Boxbe Blog

This morning’s Seattle PI cover story reports that alleged spammer, Robert Soloway has been arrested under a provision of the 2003 CAN-SPAM Act.

AP Legal Affairs Writer, Gene Johnson reports that Robert Soloway is being held on “a 35-count indictment … charging him with mail fraud, wire fraud, e-mail fraud, aggravated identity theft and money laundering.”

Soloway has previously lost two civil lawsuits resulting in fines of seven and ten million dollars, but this is his first criminal indictment.

“He’s one of the top 10 spammers in the world,” said Tim Cranton, a Microsoft Corp. lawyer who is senior director of the company’s Worldwide Internet Safety Programs. “He’s a huge problem for our customers. This is a very good day.”

Allegedly, Robert Soloway was using so-called “Zombie” computers (or botnets) to create his attacks. Federal agents have been quoted as saying that Soloway was responsible for billions of spam emails and that we should expect a drop in spam as a result of his arrest.

Spam Wars author, Danny Goodman disagrees:

I don’t care how big a spammer Soloway allegedly is; his contribution to the 63 billion spam messages per day (Ironport) can’t be so big that we’ll even notice the absence. Additionally, there is no way of knowing how much of his process is automated and already in the hopper waiting to spew. Also, he was taken into custody before 8:00am PDT yesterday. Spam volume here yesterday was (alas) quite normal.

We tend to agree with Danny as we’ve seen no marked decrease in quarantined messages, but nevertheless, it’s good to see such a notorious spammer brought to justice.

More discussion and commentary

Slashdot
CNET
Richi Jennings
Valleywag
John C. Dvorak
Tingog.com
Boing Boing
Download Squad
TechDirt

image by Flickr user r80o

A few days ago, Domain Keys Identified Mail or DKIM, was approved by the Internet Engineering Task Force (IETF). DKIM is one of the standards that we use at Boxbe to keep your email safe from phishing attacks and fake emails in general.

What is DKIM?

From Yahoo:

DKIM is an email authentication framework that addresses the widespread issue of email forgery, using cryptography to verify the domain of the sender. It allows email providers to validate an email’s originating domain, making use of blacklists and whitelists more effective. It also makes phishing attacks easier to detect by helping to identify abusive domains.

DKIM is good for the internet and will help detect forged email addresses. However, DKIM alone won’t stop spam originating from non-faked addresses nor will it stop other forms of unwanted email. Email expert Richi Jennings says “At best, they give a partial indication whether a message is spam or not, but their main use is to allow recipients to look up the reputation of the sending domain.”

The UK’s PC Advisor says “To make it work, DKIM now has to be adopted and incorporated by independent software vendors into their email applications and related infrastructures.”

That said, this is a step forward in stopping phishing schemes and other illegal activities that originate from non-authenticated senders and we are happy to see the DKIM standard approved and hopefully more widely adopted.

More about DKIM

DKIM Workgroup
DKIM FAQ
Yahoo! Anecdotal

More discussion of the standard approval

Promising antispam technique gets nod - CNET News
IETF backs new cryptographic scheme to battle the effects of spam - Ars Technica
Junked: Is this the end of spam and spoof email? - Silicon.com
Bye Bye Spam and Phishing with DKIM? - Slashdot.org
New Spec Could Cut Phishing, Spam - Dark Reading
IETF approves DKIM to fight spam and phishing - A Canadian Geek
Why DKIM will fail - Spin on Cue
Promising new anti-spam techique gains key approval - Geeks Are Sexy

photo from Flickr user lordcuauhtli

Eric Rice and Robert Scoble, a couple of bloggers who would benefit from using Boxbe.

I’ve been blogging for almost two years now and I love to hear from readers. Comments are a great place for people to continue the conversation, but often I’d like to take some conversations offline.

Most people don’t want to post their email address on their blog for fear of spam. If you do post your email address on your blog, that fear is realized.

I’ve seen lots of ways people get around not posting their actual email address like typing out “randy at boxbe dot com” or “randy at the URL you see above.” Worse, you might have a form that people can fill out to reach you, which doesn’t really make readers feel all warm and fuzzy when they want to reach you.

