One type of message claims to be from Sonic.net itself, and says something along the lines of:

> We are currently carrying-out a maintenance process to your sonic.net
> account to fight against SPAM MAILS,to complete this process and if
> you are the rightful owner of this account you required to reply with
> below information of your email
>
> User Name here:(**********)
> Password here(**********)

I love it. Well written stuff, “you required to reply”! Another example:

> We are currently upgrading our data base and e-mail
> account center. We are canceling unused web mail email
> account to create more space for new accounts.
>
> To prevent your account from closing you will have to update
> it below to know it’s status as a currently used account.
>
> CONFIRM YOUR EMAIL IDENTITY BELOW
> Email Username :
> Email Password :
> