• United States
Contributing Writer

SurfControl warns against brand spoofing

Jul 15, 20032 mins
Email ClientsEnterprise Applications

* Anyone’s brand name can be hijacked in e-mail, SurfControl says

In a recent press release, SurfControl, a maker of e-mail filtering software, noted that brand spoofing – a type of spam that preys on a consumer’s trust in a brand – is on the rise. As I read the release, the phrase “trust no one” leapt to mind.

According to SurfControl, since March, brand spoofing has emerged as a serious threat in the world of spam. Malicious spammers create messages that appear to be from legitimate companies and distribute them to batches of e-mail addresses via unguarded proxy servers. Recipients of the e-mail go to the site the e-mail directs them to and in many cases offer up personal information such as credit card numbers, bank account numbers or Social Security numbers.

In the past few months, Best Buy, PayPal and First Union have all seen their names smeared by this type of spam. And there’s little to nothing they can do to stop it. Instead, they are stuck handling the surge of complaints and trying to explain how easily something like this could take place.

SurfControl, in the statement, encouraged companies to educate their users about e-mail. They should underscore the importance of not giving out personal information in response to any e-mail, as “there is no legitimate reason for any Web site to ask for e-mail verification or the updating of confidential information via e-mail.”

They should also urge their users not to open suspicious e-mail or visit the Web site the e-mail is pointing to – as the mere act of doing so could expose the client and network to viruses and Trojan horses.

Another part of the education requires that IT managers within these organizations stay on top of the latest scams and alert their users immediately. While SurfControl offers this information, the Federal Trade Commission also has updates on e-mail activity.

The best defense in all of this is, as I said before, “trust no one.” It’s that whole mantra, “if it walks like a duck and quacks like a duck, it probably is a duck.”

What do you think? Let me know at