In today’s technologically advanced world more and more people are falling victim to identity theft both online and offline. It was reported by a general accounting office that over 700,000 Americans have their identity stolen every year and that number is expected to rise over time. While many thieves operate online there are still many “dumpster divers” who go through people’s trash cans looking for a credit card statement or a solicitation that someone forgot to tear up. You may be thinking that people don’t do this stuff but there are people who spend a lot of time waiting on someone to forget to shred a piece of their personal information so they can take it and start running up your credit cards and using your social security number. It may be impossible to stop someone from stealing your identity entirely, but there are things that you can do to lower the risk of having it happen.

A simple way to stop thieves from getting your personal information by dumpster diving is to remember to destroy all private records and statements. You can tear the stuff up, but it is best to shred it. Credit card statements, documents with financial information and solicitations all need to be shredded. It is also a good idea to secure your mail, you can do this by emptying your mailbox quickly, lock it or get a P.O box. By securing your mail it will stop thieves from stealing credit card pitches and other financial information. Never mail bills or checks from your home, it is simple for thieves to go through your mail and get a bill or check and change the payee’s name on the check by erasing it with solvent. Mail out all of your bills and checks from the post office since it is the most secure location to do so.

Your social security number should also be protected. You should never carry your social security card with you or any other card that may have your number on it, this includes your heath insurance card. The social security number is the key to all of your information so thieves look for stuff like this. If they get your social security number they can get access to other important information like your credit report and your bank account. Also remember to never leave ATM, credit card or gas receipts behind.

A lot of people have their identities stolen because they fail to educate themselves about who they’re giving their private and financial information to. When someone calls with some kind of special offer or something don’t be quick to give up your information if you’re interested in their offer, first ask them who they are and what company they represent and then do a little research yourself. Don’t ever give up your financial information over the phone. Monitor your credit card, obtain a copy of your credit report annually and review it thoroughly for anything that may look suspicious to you. Also thoroughly review your credit card statement, make sure all of the merchants look familiar and if they don’t, call your credit card company and notify them about the suspicious things on your statement.

There are simple precautions that you can take to stop criminals from obtaining your private information. Be more aware when you use your credit card and don’t forget to shred up all important information that you throw into the trash.

Michael Russell Your Independent guide to Identity Theft

Identity theft crimes are not new, but they have become more persuasive in the past decade. In mid-2005, San Francisco Chronicle discovered that holders of more than 40 million credit cards were vulnerable to financial fraud because identity thieves had compromised their credit card information. Earlier that year, information and data broker, Reed Elsevier Group PLC, revealed that several hundred thousand people might have had their profiles stolen from one of its U.S. databases. One quickly learns to secure their computer networks so that these kinds of attacks, or leaks are non-existant.

Information compromised included names, age, physical descriptions, mailing addresses, Social Security, and driver license numbers. This is virtually everything an impersonator needs to set up a clone of the identity theft victim, enabling him to make a number of financial and personal transactions in the victim’s name. Usually an identity theft victim is usually under age forty, while about 11 percent of victims are age sixty or older. According to Federal Trade Commission (FTC), one in six identity theft victims said that thieves used their personal information to open at least one new account, such as credit card accounts or loan accounts, to rack up debts on existing accounts. The most recent data indicates that 9.3 million Americans (or 4.25% of all adults) are victims of ID theft on an annual basis. This is an alarming rate and should show you that you NEED to take preventative steps toward protecting your identity.

An identity theft victim risks the destruction of his/her good credit history, and may spend years, and large sums of money restoring the credit history and goodwill. There are instances of an identity theft victim been denied work or insurance or been detained for crimes he did not commit! Some victims of ID theft found that their names have been misused after police stopped them for a traffic violation and discovered that there is a warrant for their arrest. There are also times when an innocent person receives a summons to appear in court to answer for a criminal act. FTC’s latest survey shows ID theft losses to businesses and financial institutions total $52.6 billion annually. Recently, Federal Trade Commission launched a website annualcreditreport.com where all consumers are eligible for a free copy of their credit reports. Take the time to go to that site and get your free credit report. This can be a step to alerting you to suspicious activity.

