John Hoyle - Web Design and Consulting

After publishing the previous article entitled “Watch out for ‘news alerts,’ I did some updated checking to see if either CNN.com or MSNBC.com have acknowledged the problem and have tried to do anything about it. I’m pleased to say that progress is being made - I think…

MSNBC.com has actually put up a blog article about the “news alert” problem. Why they haven’t given it more visibility and have chosen to hide it back on a more obscure spot on their website is, at the minimum, a mystery. You would think that they would want to get the word out and put more emphasis on the problem. Maybe they are afraid that somehow it will diminish their appeal to their readers. If that is the case, it is definitely a misplaced caution.

One of the comments to the MSNBC.com blog article mentions that in order to watch the live Olympic video NBC.com is offering, NBC.com requires that you download a special viewer program. This is exactly what the sp@@mers are doing - so it is very easy for viewers to get confused? In both cases a properly configured web browser will throw up a caution and require you to confirm that you really want to download the new program. If yours is not doing this, then you need to update your browser to IE7 or a later version of Firefox.

Snopes.com is also reporting this scam and confirming that a very dangerous virus is attached to the program you are asked to download. It also reports that “FBI Bulletins” have been duplicated to spread similar viruses. Take time to read this article as it is very informative. Snopes.com can be relied upon as a good source for information of this type as well as “urban legends.”

I’m disheartened by the fact that CNN.com has not even mentioned the problem - either on its newscasts or on its website. If you go to their website and do a search, you will only get generic Google.com searches. Most of their articles are very out of date and none mention the “news alert” or “CNN.com Top Ten” emails that are being sent out with their design and logos all over them.

You’d think that a big news corporation like CNN.com would want to inform its viewers and readers that such a scam is out their and misrepresenting CNN’s good name. Whatever happened to “The News You Can Use” objective of CNN.com?

I’m sorry, but I have to once again give high marks to MSNBC.com for staying on top of important issues while giving CNN much lower marks for seeming to be oblivious to real news. CNN used to set the industry standard and has the resources to be the real leader in news. But they have faltered in my eyes and are falling way behind MSNBC. In fact, they may only be running neck and neck with FoxNews in terms of relevancy. Sad, very sad indeed.

Over the past few weeks many of my email accounts, especially Yahoo!Mail and Hotmail.com, have been inundated with messages purporting to be from CNN.com and MSNBC.com. They are “phishing” emails, trying to harvest new active email accounts by either (1)registering the emails that actually open the messages, and/or (2) by capturing emails from people trying to unsubscribe by following their bogus links set up for that purpose.

Here is a link to an article about this problem: MSNBC, CNN Breaking News Alerts Really Malware

I’ve reported these incidents to the security departments of both CNN.com and MSNBC.com. I did get one response back from CNN.com affirming that the emails were bogus, but other than simply telling me to delete them, they seemed not to be interested in pursuing the problem any further.

I would think that due to the fact that the spammers are using exact replicas of their webpages and their logos, that both CNN.com and NBC corporation would be all over these guys and do everything in their power to shut them down. It shouldn’t be difficult to trace the sources (I can do it in less than 30 seconds) or the email addresses that any responses are directed.

I think the problem is that these big corporations, when they do decide to go after somebody, usually go after some little guy with a small website and no money. They are easy and quick to comply simply because they don’t have the money to fight. Usually their transgression is to use a logo or photo that is copyrighted or appeared on the larger corporation’s site.

The real problem lies with the governments of China, Canada, and the USA. These guys can block messages (as China has done) that the government deems to be anti-establishment, or to track personal emails (as the USA is doing) supposedly to search out “terrorist” messages. If they have that level of technology and can control and monitor the emails of common people, they can certainly track the source of the millions of spam messages that go out to every email account.

I guess the real question is why they haven’t used their technology to put a stop to these harmful emails? Who is really behind this whole industry? Every so often they do catch one or two of the major spammers, but it usually because these guys have overreached and involved innocent people in their scams.

The bottom line is that there is obviously a lot of money in sending out spam emails and some of it is finding its way into the hands of those who are supposed to be policing this issue.

The CAN-SPAM Act of 2003 defined what was illegal and what each emailer must do to comply. Among other things, it clearly bans:

• It bans false or misleading header information. Your email’s “From,” “To,” and routing information – including the originating domain name and email address – must be accurate and identify the person who initiated the email.
• It prohibits deceptive subject lines. The subject line cannot mislead the recipient about the contents or subject matter of the message.

The real problem is that you never really know why the spammers are sending out these emails.  Are they loaded with a virus?  Is there a “spybot” or some other piece of software built in that might be able to clone or take over your computer.  Some software can actually capture your keystrokes and then email them back to the spammer. If you have accessed a credit card or bank account and actually typed in your passwords, then they have everything they need to crack your account and steal whatever they can.

I truly feel that the U.S. government spends so much of its time and resources cracking down on minor or victimless crimes, while letting these internet thieves continue to steal identities, bank accounts, and personal data from the public.  Our governments, both state and federal, would rather punish “sign laws,” the personal use of marijuana, licensing laws, and pornography than to go after mass conspiracies that pass on computer viruses, identity theft, and credit card abuses.

The real question here is “Whatever happened to common sense and real public protection priorities?”