Prevent Brand and Revenue Erosion

Five strategies for protecting your assets from spam
Part 2 in a 2-part series
by Meryl K. Evans and Tamara Halbritter
According to The Spamhaus Project, the United States is the top country in the world with “ISPs [internet service providers] currently providing countries with connectivity and hosting to spam gangs directly responsible for the world’s spam problem” (SBL database, 2005).
China ranks second and South Korea third, but all this means is that globally, we have a big problem. Many of us are bombarded by spam daily. In some organizations, over 50 percent of the mail received is spam. In others, by using technical solutions such as email authentication and other spam blockers in combination with smart company decisions and policies, only five or less percent of the messages received are spam.
What can you do to have a smaller percentage of spam and help in the fight against this pervasive irritant? In the first article of the series we tried to alert you to the severity of spam crime and inspire you to develop your own task force to protect your organization against spam. The next step is to put your plan of action into place—to make the smart choices that will keep your brand and revenue safe. One tool you can use is your e-newsletter. In this article, we’ll show you how.
William Plante, ASP director for Symantec Corporation, and Robert Alberti, CISSP, president of Sanction, Inc. provide five strategies, which you can use to protect your assets from spam. Whether your company sells pharmaceuticals, software or other products, or services with supporting products, the following five techniques will help stop brand erosion and revenue loss.
1. Protect your intellectual property
Follow these guidelines for managing the digital rights to your property and for protecting it.
*Verify everything is copyrighted and trademarks are registered. That includes registering with the U.S. Customs Service, because much of this criminal action happens overseas.
*Make formal contracts with your distributors or authorized resellers. Get it in writing that they agree not to send spam about your products.
Unfortunately, in most cases, your audience assumes you or one of your distributors is sending these spam messages about your product. Most of your customers or prospects have no idea someone completely unrelated to your sales organization would take the liberty to send a missive about your intellectual property.
2. Join industry associations
Every member of the Internet community will be more effective working together than as individual organizations. One way to connect with other companies facing the same problem is by participating in lobbying efforts with them. If you work together, you can trade war stories and tap into additional valuable resources. Try to connect with people that share the same values your organization does. Communicate regularly about issues surrounding spam and the progress of your task force.
3. Be prepared to react
Once you catch someone, be prepared to prosecute immediately. Spam prevention can only happen at the expense of current spammers, by taking legal steps to enforce the minimal standard out there, and prosecute those guilty of major crimes.
*Set up investigators to sleuth the problem.
*Set up an abuse email address (abuse@yourcompany.com) so buyers and customers can forward spam to you.
*Report anything that affects your brand to the authorities.
*Track the spammer down. Instead of starting at the sender of the spam, direct your search to the end result of the spam. You can do this by making a purchase. That way you will know immediately if the spam is criminal in nature. You will also know where the spammer collects his or her payment, and if the spammer is a pirate or credit card scam artist.
*If the party is guilty of pirating your product, work with that third party payment collection company such as Visa, PayPal or BillPay and inform them of the problem. They will then get a court injunction to cease and desist, meaning they can shut the guilty spammer down. If the party is guilty of credit card fraud, inform the third party payment company, and also inform the ISP. In the U.S., the ISP will immediately shut down the spammer. Other countries have different laws, however, which is one of the reasons you want to register your product with the U.S. Customs Service.
Know that if you prosecute legally, once you get a court injunction and win your case, you are eligible for disgorgement. This legal term means you are entitled to all of the revenue that the spammer collects. While you may not get rich, at least you’ll help stop the problem at its source.
4. Establish great business relationships with distributors and customers
This strategy relies heavily on public relations including e-newsletters. Part of image building, your branding falls under ensuring good business relations. Plante recommends the following ways to build these relationships:
*Let your customers know that spam exists.
*Send out customer surveys about your products and their attitude about spam, piracy and credit card fraud.
*Create publicity around your steps as a Spam Fighter. Position yourself as a leader in the fight. Perhaps, add an occasional article in your newsletter about your fight against spam or put a note by the “unsubscribe to newsletter” information that spam is not tolerated.
The reason Plante agreed to be interviewed for this story is because he wants his brand associated with the facts. He wants to say, “Be careful, when my brand is coming across as spam, it’s not our company. We’re not doing that.” He advises people to be proactive and get involved and let your current customers and prospects know that this stuff might happen.
