Now that we're all dependent on e-mail, it's taking over our lives. Here's some advice on dealing with spam and other e-mail cons, dangers and irritants over the next year – until it gets worse.

Posted on Charity Village February 10, 2005.

Remember life without e-mail? Ten years ago, in 1995, Compuserve and AOL connected their proprietary bulletin board systems to the Internet, making a unified e-mail standard available to everybody. The explosive growth of e-mail has been at least as transformative as the World Wide Web, and represents one of the fastest proliferations of innovations in history (along with television and radio). [See this pdf article for more detail.]

Unfortunately, as e-mail use has spread, the usual parasites, criminals and cons have followed it, and are doing their best to suck money out of the online population. Life online is feeling more and more like an arms race between prey and predators.

 

SPAM

Nonprofits suffer in several ways:

• Consumer rage against spammers is going to be directed against any messages asking for money, even messages that consumers originally agreed to. People forget that they asked for updates from charities, and just react against the endless stream of requests. Nonprofits need to keep updating their e-mail fundraising and communication strategies to minimize anger from donors and potential donors.
• Spam filters are getting tougher, to the point where legitimate bulk messages are routinely rejected. For a while, I couldn't send e-mails to a colleague at a Canadian university because the overloaded IT staff had decided to reject all e-mail coming from Sympatico servers. Apparently sympatico.ca wasn't filtering out spam messages so all of their users were penalized. More recently, I'm seeing my e-mails rejected if I include words like 'free', 'service' and other spam-like words (as in “immigrant services are free for government-sponsored refugees but not for refugee claimants”). And the problem with spam filters is that mail just disappears; the sender is not notified that the e-mail isn't delivered. Robin Good purposely misspells many of the words in his excellent and informative newsletters to fool spam filters, but he must keep updating them to keep up with the latest ones. And some filters block all messages from developing countries using IP blocking.
• Individual users are acting as their own spam filters. Increasingly, I'm finding that e-mails are deleted if the recipient doesn't know the sender, even when the recipient has asked for information. E-mail users go through so much junk, they just delete most e-mail without reading it. Nonprofits pay two ways: their e-mails are being rejected, and their staff are spending way too much time going through junk e-mails. If you haven't heard, “Oh, sorry, I deleted your message because I didn't recognize your name,” get ready for it.
• The cost of dealing with spam is horrendous, in terms of wasted time, storage space, bandwidth and so on. Nonprofits who have their own IT staff are using precious IT support time fighting the spam arms race. Nonprofits without IT support are wasting staff time by restricting e-mail use or going through endless junk e-mails.

Viruses are a weird variant of spam. They prey on the Internet population but instead of money, their creators get fame among their own community. Social networks, human ingenuity, voluntarism, and community-building have their negative sides. It's fascinating to read about the culture of hackers/crackers, but the impact of viruses is terribly destructive to the civic space of the internet.

PHISHING & SECURITY

Phishing is a popular – and effective – con in which victims get an e-mail from a 'legitimate' web site asking for password verification. When they click on the e-mail's link and log onto the web site – apparently PayPal or their own bank or whatever – they are actually giving their username and password to a con artist. It's a huge problem and it's astounding how many people fall for it.

Nonprofits are penalized in two ways:

• Donors are getting more suspicious of e-mail as a way to respond to fund solicitations. It's a similar problem to spam, but it attacks the legitimacy of e-mails by making knowledgeable users question whether e-mails from your agency are really from criminals.
• Nonprofit staff who fall for phishing schemes may be revealing more than their own bank accounts. Most people use the same passwords for multiple web sites, including intranets and databases with client information. And someone who falls for a phishing attack will be the same person who uses the name of their cat as a password. (You know who you are.) Phishers often capture usernames and passwords for a trivial web site and then try them out on more important services. Good password policies are extremely hard to implement and monitor, and with online-accessible databases we are creating a system that is wide open for abuse. If nonprofit staff aren't using strong passwords that are unique for each service (which requires training, discipline and an encrypted password list like the free Password Safe), your agency's information is vulnerable.

