• silicon.com
• Management
• CIO Insights

By silicon.com, 4 March 2003 15:58

COMMENT silicon.com has recently brought you extensive coverage of the problem of the so-called 'Nigerian' 419 email scam. Many of you have blamed ISPs for taking a lax approach towards policing this problem, accusing them of having a 'couldn't care less' attitude. But this is an unfair criticism. Having spoken to ISPs it is clear most are taking the problem seriously but they cannot deal with reports on a case by case basis due to the sheer numbers of reported scams. However, if the ISPs are guilty of anything it is of not sharing enough information about what they do upon receiving a report into the abuse@ addresses they typically provide. Similarly they are not doing enough to educate users and potential perpetrators of these scams. As such accusations of a conspiracy of silence are justified. ISPs may be acting but they are not seen to be acting. They need to provide prominent warnings on their homepages about the threat of email scams - and they need to advertise what is being done in the fight against fraud. Admittedly, no business wants to advertise the fact that their service aids fraudsters in the pursuit of ill-gotten gains. But this isn't comparable to a garage hoisting up a placard above its roof boasting 'we do cut and shuts'. The ISPs are unwilling accomplices in these scams. More to the point, everybody knows their services are being used in this way. There would be no further shame in admitting this is case. In fact the web-wise public would probably have far more respect for the first ISP to stand up and admit in a loud clear voice: 'We have a big problem with these scams - but here's what we're doing about them'. Similarly prominent warnings on the homepage would act as a powerful deterrent to the perpetrators. If ISPs made it explicit that 'We do not support 419 scams' then the criminals behind them would steer clear of their service. If prominent warnings made it clear that such scams are being monitored closely then it would make a very unhappy hunting ground for would-be scammers. Traditionally these 419 scammers become very flighty when they think people are onto them. Visibility is the key. It's true of all kinds of crime-prevention. In the case of store security guards, burglar alarms, speed cameras and CCTV cameras the war is often won with deterrent rather than detection. It could be same with email fraud. Make it clear that 'Our users are clearly warned about your scams and we know what you're doing' and the scammers will retreat. But are such measures likely to be implemented? No, not while ISPs are still of the opinion that openly admitting the existence of fraud on their networks is a PR disaster.