Posted on behalf of: Neil Schwartzman, Executive Director CAUCE

A friend of mine just wrote to me about a new service called NotchUp.com so I looked them up on DomainTools.

Now, why would a company obfuscate their domain registration? I can’t think of a good reason why. That isn’t to say that NotchUp.com is not a fine upstanding company, I don’t know, but having correct and open information in your domain registration means you are taking responsibility for your online conduct.

Unemployed folks, and others looking to change jobs should be very careful when joining a job recruitment site; they can be real hornet's nest. For one, job applicants are giving out a tremendous amount of personal data that can be misused to the ends of personal identity theft. As well, many of them are not worth the bother, or can be out-and-out malicious.

Another friend was the victim of a drive-by virus-infected when someone ostensibly reached out to him about a VP-level job, one for which he was suitable (he's a sales guy, so it might not have been entirely targeted).

The CAUCE advice?

• Stick with the biggies - to name a few; Linkedin, Monster, Workopolis, Craigslist
• Check out new companies and new job sites from the comfort of your own browser!
• Run the domain through DomainTools
• Get yourself a copy of the great tool from McAfee Site Advisor, a plug-in that works for both Internet Explorer and Firefox, and check out their reviews.
• Use the Alexa Firefox plug-in to check out if the site has a reasonable amount of traffic.
• Use your favourite search engine on the name and the domain name of any potential job site or employer. Then search again and add the qualifier + spam. Or + scam
• Never respond to Unsolicited email
• If the job seems too good to be true, (especially if you are desperate!), stay away!

For example, LinkedIn currently has many 'work at home' jobs touted, money-laundering for 419 and phish-stolen money. Getting involved in those schemes helps sustain spamming, and you can be arrested. (LinkedIn are doing a fine job of deleting these as fast as they come in, but the bad guys slip through, nevertheless)

Good luck with your job search, don’t let the bad guys swindle you!

John Levine is quoted in this recient article in the Seattle Post-Intelligencer, discussing recient spikes in fake drug spam being sent from hijacked computers.  

Read the full story here: Two major spam cases end up in Seattle.

Yahoo users can feel a little bit more secure when receiving email from eBay and Paypal after Thursday's Yahoo! yodel: Say goodbye to eBay and PayPal fraudsters.

"We’ve teamed up with eBay and PayPal to become the first Web mail service to block the delivery of unauthenticated eBay and PayPal emails, reducing your risks of receiving phishing scams or fraudulent emails. Our weapon
is a technology Yahoo! spearheaded called DomainKeys, which uses cryptography to verify the domain of the sender."

This is the first major announcement of this kind, be prepared for more to follow by authenticating your mail now. Not just your commercial or transactional email but also your Corporate email.

From time to time we get questions from our members and we will try to answer many of them here.

I work for an organization that has a "community" portion of its site. People sign up and among the "benefits" they get is a newsletter. There is no way to opt out of this newsletter and we get a lot of complaints about it. This organization is run by an individual who would not be likely to listen to any employee who pointed out that an opt out or unsubscribe option would not only be courteous but also probably less illegal than what we're doing now.

Q: How can we shake the boss up to alert her to the fact that people should be able to unsubscribe?

A: The practise of sending email newsletters without and unsubscribe is Illegal under the CAN SPAM act. This can result in mailings to members that actually want to receive these communications to go missing. Worse yet it may result in heavy fines and other possible legal actions if this is intentionally ignored or omitted.

Here is a summery article that talks about the CAN spam law and the requirements of a mailer: http://www.ftc.gov/bcp/conline/pubs/buspubs/canspam.shtm

Here's a rundown of the law's main provisions:

• It bans false or misleading header information.
• It prohibits deceptive subject lines.
• It requires that your email give recipients an opt-out method.
• It requires that commercial email be identified as an advertisement and include the sender's valid physical postal address.

Penalties

* Each violation of the above provisions is subject to fines of up to $11,000.

Q: If I give you the company information, can you get in touch with her?

A: We know several great consultants that work in the field of email marketing we can point you in the right direction for that. However, if your worried about telling this to your employeer yourself... Will they listen to anyone else?