PRIVACY AND BACKUP

Imagine that all of your work-related telephone conversations and many of your personal phone calls over the past few years was taped and transcribed, and could be instantly searched by your boss, even after you left the organization. That's what is happening with e-mails and instant messages. Our dependence on e-mails means that a big part of our relationships are being captured in text. The launch of excellent free desktop search programs are creating great anxiety among people who thought that personal e-mails (and documents) could stay hidden in their computers. Confidential information takes only seconds to locate.

Implications for nonprofits? Confidential client or donor information, as well as embarrassing reminders of past errors, may be searchable in old e-mail archives. On the other hand, it can be really helpful to have information from old communications. Document management policies should describe how long people should save e-mails, how they are backed up, and who may have access to them. Many staff are unaware that their e-mails are backed up centrally and may be subpoenaed or used in human resource actions.

Speaking of backup, you do know how often your data is being backed up, right? And when it is deleted, and who has access to it?

CONCLUSIONS

The big technology companies like Microsoft and, well, all of them, are concerned about the threat of spam and viruses to the viability of the internet as a safe place to interact and buy things. Expect to see interesting responses to spam and other problems, but prepare for disruption to your e-mail services while solutions are tried out.

Despite these problems, I believe that e-mail is a boon to most organizations, in the same way that telephones are a vital tool for most workers. Problem is, its strength – the ability to communicate with many people at once – is also its vulnerability. It's going to take us a while to figure out how to minimize its disadvantages while using its potential to connect with each other.

**********
Gillian Kerr, Ph.D., C.Psych.
President, RealWorld Systems

gkerr at realworldsystems.net

The New York Times
reports on various online services that allow small organizations to
reduce overhead expenses. “From marketing to business cards, logos,
financial software and virtual
offices, Davids can look like Goliaths, thanks to unlimited access to
free and low-cost goods and services.”

Services described in the article are gotlogos.com, vistaprint.com,
office.com, mimeo.com, and angel.com. For example: “To cut expenses,
Mr. Manasra switched some of his phone operations to angel.com,
a Web-based, voice-activated service that gives callers the impression
they are communicating with a large company with many employees. With
its call-tree features, the system could give automated answers to the
most common customer-service questions…. To configure the
service, Angel customers type in the name of their company and the
names, nicknames and phone numbers of employees and departments. It
doesn't matter if the owner, chief cook and bottle washer are all one
person; when a caller speaks the name of a department, the system can
be set up to display a certain number, alerting the company's sole
proprietor when a call is coming in for customer support or to order a
part.” Fees start at $40/month US.

Some of these services are only available in the US, but Canadian versions are available.

I finally posted links to my last few Charity Village articles.   Here are the links with quick summaries.

Coping with e-mail in 2005 – spam, viruses, phishing, security and privacy:
Now that we're all dependent on e-mail, it's taking over our lives.
Here's some advice on dealing with spam and other e-mail cons, dangers
and irritants over the next year – until it gets worse.

Technology-mediated living for people with disabilities – and the rest of us:
A wheelchair that can climb stairs, digital eyesight, automatic voice
transcription, communication through brain patterns – new technologies
are transforming the environment for people with mobility and sensory
impairments. But it's also pointing to a future in which we are all
cyborgs.

Academic search engine may help the voluntary sector:
Finally, nonprofits may be able to disseminate their research and
reports to a worldwide audience through the new Google Scholar.

Should you move to a Voice over IP phone system?
Voice over IP, or Internet phones, are finally going mainstream. Should your agency think about switching to VOIP?

Research on distance collaboration: Distance collaboration and dispersed teams, if managed well, increase innovation and productivity.

As an alternative to collecting usability information from your technology users, Boxes and Arrows suggests that you use existing corporate information to short-cut usability studies.

For example, you can review the call support centre database to
identify User Interface issues like confusing error messages and
interaction problems that are reported by customers.

The article concludes, “Mining customer databases is an essential first step to really
identifying who user experience professionals are designing for. The
information is at a high level, but extremely valuable when determining
who to recruit and where to focus additional research efforts.
Furthermore, this information is a level of data most other
stakeholders in the company (such as marketing, sales, and strategy)
can understand. It also helps in starting dialogues with these other
working teams. UCD teams should take responsibility for performing, or
at a minimum overseeing these analyses, to ensure accurate results. In
sum, begin with the end in mind by optimizing your own internal
resources.”