If you want to reach me, here’s a good old fashioned “mailto:” link - randy@boxbe.com.

I can post this email address anywhere I’d like:

• blogs,
• forums,
• comments,
• Twitter,
• or anywhere I’d want someone to be able to reach me later.

Here’s how it works

When people I haven’t pre-approved email me for the first time, they have to prove they are not an automated sender. I don’t think that is too much to ask. If they are a real person, I approve them to send me more emails by clicking “Approve” right in the message. I’m pretty friendly like that.

Use Gmail?

If you use Gmail, we’ve got you covered. With our Gmail integration, we’ve made it even easier to get a clean email inbox. Go here, plug in your Gmail address, click the button and you’re done.

Why use Boxbe?

Bloggers need to talk to their adoring fans and blogging isn’t a one way street. Blogging is about conversation. Many of those conversations can occur within or amongst blogs, but not everyone wants their opinion, question, or letters of love and devotion to be part of the public domain.

You want to put your email in a public place but you don’t want to be buried in spam. Boxbe can help you do that.

Yahoo Mail unlimited rolling out
As mentioned back in March, Yahoo! Mail has started rolling out its unlimited storage this week. Our friends at Mashable are encouraging us to test what “unlimited” means.

Google Gmail: Hot, hip or 3rd place?
Donna Bogatin over at ZDNet talks about Gmail and it’s users. Recent studies have shown Gmail to be the third most popular email service, but it is used by the young and wealthy.

Pros and cons of web-based mail
J D Biersdorfer of the New York Times debates the finer points of using email on the web versus a desktop client. We love email of all kinds here at Boxbe.

Image spam by the numbers
Informative article (although formatted in a bewildering way) about the methods used by image spammers. [via Slashdot]

Completely unrelated image by Flickr user eva101.

NOTE:Boxbe is discontinuing support for adding a Gmail account in this way.

Edited February 4, 2008

We’ve just made integrating Boxbe with Gmail a heck of a lot simpler. I had planned to put a screen shot here, but it’s so easy, it seemed like a waste of bandwidth :-).

Starting today, we’ve enabled single click Gmail installation from your account home page. We’ve taken all the steps involved and reduced them to them to a few fields and a button.

Gmail integration is accessible directly here and is permanently accessible from your account home page.

What this does

We posted back in March about a method to set up Gmail to redirect email into Boxbe’s filter as well as setting up a signature to ensure redelivery of messages. The only thing we’ve changed is that we have automated the process for you.

Existing Members

If you are an existing member and you already use Gmail forwarding, you do not need to make any changes. We have automated the work you’ve already done.

If you were eager to see the changes we’ve made and already clicked the button, no worries. You will merely overwrite the changes you made previously, but the filter should still work.

Use Boxbe with Gmail

If you haven’t integrated Boxbe filtering for your Gmail account yet, we hope this makes it much easier.

Note to Gtalk users:
We’ve discovered a bug where Gtalk chats are not logged in your communications history. Existing conversations will not be affected. We hope to have this remedied soon.
[edited: Friday, May 11, 2007]

We have fixed the issue and we will push a fix out as soon as possible.
Monday, May 14, 2007

The issue has been resolved
Tuesday, May 15, 2007

Congrats to the Hotmail team at Microsoft for deploying the new version of the Hotmail service to users and removing that beta tag. Following are links to the details of the launch.

Windows Live Hotmail launches
After a year long beta, Windows Live Hotmail launched yesterday with a whole bunch of new features including 2 gigabytes of storage, Outlook-like design, auto-completion and more.

Rebuilding Hotmail from scratch
A fascinating look at the rebuilding of the Hotmail service.

Windows Live Hotmail vs Gmail
Pete Cashmore over at Mashable compares the new Windows Live Hotmail to Gmail. Is it time to switch? I won’t ruin it for you as we are platform agnostic here at Boxbe.

Other links: Webware, Techcrunch, eWeek.

Undelivered e-mail an offshoot of spam-prevention
John Agsalud of the Honolulu Star Bulletin reports on the increase in false positives in spam filtering systems (FYI, a false positive is a message incorrectly identified as spam).