Keith Londrie II is a well known author. For more information on Identity Theft, please visit Identity Theft for a wealth of information. You may also want to visit keith’s own web site at http://keithlondrie.com/

RSS is growing at a lightening speed. What was once only known as a “techie tool”, RSS is becoming a tool that is continuously being used by the general population. Along with the good comes, the not so good. And while some have mentioned the emergence of RSS spam, where content publishers dynamically generate nonsensical feeds stuffed with keywords, the real concern relates to security. While an annoyance to the search engines, spam in RSS feeds pales in comparison to the possible security concerns that could be in RSS’ future.

Security Implications Related to RSS.

As RSS gains momentum security fears loom large. As publishers are quickly finding innovative uses for RSS feeds, hackers are taking notice. The power and extendibility of RSS in its simplest form is also its achilles heel. The expansion capabilities of the RSS specification, specifically the “enclosure” field which has launched the podcasting phenomenon, is where the vulnerabilities lie. The enclosure field in itself is not the problem, in fact the majority of RSS feeds do not even use the enclosure tag. The enclosure tag is essentially used to link to file types, things like images, word documents, mp3 files, power point presentations, and executables and can be thought of in similar terms to email attachments.

The fact that RSS can be used to distribute these file types has opened a myriad of doors to users of the syndication standard, but also has created cause for concern. Most people do not feel that the risk is significant because people “choose” the content that they receive, and while it might make the distribution of malware, viruses and spy applications via RSS less prevalent, their is still the inherent risk of a infected file being distributed.

The problem is one of both technology and lack of education.

The danger lies in the fact that many RSS readers, news aggregators, or pod-catchers automatically download the information contained in the enclosure field regardless of its file type or source.

Most RSS developers acknowledge the risks associated with the enclosure field, but few have had the forethought to include filtering, screening or authentication capabilities and many automatically download enclosures.

Nick Bradbury of Bradsoft/NewsGator seems to be proactive, designing FeedDemon with security in mind. FeedDemon uses an editable safelist of file types as well as allowing users to monitor what files are automatically downloaded. FeedDemon also contains hard-coded warnings related to specific file types.

Developers of ByteScout took a different approach to the handling of enclosure files, ByteScout does not automatically download anything without user intervention for each download.

Unfortunately, not all RSS readers, aggregators and podcatchers consider the possible security implications associated with RSS feeds and podcasts, some will automatically download enclosures without warning or any thoughts of security. Be sure to examine how your RSS reader handles files contained in the enclosure field of an RSS feed.

With the increased use of RSS and podcasting, the security risks increase with it. Their is cause for concern, however proactive users and conscientious developers can easily subvert the risk by taking precautions seriously. Computer viruses and malware are cause for legitimate concern, there is ample time and action that can avert potential problems.

Obtaining an EIN or employer identification number is a good idea if you are a sole-proprietor.

From time to time, you’ll be asked to provide your social security number or employer ID to clients or governmental agencies. Once you do that you have no control over which client employees and others can view your number.

With identity theft an ever increasing problem, reducing the need to give out your social security numer can only be a good idea.

The best way to do that is to have an employer identification number.

In fact, having an EIN is mandatory for almost any business that is set up as something other than a sole-proprietorship.

This is the IRS checklist for businesses that are required to have an Employer Identification Number.

• You have employees.

• You are set up as a corporation or partnership.

• You file tax returns for Employment, Excise, or Alcohol Tobacco and Firearms.
• You withhold taxes on income, other than wages, paid to a non-resident alien.
• You have a Keogh plan.
• You are involved in a trust. (There are some exceptions, check the IRS site).
• You are involved in one of the following types of organizations: Estates, real estate mortgage conduits, non-profits, farmer’s cooperatives, and plan administrators.

Sole-proprietors are not required to have an EIN. But if you are a sole-proprietor, I strongly recommend getting one.

The reason? If you are a sole-proprietor, clients who pay you $600 or more in the course of a year must file a 1099 on your behalf. And they need your social security number or employer identification number to do that.

And you, in turn, are required to do the same for your own sole-proprietor subcontractors who receive $600 or more in payments from you.

The Employer’s ID number fulfills IRS’s requirements when filing your 1099s, so you just substitute the EIN for the social security number.

The process is easy and straightforward.

You can apply for your EIN number online at the IRS website (www.irs.gov) or ask the IRS to have the forms sent to you.

Ellen Zucker has been successfully self-employed for the past 10 years.
Her site, Selfemployment101.com, has articles and resources to help you, as a self-employed person, earn a living and create a life.

