Opinion » Cybernaut


The scamming continues



For almost a year the spam filters at work and in my e-mail client kept the problem more or less at bay, but spammers are starting to sneak through the gates once again. They're even spoofing my co-workers' e-mail addresses to draw my attention to fantastic deals on replica watches and prescription drugs.

Meanwhile, phishing scams (identity theft) are getting a lot more sophisticated. A co-worker recently received an e-mail purporting to be from the Canadian Revenue Agency informing her she was entitled to a larger return. When she clicked on a link in the e-mail she was directed to a webpage that was indistinguishable from the Government of Canada's portal. Luckily her bullshit detector was working and she called CRA before giving the scammers her personal information, including Social Insurance Number.

I've written this before and I'll write it again - never, ever directly reply to, or click a link in, an e-mail purporting to be from your bank, e-mail host, government, eBay, PayPal, or anybody who may have any of your personal information, because 99 per cent of the time it's probably a phishing scam. If you think there's a possibility that an e-mail is legitimate then you should manually go to their web page - type in the URL yourself - to confirm it, but never, ever follow the link that they provide. When in doubt make a phone call, but again you should never call the number provided in a suspect e-mail. Use the phone number on the back of your credit card or bank card, or the one provided on their website.

Unfortunately, even that's not 100 per cent safe these days. Some viruses can actually hijack your web browser to guide you to phishing websites, or load fake pages to your computer that make it appear like you're online.

Some web browsers let you know if a website is verified as secure by a little lock icon that appears in the corner - something you should expect to see on any page where you enter personal information. Firefox users can also download the WOT (Web of Trust) add-on that provides you with a consumer verified security ranking for every site you visit.

There are lots of ways to protect yourself, but the truth is that smart people are victims of fraud all the time, while the scammers are becoming better at what they do. You used to have to activate a virus yourself by clicking on a link, but now all you have to do is look at the wrong website or image to get infected with a virus, worm, Trojan or spyware.

But for all the billions of dollars stolen and all the time and resources wasted, cyber crime still ranks low on the radar of most police agencies. They're very good at busting child pornography rings - and kudos for that - but it's rare that someone is arrested and prosecuted for spamming, phishing, hacking, or other types of Internet fraud or malice.

It's like white collar crime - nobody talks about it until after billions of dollars have been lost or paid out in largesse. They frog-march a few of the top guys to jail with their suit jackets pulled over their heads, but dozens of other instigators and beneficiaries go free.

Canada is currently considering two competing laws that would create new penalties for spammers - probably a little too late considering that spam currently accounts for 81 per cent of all e-mail traffic. Senate Bill S-220 provides for private right of action and criminal remedies, while Bill C-27 allows for private right of action, coordination between government agencies, and civil remedies (e.g. you can sue the spammers... hello class action!).

As long as Canada isn't plunged into another federal election any time soon, we can expect at least one of these bills to pass Parliament sometime in late 2009.

While the bills could put most Canadian spammers out of business it won't do much to stop spam coming in from other countries, which account for the majority of spam e-mails and phishing scams.

It's time to get global with this and to pass an international law regarding spam that comes with real consequences for nations and individuals. For example, some Caribbean countries have become a hotbed for tax shelters as well as gambling sites, spam, and other questionable online activities - maybe the threat of international economic sanctions or travel bans would put a stop to that.

Most countries would have no choice but to comply, leaving a handful of rogue nations where anything goes. But the beauty of the web is that you can monitor, filter or even block the Internet traffic originating in any one country.

I'm not saying that the world doesn't have more pressing issues to deal with right now, just that the web isn't enough of a priority when you consider the cumulative consequences. If our phones rang with unsolicited sales calls as often as we receive spam e-mails you can bet that we would have dealt with this issue by now.