This battle of good versus evil has been going on for years. Unfortunately, the bad guys have improved their stock so much that the good guys are starting to have a difficult time fighting back. The end result? The good guys’ software is becoming more error-prone and mis-identifying messages as spam when they really are not.

We launched two enhancements yesterday afternoon to the Boxbe Quarantine: Junk Ratings and Message Search. Both features are designed to help you get through your quarantine folder more quickly and easily.

Junk Ratings

Our new junk rating is a way to make sifting through your quarantine easier. We’ve rated messages on a scale of one through ten based on what we think is more or less likely to be email that you would want.

Messages are also color coded like a stop light for quick scanning.

Green = least likely to be junk mail.
Yellow = somewhat likely to be junk mail.
Red = most likely junk mail.

As no spam filter is perfect, the junk rating numbers are meant as a guide to help you get through your quarantine more quickly. However, like any guide, use your own judgment when managing your quarantine.

Message Search

We’ve added the ability to search senders and subjects to find messages, senders or domains that you might want to approve. This search does not include the contents of the messages, rather just senders and subjects.

Message search works with the other filters on top of your quarantine, so you can specify dates and status as part of your search.

We hope you like our new enhancements.

Wired News reports today on the 29th anniversary of the “first piece of unsolicited bulk e-mail” sent out over the internet. Sent from DEC employee, Gary Thuerk to 400 people on Arpanet (the precursor network to the internet), this email started the menace that we all deal with today.

Apparently, Mr. Thuerk “thought Arpanet users would find it cool that DEC had integrated Arpanet protocol support directly into the new DEC-20 and TOPS-20 OS,” according to EFF Chairman Brad Templeton, who has an archive of the entire message.

The content of that message starts:

“DIGITAL WILL BE GIVING A PRODUCT PRESENTATION OF THE NEWEST MEMBERS OF THE DECSYSTEM-20 FAMILY; THE DECSYSTEM-2020, 2020T, 2060, AND 2060T. THE DECSYSTEM-20 FAMILY OF COMPUTERS HAS EVOLVED FROM THE TENEX OPERATING SYSTEM AND THE DECSYSTEM-10 COMPUTER ARCHITECTURE. BOTH THE DECSYSTEM-2060T AND 2020T OFFER FULL ARPANET SUPPORT UNDER THE TOPS-20 OPERATING SYSTEM.”

Looks like spam was hard to read from the beginning.

As you can imagine, people weren’t too happy to have their inbox invaded by unwanted and unrequested email. Brad Templeton’s page has the full message as well as reactions to that initial spam.

Read [via Wired News]

photo from Flickr member brunkfordbraun

Major Anti-Spam Lawsuit Filed in Virginia - Washington Post
“The company filed the suit on behalf of some 20,000 people who use its anti-spam tool. Web site owners use the project’s free software to generate pages that feature unique “spam trap” e-mail addresses each time those pages are visited. The software then records the Internet address of the visitor and the date and time of the visit. Because those addresses are never used to sign up for e-mail lists, the software can help investigators draw connections between harvesters and spammers if an address generated by a spam trap or “honey pot” later receives junk e-mail.” [via Ars Technica and Slashdot]

Before you declare email bankruptcy - Web Worker Daily
“Did you ever wish you could delete all your email without responding? Maybe you can. It’s called email bankruptcy. You realize you are never going to dig yourself out from under the pile of email in your inbox so you just declare that you won’t. You start afresh.”

Great tips on how to avoid an email overload calamity. I can’t tell you how many times I’ve considered doing this.

Classic DM tactics are spam for filters - Direct Marketing News
“More and more well-intended e-mail is ending up in the junk box as companies and individuals tighten the screws on their anti-spam systems.”

Interesting article about the multitude of false positives that are generated by standard email spam filters.

Photo by Flickr member Rosa y Dani

So, we’ve talked about botnets in the recent post, but what exactly is a botnet?

From Wikipedia

While the term “botnet” can be used to refer to any group of bots, such as IRC bots, the word is generally used to refer to a collection of compromised, or Zombie computers running programs, usually referred to as worms, Trojan horses, or backdoors, under a common command and control infrastructure.