Millions of Americans use credit cards, take out money from savings and checking accounts, write checks, and open new bank accounts everyday. By completing these everyday tasks, many Americans put themselves at risk for identity theft. However, there are many steps that one can take to protect oneself from being an identity theft victim. In addition, knowing how an identity thief gets his or her information will allow a person to be safer.

How Do Thieves Get Their Information?

An identity thief can do many things to retrieve things like your Social Security Number, and credit card number. Some thieves steal mail, which often has bank statements and credit card numbers. Thieves may get information from an institution or business by stealing records while they are on the job. Some thieves use false advertising to get victims to give out their credit card numbers over the phone. Thieves can also implement a process known as “skimming,” This process is where a thief uses a computer to track what buttons you pushed at an ATM machine.

How Do They Use the Information?

How an identity thief uses the personal information is a whole different ballgame. Identity thieves may change account numbers, or access all the money in your account electronically or otherwise. Identity thieves may also open up various credit card accounts and run up charges. Some identity thieves go so far as top change the billing address for a credit card account, so they can run up the bill, and it will be some time before you realize it because the bills are being sent to a different address. Some thieves get jobs, or file false tax returns using someone else’s name and Social Security Number.

How To Protect Yourself

Now, all this identity theft seems mighty scary, but there are many ways to protect yourself. It is very important to get rid of all unnecessary documents. When throwing out bank statements, or anything with personal information on it, many people make use of paper shredders. This is a very good idea. Rarely give your credit card number out over the phone unless you are positive that it is a trustworthy business, and even in that case, exercise caution. Finally, keeping track of wallets, purses, and any important documents is key to successfully defending yourself from identity theft.

If identity theft does occur, there are many steps you can take to make sure you are not harmed financially. Canceling a credit card is the obvious choice. However, you can also put out a “Fraud Alert” on your credit card. This will allow you to review your credit card statements as much as you like. You can look for any strange purchases, or account openings, or anything out of the ordinary. The two types of alert are “initial alert” (90 days) and “extended alert” (seven years). Other steps you can take are closing accounts that you believe have been tampered with. You can also notify the police.

Conclusion

Identity Theft is a serious crime, with serious consequences. However, if you take precautions, and know what to do in the event of identity theft, you will be safer. The key to protecting yourself is knowing what you’re up against.

Scott Hawksworth writes for Identity Theft Blog, a weblog reporting on identity theft prevention.

It is reported that 60%+ of internet traffic on mail servers are spam messages. If you run a website, you can be sure that you are (or will be over time) receiving a tremendous amount of unsolicited email messages. If you haven’t started a website yet, remember that an ounce of prevention is worth a pound of cure. There are safeguards you can use to minimize the number of unwanted messages you receive.

WHOIS data: When you register a domain name, you are required to provide contact information for the WHOIS database, which can later be harvested by spammers for e-mail addresses. To protect yourself from such unscrupulous people, I suggest using a dummy account with a free email provider such as Yahoo or Hotmail (don’t forget to check it at least once a month) - if you’ve already registered your site and have listed your primary email address in the WHOIS contact information, it is highly recommended that you update the information with a new dummy email address. Your host and registrar will have your primary email address on file - you simply need to remember to keep your information with them up to date. If this seems like too much work for you, you can always use a WHOIS privacy service such as the WhoisGuard service provided by www.namecheap.com ($4.88 - which is a great value).

Your web pages: One of the first things I do when creating a website is create a contact form with the email address embedded in the mailer script such as PHP or ASP. Why? There is a lot of software floating around out there designed solely to crawl website harvesting them for valid email addresses (some will even ignore the robots.txt file completely). Once you’ve created your forms, you can then begin to include your email addresses in your web pages for those who wish to email you directly from their email clients - you can write your email address as yourname[at]yourdomain.com and instead of using the ‘mailto:’ link - hyperlink it to your contact form. You may also include a note for your visitors to replace the [at] with the @ sign. Make sure you remember to do this with all the email addresses within your site.

Newsgroups/forums/subscriptions: It’s a hard pill to swallow, but these areas are not safe from email harvesting either and even worse, some newsletter publishers don’t even adhere to their own privacy policies (very rare, but it does happen). Be careful where you post your email address and don’t make it a habit to sign up with every forum you should come across. Make sure you find the information useful to you and that you trust the website first. For extra protection, use a an email address other than your primary one for all your subscriptions (ex: subscriptions@yourdomain.com). If you wish to post an email address in the forums for the readers to contact you, try to use the format described in the previous section with a note to replace [at] with @ and hyperlink it to the contact form on your website.

