As buzzwords go, phishing’s pretty good. Conjures a visual of a sparkling trout, snapped into space and flailing its way to a welcoming frying pan. The trout, of course, is you.

The solution to some is obvious. The usual industry consortium, primarily composed of the creators of email that’s easy to fake, and those who stand to make money protecting you from the fakery. Whip up a blizzard of press releases and white papers filled with harrumphs and regrets, and… here’s the beautiful part… your fears morph into money that magically disappears into their hands. Problem solved, right?

Not so fast. Most email phishing problems are solved by network admins who, with the backing of strong bosses, set their network content filters to disable and expose HTML links embedded in messages. While an occasional phish may whine that messages aren’t as pretty as web pages any more, the phisher’s daily catch drops precipitously.

But there’s an even simpler way to stop SMTP phishing attacks. Quit sending wormy email. Convince eBay, PayPal, Wells Fargo, Barclays, et al to: a) Refrain from sending HTML-formatted messages; b) stop embedding links in email, and c) broadly advertise the no-HTML/no-link policy, so customers know what to expect. Thus, messages that deviated could be easily dispatched by even the dumbest email client.

Admittedly, sans HTML, unformatted, all-text messages would be significantly less flashy. Senders would be forced to replace eye candy with compelling copy, which requires a modicum of talent…

And replacing hieroglyphic-inspired links with the URL for the company’s website would require onsite link coordination, meaning more discipline on the part of the whole spamm… oops!… marketing team.

So. All we’re asking is that the huge, rich senders combine a bit of talent with coordination and discipline.

On second thought, it’ll be easier for everybody if you simply develop a taste for worms.

Related articles >>