5. Don’t continue to spread spam to other users
While legislation is one way to prevent spam from spreading, Robert Alberti, president of Sanction, Inc., recommends using technology such as firewalls, spam filters and virus protection to help prevent and detect fraud. He also recommends using the task force to help end users become more knowledgeable about spam.
Alberti says, “E-mail was originally designed like an actual post office. Nothing prevents people from walking into a post office and sending out however many letters they like, but postage is expensive and strict rules regulate postal fraud. On the Internet, the postage cost is effectively zero; and there’s not much regulation, so almost anyone can mail anything she likes. Until stronger rules are put in place, e-mail ‘post offices’ must be secured by each business or they will be used by spammers. There are things everyone can do to further prevent the spread of spam.” Alberti gives the following tips for using technology to help in the fight against spam.
Join a Realtime Blackhole List (RBL) service. One way to stop spammers is to rely on one or more RBL services that keeps a list of spam offenders to keep an eye out for spam. Free services and commercial services are available. Both services automatically refuse to receive messages from known spammers for their clients. But use them with caution! If your company’s e-mail post office is used to send spam, you will end up on an RBL list. Once your company gets on a list, your customers and partners who subscribe to RBLs won’t receive any mail from you; and once you’ve been listed, it’s almost impossible to be removed from a Realtime Blackhole List.
Do not open spam messages. Probably the most important way to prevent the spread of spam is by not opening the messages on your computer. Many spam messages have lots of complex graphics. When you open this type of message, these images are fetched from the server, telling the spammer you opened the message. Given your response, the spammer sees you as a “hot lead” and adds you to other spam lists. That’s how spam spreads like a virus.
In addition, many people don’t realize that their e-mail program may be set at a default that automatically opens messages. All you have to do is turn off the “preview pane” (uncheck it) in your View menu in a program such as Microsoft Outlook, and these types of messages will not automatically open, making less of a spam trail, and also protecting you from some e-mail viruses.
Another way to quickly delete these messages is to create folders for your email coming from trusted sources. When you get messages, you can file them in these folders, then immediately select all the remaining messages and delete them. Microsoft Outlook and other programs come with “Junk Mail Rules” to expunge spam.
One of the latest spam tricks is the “triple extension hoax.” Some spammers send messages with a familiar non-toxic extension like a .jpg file. But they’ll add an extension at the end that executes another program on your computer. For example, you may receive a flowers.jpg, thinking it’s safe. If it comes in as flowers.jpg.exe, however, delete this file immediately. Most servers are savvy enough to watch for double extensions and delete them; however, now spammers are sending triple extensions like flowers.jpg.txt.exe, which get by current surveillance systems.
Use virus protection software. Alberti recommends counting on an original copy of a trusted virus software provider like Norton or McAffee to help stop viruses and the spread of spam. Many of these programs have spam filters, which alert you to spam messages. Installing a program like this can save many headaches as long as you regularly update your version. Otherwise, all of the new viruses and spam can still have free reign on your system. Many ISPs also provide a spam filtering service.
“Reliable anti-spam and virus protection is probably the best value software purchase you can make,” says Alberti, “The amount saved by preventing productivity loss is immense compared to the cost of the software.”
Losing an acquired taste
Whether you create a task force or just take steps toward stopping the spread of spam in your organization, whatever method you choose, make sure you position yourself in the eyes of customers and prospects as one of the “good guys.” Regularly inform customers about the steps you’re taking and alert them about possible fraud.
As long as you continue to communicate with your customers, they’ll realize the people at your company and throughout the Internet community don’t like the taste of e-mail spam.
William Plante is ASP director, Worldwide Security and Brand Protection for Symantec Corporation, the world leader in Internet security technology with a broad range of content and network security software and appliance solutions. In 2002, Plante formed and chaired Symantec’s Brand Protection Taskforce. In this role, he was responsible for developing Symantec’s strategy for identifying, assessing, and countering counterfeit and piracy threats to the company.
Robert Alberti, CISSP is the president of Sanction Inc., a team of highly-skilled business and technical experts who provide strategic, tactical, and operational guidance for all levels of an organization. Alberti’s team keeps operations safer, more secure and working efficiently. Currently, he is writing a book about protecting the bottom line with business-driven security practices.
Meryl K. Evans is an editor, wordsmith and writer for InternetVIZ and numerous resources. The content maven is available for editing, writing, and pepping articles and copy. Tamara Halbritter is a writer for InternetVIZ and other clients, an article and book editor for publishers, and is available to help you say what you mean. InternetVIZ is a custom publisher for companies wishing to find, acquire, and retain customers through Internet newsletters.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.