Unrouted email messages: An unrouted email message is a message addressed to an email with your domain name that does not exist - i.e. admin@yourdomain.com, only you never created an admin@yourdomain.com account. The default setting is to have these messages delivered to the root email account. Many webmasters don’t realize this and the webmail for the root account never gets checked - I came across an account with 75 pages of unrouted email messages (roughly 14,000 messages) and taking up about 15MB of their of webspace. Believe it or not, some spam software is designed to create plausible names (i.e. admin, contact, customerservice, webmaster, abuse, etc. @yourdomain.com) and just go for broke and hope the account exists.

If you are using CPanel, you can check your default email account by clicking on the “webmail” icon from your control panel home page. You can also set what your unrouted messages will do by clicking on the “mail” icon and selecting “default address”, then “set default address” - you can then choose to blackhole unrouted messages (just let them disappear into cyberspace - my personal favorite), fail messages (bounce them back to sender) or you can specify an email address you want them forwarded to. If you are afraid someone simply misspelled your email address and you want to sift through the unrouted messages, set up an email account specifically for them (ex: unrouted@yourdomain.com) and remember to check it every week or so.

SPAM filters: I consider spam filters to be a final line of defense if all others fail. Currently, I use Mozilla Thunderbird as my email application and it comes with a built in spam filter which can be trained to catch unsolicited email. There are also many other SPAM filter software out there for email clients such as Outlook, Outlook Express, Eudora, etc. which are worth a look. To find out more information on the available spam filters, check out www.spamfighter.com (for Outlook and Outlook Express - free) or do a quick google search for “free anti spam software” for your platform.

A special note for AOL users: While I have nothing against AOL and they are trying very hard to combat spam, they are slowly, but surely losing the battle. I’ve had two email accounts opened with them, and before I even had a chance to sign up for anything or even tell my family about it - I received spam. I do not know why they are so prone to spam, but something tells me it has a lot to do with their member directory. My advice, get another email address - just remember to check your AOL email every once in a while to delete the messages. I’ve also noticed that a lot of other subscription services are declining to email AOL users due to their new “report spam” button being far too close to the delete button and webmasters of legitimate email lists are getting warnings from their ISPs.

In closing, I have managed to keep my current primary email spam free (literally) for over a year using these methods, and before that I kept my primary email address spam free for just over two. I will plainly admit that I have no sympathy for spammers, and I make sure to hunt down anyone who sends me spam and report them until their site is either shut down or their ISP is added to a block list.

If you want to learn more on fighting this spam war, there are many valuable resources online such as www.spamhaus.org which hosts a blacklist of known spammers and www.spamcon.org which has a wealth of information on protecting yourself against spam.

RSS is certainly still far from being user-friendly, which is especially evident once you try and left-click on an RSS subscribe button.

In most cases your browser will simply display the XML code of the RSS feed … which does not go far in making internet users comftorable with RSS.

Heck, if you didn’t know what RSS was and clicked on an RSS button only to get a page full of code you don’t understand, would that aid in turning you in to an RSS user?

Probably no. And much worse, you’d probably never consider clicking on one of those buttons again, at least not any time soon.

Consequently, if as a marketer you’re trying to generate RSS subscribers, simply using an RSS subscribe button is the worst way to go for you and for the RSS industry as a whole as well.

So, what alternatives are there?

a] CREATE AN RSS PRESENTATION PAGE

If you’re trying to generate RSS subscribers from your site and are targeting audiences that might not be farmiliar with RSS, you need at least a basic presentation of what RSS is on your site, and you need to link to that either directly from the RSS subscribe button or from a location right next to that button, like you can see on the MarketingStudies.net example.

On this page you should explain in easy-to-understand terms what RSS is, how your visitors can use it and how they’ll benefit, and then provide links to some RSS readers and again links to your RSS feeds.

This page will be instrumental in telling your visitors about RSS and helping them subscribe to your feeds.

And of course, the feeds themselves and the RSS presentation page should be promoted in prominent locations on your website, especially directly below your e-mail e-zine subscription box and, if you’re publishing topic oriented feeds, next to their respective topics on the site, just as Lockergnome.com is doing.

B] TRANSFORM AN RSS FEED IN TO XHTML

Having a link to an RSS presentation page right next to your RSS subscribe button does aid visitors in learning about RSS and helps them to subscribe, but it still doesn’t solve the problem of a user actually clicking on an RSS feed button. That will still result in the visitor getting heaps of code he really won’t know what to do with.

