Jewish World Review Nov. 14, 2003 / 19 Mar-Cheshvan 5764

Stopping "Phishers" From Scamming You

By Mark Kellner | It's called "phishing," the cyber-spoofing that lets someone grab your most personal financial information and, unless you catch on quickly, use it to plunder your bank account, credit card and even your good name.

As noted last week, your columnist was almost a victim. So, too, was another reader, who wrote: "I received a similar e-mail over my PayPal account and had exactly the same reaction you did," writes this reader, "and the same experience as yours: it was only as I went through the deceptive form that I realized something was wrong and exited without submitting anything."

That's one way of dealing with such messages — I'll examine some other strategies in a moment. However, what happens when a person's trusting nature is used against them? That happened to a woman whom I'll call "Florence." Her story was chilling — and almost tragic.

Donate to JWR

"I was a victim." she wrote. "I received an email that looked like [it was sent by] my [Internet service] provider. This was complete with logo. i gave the credit card and password as requested."

She also asked a question by return e-mail; when it bounced back, she became nervous and contacted the ISP. The company's fraud department confirmed her suspicions and she began the arduous task of canceling her credit card, getting a new one, and rearranging the areas of her life on which that card was based: automatic payments and online shopping and the like.

"I am a retired police officer, and I fell for it," my correspondent wrote. She said that Norton Internet Security didn't pick up the e-mail as "spam," and she emphasized how official-looking the item was.

Despite the fact that in this case, spam-filtering software didn't catch the e-mail — and I suspect firms such as Symantec (makers of the Norton product) and others are working on ways to bridge that gap — it's still a good idea, in my view, to have Internet security software on your computer as a first line of defense.

What else can you do? Digital entrepreneur and former Microsoft executive Phil Goldman wrote to suggest his firm's e-mail system, Mailblocks, which remotely filters your e-mail using a "challenge/response" system. Readers may recall comments here last May about the service.

The way it works is simple: if I send you an e-mail and I'm not on your "approved" list of senders (presumably your boss, family, close friends, etc.), I receive a reply from Mailblocks. It offers to deliver my e-mail to you, but only if I go to a Web site and enter a unique code. The e-mail from Mailblocks is the "challenge" and my entry of the code the "response." The premise is simple: a human who wants to communicate with you will go to this trouble; a spammer or spoofer — or their automated mailing system — won't.

If you don't get the phony e-mail, you can't get ripped off.

According to a study commissioned by the firm and carried out by the Tolley Group, a Florida-based research concern, "Depending on the solution, [e-mail] filtering products failed to block from 25 percent to 80 percent of spam, while Mailblocks' challenge/response blocked 100% of spam."

For $9.95 per year, you get access to the service and a 12 MB mailbox that can be used to collect and process e-mail from a variety of accounts, including AOL, Hotmail and MSN. If you're a heavy e-mail user, the $24.95 yearly price of a 50 MB mail box might make more sense. Details on both products are at and I can recommend the service highly: it works precisely as advertised.

The only potential "downside" that some might see is this business of issuing "challenges" to people you should be able to do business with easily. The Mailblocks lets you maintain (and add to) an address book of "friendly" senders; my editors and my dad are already on it. You can also use a "Tracker," or special e-mail address, to get around the challenge/response system for such e-mails as purchase confirmations or mail-lists to which you subscribe. These are, to me, acceptable ways of managing e-mail and avoiding spamming and "phishing." Just ask my correspondent, the retired police officer.

Find this column useful? Why not sign-up for the daily JWR update. It's free. Just click here.

JWR contributor Mark Kellner has reported on technology for industry newspapers and magazines since 1983, and has been the computer columnist for The Washington Times since 1991.Comment by clicking here.

Staying safe online
Franklin Covey Brings Order to Outlook
Upgrades: Should you do it?
Time to dump Ma Bell?
Palm T3 widens users' options
Electronic reading
Lessons from a hurricane
Can the PC and phone really merge?
The case of the curious keyboard
The season ahead
New keyboard adds flair to motion tablet
Upgrade path smoothes a bit
Dreamweaver, make me a web
Experiments in upgrading
A tale of two headsets
A declaration of Mac-dependence
Fuji's Fine FinePix S602Zoom
In search of good Mac apps
Little gadgets make computing easier
Adobe Acrobat 6.0 scores
Toshiba's Twisting Tablet PC
HP printer a steady worker
iTunes store, Mailblocks are cool online services
Palm's objects of D-Zire
Gateway's Tablet a winner
Outlook 2003 beta: A promising program
Tungsten's handy "Dubya"
Lexmark's winning all-in-one
Wireless ways
Long distance tech support does trick
Tablet Planner software a hit
Up and down the road with Joyride
Clarion's "AutoPC" is no "Joyride"
Apple's Keynote is PowerPoint for less
Moving adventures
Traveling companions
HP's Compaq Tablet PC a winner
The war on spam continues
Browser for Mac users has good start
New Adobe software organizes photos
The year the PC grew up
PC meets philately: one hit, one miss
Digital Nikon camera a winner, at a price
Honey, they shrunk the COMDEX
Last-minute ideas
Microsoft's Tablet PC has promise, problems
Upgrade with a plan
Palm's New Tungsten PDA Shows Its Mettle
Nobody asked me, but ...
Love, in Quicktime
T-Mobile's sidekick a good partner
Put on a (happy, unwrinkled, tanned, whatever) face
Apple software upgrade very useful
I came, I saw, iPod
How's that? A tech critic reflects, briefly
Satellite radio gets favorable reception
HP's desktop printing marve
Mac satisfaction --- and some really good software
Off to college ... with eMachines
Have PC, must travel
After Shot manages your digital camera images
X200: Mobile worker's fantasy
Beware: Consumers face a fee for printing own checks

© 2002 News World Communications, Inc. Reprinted with permission of The Washington Times. Visit the paper at