Blog post by Ron Edison, Founder and CTO of Internet Defense Technology

So, there I was in the middle of my hectic work day when I saw it…. a piece of spam so well put together that I actually did a double take.

And in my day I have dealt with millions of pieces of spam…

This message looked incredibly legit. I knew it was spam from the moment I saw it but it looked so legit that it caught my interest.

It was allegedly from paypal, it had the paypal logo, was written in good English, warned the user never to give out their password, a link to the paypal security policy (which really did link to the real one), etc.

Furthermore I do have a paypal account and this thing was worded just like other emails I’ve gotten from them.

Of course it requested that the user “click here to activate your account” and such things — a dead giveaway to those of us who have acquired that net savvy and a nose for a scam, but pretty convincing to enough Internet users to make sending such things profitable.

Examining the message, it was, interestingly enough from “” very close to “” a real paypal address, but again, something many Internet users would miss.

Out of curiosity, I downloaded the message using Mozilla Thunderbird, both the most recent stable version and the new upcoming development version. Thunderbird is generally good at warning users away from scams but here it only warned about blocking remote images, something that is pretty common on legitimate mail as well.

Overall, this was a masterful piece of spam that was an admirable (if I might use the word here) phishing attempt.

The link to “activate one’s account” was obviously not going to paypal but some other domain entirely, but again, not something many would notice and on some clients such as Blackberrys with HTML email enabled, not visible without switching to plain text mode.

Bottom line is that spammers and identity thieves have gotten increasingly sophisticated and today’s Internet demands security measures unheard of a decade ago.

Not often pointed out is how extensive one’s security measures must be to operate computing devices with Internet access safely in this day and age. Many fall short.

With a multitude of vendors crying out their wares, few simple solutions exist.

At Internet Defense Technologies, we keep some of our email accounts intentionally unfiltered so we can keep an eye on the latest, and so here it is.

Really complicated security measures don’t hold up because they inhibit users, are difficult to use, etc. Users themselves will defeat onerous security measures — from the classic sticky tab with a scrawled password commonly found in the corporate environment with a very strict password change and complexity policy to simply not using a work email account because one can’t depend on email to arrive and make it through the gauntlet of the spam filter and antivirus layers erected by the IT department.

Total Mail Defense was created with the idea of simple and effective email security that doesn’t inhibit the use of one’s email. A single false positive sometimes can overshadow the value of an entire email security system, since, if the users can’t get their email, the whole point has been missed.

All too often the simple idea that email, to be useful must be delivered — as fast as possible and the security has to be transparent and simple to use for any user.