Going one step further, you can use XSL Transformations to make sure that the feed can in fact also be displayed in a browser (without making it useless for an RSS reader as well) … and that with some additional information and instructions, such as a brief overview of RSS and a quick explanation on how the user can subscribe to this feed via an RSS reader.

I don’t want to get technical here, so to see what I mean simply click on this link (via FeedBurner):
http://feeds.feedburner.com/BurnThisRSS2

This is basically an RSS feed, which has been transformed in order to be displayed in a Web browser with some additional information, but can still be subscribed to via every RSS reader as well.

Some feed maintanance and publishing services such as FeedBurner already provide this functionality “out-of-the-box”, without you having to do practically anything. All you need to do is register for their free service, enter your feed and then get this link, which you will place “behind” the RSS subscribe button on your site, as a link, instead of a direct link to your RSS feed.

If you don’t want to use a third-party service like FeedBurner, you can actually do the XSL Transformations by yourself. More information on how to do this is available at Wikiedia (http://en.wikipedia.org/wiki/Xslt).

c] TAKING THE MIDDLE ROAD: SMARTER SUBSCRIBE BUTTONS

If you don’t want to use a third-party service such as FeedBurner or if your RSS vendor does not provide this functionality or if you don’t want to be bothered with doing XSLT by yourself, there is actually an alternative you can use.

David Battino at MacDevCenter.com (http://www.macdevcenter.com/pub/wlg/7821) just wrote a simple piece of code you can use instead of the typical link to your RSS feed behind the RSS feed subscription button, which will, after you click on the link, display a simple message saying that in order to subscribe to the feed you need to copy and paste this URL in your your RSS reader.

This certainly doesn’t go very far in making RSS more user-friendly, as the notification really can’t be used to explain what RSS is and why your visitors should use it, but it at least saves the visitor from getting the XML code in his browser and hating RSS before he or she even find out what it is.

The simple code to do so is http://www.macdevcenter.com/pub/wlg/7821

Also, do not forget about using buttons like Add To MyYahoo!, since many MyYahoo! users for example don’t know what RSS is, but they will use this button to subscribe.

d] TARGETING EXISTING RSS USERS

If you’re targeting existing RSS users or at least users that won’t be put off by a long list of names they won’t be able to understand, using the free script from Methodize.org might be the solution.

When the user hovers his mouse above your RSS feed subscribe button, the script will display a long list of RSS readers that the visitors can use to directly subscribe to the feed. By simply clicking on the appropriate link, the user will quickly subscribe to the feed with the RSS reader he is currently using.

There’s also a “What’s this” link at the bottom of the list, but still many visitors will be put off by long list of RSS reader names they won’t be able to understand, before even being motivated enough to click on the “What’s this” link at the bottom.

But still, if you’re targeting a more technical or internet oriented audiences, this just might do the trick.

The script is available from here: http://www.methodize.org/quicksub/

e] USING RSS AUTODISCOVERY

RSS Autodiscovery is a very nice feature that allows certain RSS Autodiscovery-enabled browsers to find a feed on your site and promptly offer the subscribe option to the visitor.

While most browsers still do not support this, FireFox for example does.

Using RSS Autodiscovery can’t substitute the other options above, but it will serve you well for the small part of your audience that’s using RSS Autodiscovery-enabled browsers.

How to use this?

Simply place the following piece of code in to the HEAD section of the HTML code of your webpages:

[link rel=”alternate” type=”application/rss+xml” title=”RSS” href=”http://rssdiary.marketingstudies.net/index.xml” /]

And don’t forget to replace the [ and ] characters with < and >.

f] STRONG COPY

No matter how many times we write this, it still needs repeating. The best way to get your visitors to subscribe is to entice them to do so with strong copy that provides clear and valuable benefits, explaining to the visitor exactly why he needs to subscribe to exactly your RSS feed.