How widespread are these botnets? From a recent story from MSNBC, “Internet founding father Vint Cerf dramatically suggested that 150 million computers worldwide may have been hijacked by criminals.

Essentially, botnets are the root of all sorts of computer nastiness, but first and foremost, they seem to be the source of a very large portion of spam on the internet today.

To protect yourself (and others) from botnets, take a look at my post last week, 5 ways to protect your computer from botnets, spyware and other malware.

Here are some resources for learning more about botnets:

• Tracking Botnets
• Is the botnet battle already lost?
• Is your computer a criminal?

Photo from Wikipedia

Technorati tags: botnet, spam

So, besides using Boxbe to screen your email, here are the top five ways to protect your PC from botnets, spyware, and other malware.

1. Buy a Mac

Seriously. Last year, Symantec’s official blog caused waves by saying “Simply put, at the time of writing this article, there are no file-infecting viruses that can infect Mac OS X.”

This isn’t to say their couldn’t be malware for the Mac, it’s just that their isn’t any currently. Compared to the millions of viruses for Windows, that sounds pretty good to me. For many users this isn’t possible or desireable, so keep reading for things that you can do to secure your Windows installation.

2. Upgrade to Vista

One of the claimed benefits of upgrading to Windows Vista is increased security. Symantec has backed Microsoft up with a white paper [PDF] (and a site section) that has a detailed Vista security audit and their assessment that there have been no known Vista viruses to date.

3. Install security updates

One of the interesting things about bots, spyware and other software designed to exploit your computer, is that most people become infected after a fix has been released from Microsoft. Why? Well, let’s just say that creators of malware aren’t all super geniuses.

When an exploit is revealed, there is a gap in between when a fix is released and when users actually download and install the fix. That opening gives hackers an opportunity to create a program that exploits the very problem that was just patched.

Generally, I’d advise people to wait when it comes to installing recently updated software as sometimes the fix can be worse the original problem. However security updates should be installed right away.

4. Install and use anti-virus and anti-spyware applications

Most anti-virus and anti-spyware software can be scheduled to run at specific times of day. If you eat lunch at the same time every day, consider scheduling the software to run then. It could also serve as a helpful reminder to actually eat lunch.

And don’t forget to keep your virus and spyware definitions up to date. Having outdated definitions is kind of like not having protection at all.

5. Don’t open email attachments from untrusted senders

And frankly, sometimes even from trusted senders if they aren’t technically savvy. I can’t believe that this still needs to be mentioned but these attachments aren’t opening themselves.

Bonus: Turn off your PC at night

PCs these days have a number of power saving modes that make it acceptable to leave your computer on all the time. I had gotten in the habit of leaving my home computers on all the time to guarantee instant access whenever I needed them.

If your computer has been compromised by a spam bot, leaving your computer on 24/7 gives these bots more of an opportunity to send their illicit messages. While it won’t get rid of the spam bot, it certainly will cut back on the messages sent.

Finally

Short of turning off network connectivity to your PC, many security experts believe that malware is becoming more widespread and common, everyday computers have so much power that it is far more likely for a botnet to go undetected than ever before. The internet is still a wild wholly frontier, keep yourself safe out there.

photo from Flickr user brookenovak

Better Gmail Firefox plugin
Gina Trapani, blogger and Lifehacker supreme has a released a plugin for Gmail that pulls together several Greasemonkey scripts that improve Gmail’s overall usability.

Features include “adding saved searches, attachment icons, label colors, keyboard macros, a filter assistant and right-click conversation previews.”

Massive spam shot of ‘Storm Trojan’ reaches record proportions
According to a recent article in Computerworld, the Storm Trojan virus attack is sending 50 to 60 times the normal volume of spam. The trojan contains a rootkit to cloak itself and it adds the computer to it’s botnet army to perpetuate the trojan horse. Scary stuff. [via PC Doctor and Slashdot]

Gmail vs. Yahoo! Mail Prize Fight [video]
CNET decides which email service is better. We won’t disagree with the results.

