionable materials into our mailboxes, spam impairs our ability to communicate freely and costs Internet users billions of dollars annually. You do not have to put up with it: your best recourse is to protest to those who dump their trash on your disk drives!

Organizations such as The Anti SPAM League give you the chance to report spamming companies and individuals and access valuable information on how to control the spam problem. The Anti SPAM League serves as a resource to identify companies on the internet that are safe to do business with. Also, to target which companies are trying to capture your personal information for the use of unsolicited mass marketing. Take a step forward in the battle against spam. Learn how to become a member for free by visiting www.Anti-Spam-League.org.

Anti Spam League
The purpose of the Anti SPAM League is to help consumers and business owners reduce the amount of SPAM they receive. In addition, our Anti SPAM organization believes that educating site owners in the area of SPAM prevention and ways to successfully and responsibly market their sites, is key in making a difference.

Technically, the main problems at the moment are ‘phishing’ or ‘spoofing’ scams. This is where the use of Spam or junk-email is used to lure computer users to look-alike websites where they are deceived into giving out personal information and financial data. Often these emails are coming from trusted sources where hackers have altered links to send you straight into their ‘pockets’. The Internet user is duped into thinking that they are visiting a trusted website page, when actually it is an excellent copy of the original. There might be only one tiny change in the web address that is often not easily recognizable.

Identity theft is where multiple tricks are employed to make you fill out fake forms on fake sites to get all sorts of information that can then be used by thieves to steal money or get free Internet access. Anything from credit card numbers to account information, passwords, billing data and personal phone numbers and addresses have been stolen and used for criminal purposes.

These tricksters, few or many, are wizards at finding loopholes in mail systems of legitimate sites. Just go to the site entitled www.crimesofpersuasion.com and read some articles about a few of the more famous scams that have been busted or that are still in circulation. There’s a story about a 17-year-old boy who was arrested with over a million dollars in misappropriated funds hidden in a Costa Rican casino account! Smart kid, but how smart is he really if he got caught? On the site above there are also tips for consumers generally focusing on how not to give your information away to anyone at any time. Check them out.

It worries me a little, this huge amount of illegal activity. I know that a lot of people feel that currently the world is very imbalanced in terms of wealth and spirituality and that this new epidemic is just a karmic reaction of the oppressed masses. The United States earns 50 percent of the world’s economy, of course some of the other 95% of Earth’s population is going to be keen for a piece of the pie, right? Steal from the rich and feed the poor like that guy in the green tights.

The funny thing is I think that a lot of these thieves are living in America and unbeknownst to themselves be already part of the top 5% of wealthy humans. The problem is that they always want more. Money can become addictive in a consumerist society whose advertising and marketing schemes are constantly bombarding us with stimulus relating to the next new product that we ‘need’ in our lives. We are never satisfied with what we’ve got. The next purchase’s momentary injection of adrenalin becomes more of an imperative than any concept of lasting spiritual happiness.

Feel sorry for these people that have to go through all the rigmarole of sorting all these frauds from the real sites out there. I doubt there is a religion on Earth that teaches that theft is a balanced respectful action. I do know that when the country of Australia was founded it was done so on the backs of convicts, many of who had only stolen bread to survive. That’s a kind of theft that will question your moral value system. I’ll leave you with one last question: If the ‘first world’ has nearly all the money on our planet, are we the biggest thieves of all?

Jesse S. Somer
M6.Net
http://www.m6.net Jesse S. Somer is a concerned human hoping to one-day witness humanity living in a peaceful and egalitarian world.