Get more RSS marketing tips and tricks, and find out immediately how you can power your online business with RSS and use it in all of your marketing. Request the free 28-page Business Case for RSS report, with easy-to-follow instructions, examples and advice on how to get the most out of RSS in the shortest possible time. Get the free download here: http://rssdiary.marketingstudies.net/case/index.html?src=sa21

Block Spam and Other Email Threats From Entering Your Gateway Spam, commonly defined as unsolicited commercial email, is a powerful advertising channel for many products and services. As a result, spamming has become a profitable business, driven by the low cost of sending email compared to other direct marketing techniques. The high return on investment for spammers has resulted in an overwhelming volume of unwanted messages in personal and business email boxes. Consider this: Conducting a direct mail campaign costs an average of $1.39 per person, meaning that a response rate of 1 in 14 is necessary just to break even on a product with a $20 gross profit. Selling the same item via unsolicited spam email costs only $0.0004 per person, meaning that a response rate of 1 in 50,000 gets the seller back to break-even; anything above that is gravy. With profit margins like these, it’s easy to see why spammers will try anything to get past anti spam technology to deliver their messages to your inbox.

Types of Spam Threats The recent onset of fraudulent spam variants such as phishing and spoofing pose an even greater risk than the spam volume clogging email servers. Spammers use techniques such as phishing and spoofing to fool users into opening messages that, at first glance, appear innocuous.

Phishing Phishing is a specific type of spam message that solicits personal information from the recipient. Phishers use social engineering techniques to fool end users into believing that the message originated from a trusted sender, making these attacks especially dangerous because they often con victims into divulging social security numbers, bank account information or credit card numbers. In one six-month period from November 2003 to May 2004, phishing attacks increased in frequency by 4000%, and the trend continues upward.

An example of phishing is an email that appears to come from a bank requesting that users log into their account to update or correct personal information. When the users follow a link embedded in the email, they are redirected to a site that looks and behaves like the expected bank website. However, unbeknownst to the soon-to-be identity theft victims, the site is actually controlled by the scam artists who sent the email; any and all information entered by the victim can now be used in a variety of ways, none of them good.

Spoofing Spoofing is a deceptive form of spam that hides the domain of the spammer or the spam’s origination point. Spammers often hijack the domains of well-known businesses or government entities to make spam filters think the communication is coming from a legitimate source.

Today’s spammers are more crafty than ever before and have begun blending elements of both phishing and spoofing into their messages, further spinning their web of deception. The toxic combination of spoofing and phishing presents a major threat that can trick most anyone into providing personal information to a stranger.

Toothless Legislation On January 1, 2004, President Bush signed into law the “Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003,” or “CAN-SPAM” Act. While well intentioned, CAN-SPAM has done little or nothing to curb the flow of unwanted email. In fact, an estimated 97% of all spam email sent in 2004 violated the Act, and the United States still dwarfs other nations in terms of the origin of spam, with CipherTrust research revealing that an astonishing 56.77% of all spam comes from U.S.-based IP addresses. While CAN-SPAM was designed to decrease the overall volume of spam, the exact opposite has happened: in 2004, spam accounted for approximately 77% of all email traffic, and phishing attacks continue to increase exponentially, with studies showing an increase of 4000% from November 2003 to May 2004.

Anti Spam Software for the Desktop The dramatic increase in spam volume has prompted a corresponding surge in stand-alone anti spam software solutions for the desktop, all with varying levels of effectiveness. Some anti spam software uses text filtering to screen incoming messages for known characteristics of spam, while other solutions rely solely on reputation systems that monitor and categorize email senders by IP address according to their sending behavior. Still other anti spam software uses “challenge/response filters” to block unapproved mail until the sender responds (manually) to a challenge email sent to their email account to verify his or her identity.

With so many different methods of filtering spam, no single software-based desktop anti spam solution is capable of effectively stopping spam before it reaches the inbox. The only way to successfully fight spam is to create an anti spam “cocktail” including reputation services, text filters, constant updates and a host of other best-of-breed spam blocking methods. Just as importantly, an effective anti spam solution should reside at the email gateway, not at the desktop. Without protection at the gateway, mail servers waste massive amounts of bandwidth and storage space processing every message, wanted or not, and end users face the unenviable task of deciding what to do with the countless spam messages that successfully reach them.

Take a Consolidated Approach to Anti Spam Although it takes a person only a moment to process a message and identify it as spam, it is difficult to automate that human process because no single message characteristic consistently identifies spam. In fact, there are hundreds of different message characteristics that may indicate an email is spam, and an effective anti spam solution must be capable of employing multiple spam detection techniques.

In addition to effectively identifying spam, businesses must be assured that legitimate mail is not blocked in error. Even one false positive, or incorrectly blocked email, can have a significant impact on businesses today. Accurate spam blocking requires a combination of tools to examine various message criteria combined with real-time research and intelligence data.