Yesterday, I posted some male names that were still available from Boxbe, today, I’ll do the same for all the females in the audience.

I also mentioned yesterday that it really stinks getting an obscure email address. None of your friends can remember it easily. If you are meeting people for the first time, giving SusanB9875 doesn’t really stick in short term memory.

There is a counter view to all of this, however.

I worked at Yahoo! back in the 1990’s and I was fortunate (so I thought) to get randy@yahoo.com. Very memorable and (unfortunately) highly spammed. Sometimes bulk emailers resort to merely sending email to X @ Y.com, replacing X with every name in a dictionary. As you might imagine, I received a lot of unwanted email and sadly, I gave up the address due to that burden.

Having a good name at Boxbe, on the other hand, won’t fall victim to the same shenanigans. As I’ve mentioned before, you only receive email from people in your Boxbe address book, people who pass a test or pay a fee, so you’re only getting the email that you want.

Without further ado, here are some of the popular women’s names still available on Boxbe.

• Mary
• Patricia
• Linda
• Maria
• Susan
• Margaret
• Dorothy
• Betty
• Helen
• Sandra
• Donna
• Carol

More after the link

(more…)

Do you get too much (snail) mail? I do. If you would like to receive less mail, I’ve collected a few ways that can help you decrease the amount of postal mail you receive.

Unsolicited Mail

The Direct Marketing Association of America has set up a service that for $1, they will add your name and address to their “Mail Preference Service.” What does your $1 get you? The site claims that it “will substantially decrease the amount of national advertising mail you receive,” but “not all commercial mail will stop.” It does take a 30-90 days for this service to become effective, but it sounds like a good way to cut back on marketing messages being delivered to your home.

Catalogs

If you’re like me, you receive a number of catalogs in the mail every month. If you have conducted business with any of the catalogs you receive, the above DMA Mail Preference Service may not decrease the number of catalogs you receive.

To remove yourself from catalog mail lists, you’ll probably have to call the catalog company directly, as through my research, their doesn’t seem to be any quick, free way to do this online. To speed the process along, make sure that you have your customer number with you. Customer numbers are near the mailing address on the front or back of the catalog.

Services

I’ve found two services (41 Pounds and Green Dimes) that claim to do all the work for you. I’ve not used them, but using a service might be easier than what I’ve suggested.

Last, here are a couple links with more detailed information about how to shut off specific kinds of postal mail you might not want.

• How to Get Less Junk Mail - CPSR
• Do-it-yourself - Stop junk mail, email and phone calls

I’ve used a few of these techniques personally so I’ll report back as I start to see results. I’m curious to hear if about any other tips you might have. If you have other tips, please share them below.

photo by Flickr user Casey Serin

In a previous post, we talked about how much time it takes to get rid of unwanted mail. Unlike email marketing, direct marketing via postal mail is expensive as they have printing and postage costs.

Email marketers still have to pay to acquire a list of email addresses and to design the email, but largely, the cost of email marketing is carried by the recipients (READ: you and me) in evaluating that email’s value. By charging marketers for your time, many marketers will refine the messages that they send.

But what makes us think marketers will pay? We think they will pay for your attention because they already do.

US Postal Service

I get a lot of mail in my (snail mail) mailbox every day. Usually, our small mailbox is stuffed full of mail. And most of that mail I didn’t request.

Typically, I get 3 kinds of unwanted mail:

• Grocery store inserts
• Catalogs
• Letters/Fliers

I was curious about how much marketers spend to reach me, so I started doing a little research online. Poking around a bit on the USPS website, I discovered their rate calculator for sending commercial mail. They divide commercial mail into several categories.

Standard Mail

Standard mail is the mail that doesn’t seem like mail at all. Standard mail is typically composed of loose fliers from grocery and other local stores, letters sent to “Resident” or any piece of mail that you receive that isn’t addressed to a person. Standard mail is big business for the USPS as it made up almost half of their revenue last year.

Using the USPS’ handy bulk postage calculator, I determined that it costs about $.16 for a 1.7 oz grocery store flyer via standard mail. Naturally, this doesn’t include printing costs, so this isn’t a total cost, but it is a good basis to work from.