By aggregating multiple spam detection technologies like text filtering, reputation services, traffic analysis and other best-of-breed techniques, and placing the solution at the email gateway in a hardened appliance, enterprises can retake control of the inbox.

“Not sure how to say this — but just for fun I clicked on a credit card application, and then cancelled IMMEDIATELY! Well, two months later my count as of this day: 2948 spams for credit cards, loans, easy credit, etc. About 370 spams a week, or about 53 A DAY! While I know money support is nice, and I don’t subscribe to the paid edition of TourBus BUT if I did, would I get more moral staunchness on your part re: allowing spammers to use your site? SHAME ON YOU, BROTHER! — PRACTICE WHAT YOU PREACH!!!!!”

I’ve Been Spammed! (And I’m Blaming You)

I get emails like this occasionally, from people who have visited the TOURBUS website, clicked on an advertisement and then were unhappy with the results. Some blame me for spam, others for customer service problems with the advertiser.

I can’t understand why some people have the misconception that every advertiser on a reputable website is somehow vetted or vouched for by the website operator. To think so would be applying a much different standard to the online world than to print or broadcast media.

If you pick up a copy of the NY Times and browse through the classifieds, certainly you don’t assume that everyone advertising there is completely honest, and that the Times is endorsing their product or service. And if you buy something from a TV infomercial, you don’t blame the television station if the product doesn’t meet your expectations.

Caveat Pre-Emptor?

So why are the concepts of “buyer beware” and “due diligence” conspicuously absent on the Internet?

Even for advertisers that appear in the TOURBUS newsletter, with whom I deal directly, there’s no way I can check them all out to ensure that everyone will always have a perfect purchasing experience. I do, however, have a policy of “If you can’t get satisfaction from the advertiser, I will personally make it right.” And of course I’ll no longer allow bad faith actors to advertise in the newsletter. But for the website ads, we don’t even have the means to check out individual advertisers. Because web ads are served by third-party advertising networks, we don’t even have control over which speficic ads appear on the site, except for the fact that they should be contextually relevant.

Protecting Your Privacy

Spam is the bane of the Internet, and we hate it as much as you do. In fact, the publishers of Tourbus have been quite active over the years in educating their readers about spam, where it comes from, and how to avoid it. Because we respect your privacy, we have always pledged that we will not rent, sell or otherwise reveal your e-mail address to any third party. And since we started in 1995, we never have!

Your email address is safe with us, but if you click away from the TOURBUS newsletter or website to a third party offering a product or service, you have to realize you’re on your own, and use the same caution that you would when making any purchasing decision — online of offline. That’s not because we’re mean or greedy, it’s just common sense.

Online consumers should ALWAYS read the advertiser’s privacy policy to see how their email and other personal information will be used. No privacy policy? Vague (or endless) privacy policy? No sale!

(Oh, and for the record, there is no paid version of TOURBUS.)

BOB RANKIN… is a tech writer and computer programmer who enjoys exploring the Internet and sharing the fruit of his experience with others. His work has appeared in ComputerWorld, NetGuide, and NY Newsday. Bob is publisher of the Internet TOURBUS newsletter, author of several computer books, and creator of the http://LowfatLinux.com website. Visit Bob Rankin’s website for more helpful articles and free tech support.

ID Theft in the World of Internet Technology

Identity theft has been more prevalent in recent years primarily because transactions done over electronic platforms have been growing exponentially. Several reasons can be pointed out as to why identity theft can be done with relative ease with electronically-stored information.

First, the volatile nature of electronic information makes it virtually impossible to identify someone who has already made copies of a piece of information that has been stored in an electronic network. Modern security software makers have tried to address this but experienced identity thieves can still develop and/or employ software that can delete any traces of unauthorized access to such information.

Secondly, physical evidence of stealing identity information is minimal, thanks to wide area networks such as the Internet itself. Fraudsters who are able to penetrate into the premises of an organization can just as easily log on to a computer and email the information he needs to an untraceable email address that he can access outside, thus rendering standard security procedures such as frisking and document inspection practically useless.

Thirdly, electronic information released through transactions done over the Internet is very prone to identity theft. Keystroke loggers, bogus sites and phishing emails are means that are commonly employed by identity thieves.

Lastly, some thieves do not use software or internet technology at all. Thieves can employ pretexting scams in which they assume false identities to call or email unsuspecting victims and persuade them to reveal private information that can then be used to access personal account information.