Standard mail indiscriminately targets neighborhoods, cities and regions and isn’t targeted beyond the geographic boundaries.

Catalogs

By comparison to standard mail, catalogs are very expensive. By using the same calculator, I calculated my recently received catalogs of 6, 10 and 14 oz in weight, cost $.44, $.51 and $.57 respectively to send. Again, this doesn’t include printing, but where the grocery store flyer was printed on newsprint and unbound, the catalog from the furniture store was printed on high quality glossy paper, which is substantially more expensive.

Catalogs are more targeted, so in theory, the recipient might buy more from that retailer.

So, how much are you worth?

So, what does all this mean? By calculating one cost, bulk rates for direct mail marketing, we’ve established that marketers are willing to pay to get some of your attention. From my own non-scientific study of my mailbox, those marketers are paying somewhere in between $.16 and $.57 for each piece of mail sent.

While we aren’t planning on opening a direct mail division any time soon, we think some of that money ought to be going to you.

We’ve talked about the cost of unwanted email in previous posts, but what about unwanted paper or snail mail?

US Postal Service

In a given week, it’s safe to say that my household receives at least 3-5 credit card offers, 5 catalogs, 4 or 5 grocery fliers and scads of other mail that we never asked for. A very small percentage of the stack of mail is something that I either asked for or actually care about.

I know that I’m not alone in this. The US Postal Service, in their 2006 annual report, states that they send over 102 billion pieces of “Standard Mail” each year. Standard mail, by the way, is composed of loose fliers from grocery and other local stores, letters sent to “Resident” or any piece of mail that you receive that isn’t addressed to someone.

This number doesn’t include the 90 billion pieces of first class mail that is sent each year. First class mail is the regular addressed messages that you receive which could include hand written notes from your aunt or pictures of your 3 year old niece. Sadly, I don’t receive many of those kinds of messages, so most first class mail is unrequested as well.

The cost of uninvited mail

Unlike email, most postal mail must be closely inspected before you dispose of it. The dozens of credit card and mortgage offers I receive monthly contain sensitive information about me or my family. That information offers up an opportunity for identity theft. All of these messages need to be shredded. G

In a previous post about the cost to my time, I established some figures for the wages of the average American, I spend another 5 minutes a day disposing of postal mail and another 15 minutes a week at the shredder.

$18.50 an hour x 21 hours per year = $388.50.  

plus

15 minutes a week x 52 weeks * $18.50 = $240

Added together, unwanted mail costs you about $628 or 34 hours per year in lost time. Ouch.

Identity Theft?

Now, you could argue that I’m overly paranoid when it comes to shredding financial documents, but the cost of having your identity stolen is considerably higher. According to a study by the Identity Theft Resource Center, it takes on average about 330 hours to recover from identity theft.

330 hours x $18.50 = $6,105

There are about 10 million victims of identity theft per year in the US and according to the U.S. Department of Justice Statistics, identity theft is now passing up drug trafficking as the number one crime in the nation.

Long story short, buy a shredder folks.

What’s next?

I’ve looked at the costs of unwanted mail for individuals, but what about the companies that send it? Finally, I’ll end with some tips on how to lower the amount of unwanted mail you receive and help regain some of the your lost time and productivity.

photo by Flickr user MrBG

The personal access price is one of the key technologies we use to help people remove unwanted and unsolicited email. Effectively, it puts a price tag on your attention. Senders who are not pre-approved must either take a short test or pay a small fee to reach you.

When Boxbe collects a fee, we share with you the amount you specify. You can donate the funds you collect to a charity of your choice (we make it easy), or keep them for your own use.

Personal Access Price

So, why a personal access price? There are a lot of solutions out there for refining the contents of your inbox. Most solutions center around spam detection and removal. But spam detection doesn’t really work if your goal is to eliminate unwanted email.

Besides the obvious arms race between spammers and anti-spam tools, we believe that the actual definition of spam is a personal one. To me, spam is unwanted email. Unwanted email is any email that didn’t add some value to my day. Rather, those emails cost me something, my time.

People ask, aren’t you just another spam solution? In short, no. Boxbe makes it easier to receive valuable emails and decrease the emails you don’t want to receive. As a result, a delightful side effect of our service is spam removal.

Your time, your money

In the end, we’re trying enable people to take more control of their attention. Like Tivo and the iPod, we want you to have choices about how you spend your time. Life is too short to be dealing with unwanted email.

Boxbe helps you trade (and be compensated for) your time and attention. Your attention is valuable to advertisers if an offer you read influences what you or someone else later buys. If reading an offer makes you just slightly more likely to make or recommend a purchase, it may be worthwhile to send, even if an advertiser must pay.

We have more information about the personal access price in the FAQ.

In an earlier post, I mentioned a spammer who was phishing getting convicted and facing up to a 101 years in prison as a result. But what exactly is phishing?

Photo by Flickr user thermodynamix

Wikipedia defines phishing as

“a criminal activity using social engineering techniques. Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication. Phishing is typically carried out using email or an instant message, although phone contact has been used as well. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, and technical measures.”

In a nutshell, phishing is something criminals do to trick people into giving them sensitive information. The stolen information is then used by the criminal for further illicit activities.

Boxbe and phishing

So, what does Boxbe do about phishing? First, the only email that you receive when using Boxbe is from senders that you have approved, have passed a human test or have paid a fee. Second, we use two emerging industry standards, SPF and DomainKeys to increase the likelihood that the sender isn’t spoofing or faking their email address.

Is it a 100% solution? No. Unfortunately, we can’t guard against all forms of social engineering or deception. What we can do is guard against emails from entering your inbox that make false claims as to their point of origin. The rest is up to you.

Learn more about phishing

We suggest that everyone educate themselves against phishing. Here are some great places to learn more about phishing:

• Microsoft - Recognizing phishing scams and fraudulent emails
• Tips from Fraud.org
• Paypal Security Center
• CNET - How to avoid phishing scams

Score one for the good guys.

photo by Flickr user assbach

Goodin, who was arrested last year, was found guilty of operating a sophisticated phishing scheme, the prosecutors said in the statement. As part of the scam, he sent e-mails posing as AOL’s billing department to trick people into giving up their credit card information, according to the statement. He then used the credit card data to make purchases, prosecutors said Tuesday.

While he won’t get a 101 years for just spamming, this case is a perfect example of how spam can be tremendously harmful to people.

Be careful out there.

Read

Over the next few weeks, we’ll be talking about all the features Boxbe has to offer, but today we’ll start with the public forwarding address.

Public Forwarding Address

Your Boxbe public forwarding address is a protected email address. A message sent to your public forwarding address is sent to your real inbox only if the sender:

1. is pre-approved or “whitelisted” by you,
2. passes a test, or
3. pays a fee.

You can share or publish your public forwarding address online without concern because of this protection. The forwarding email address is very handy if you own a blog, a MySpace, Bebo, or YouTube account and would like people to be able to reach you outside those accounts.

Email on Steroids

Since most people have existing email addresses at both home and work or school, you might be asking yourself, why do I need another email address? A Boxbe address isn’t meant to replace those addresses. It’s meant to enhance them.

Personally, I’d never put my Yahoo! or Gmail email address on the internet as it is likely to attract email that I don’t want. Boxbe’s public forwarding address provides a way for me to post my email address anywhere on the internet and not worry about unwanted email.

I use my Boxbe address when posting in online discussion groups or communities, posting to my blog or commenting on someone else’s. I also use my Boxbe address on MySpace and basically anywhere I want people to be able to reach me. Best of all, it’s a forwarding address, so the emails that I want will be delivered to my regular inbox.

Who should use the forwarding email address?

I’ve mentioned a few uses of the forwarding email address for social media sites (blogging, MySpace, discussion boards), but we realize that not everyone participates on those kinds of sites. Boxbe can protect anyone’s email address from unwanted email. Chances are, even if you’ve not posted your email address in a public place, you receive email that you don’t want.

At our core, we’re here to cut down on the email you don’t want to receive and encourage the email that you do want to receive.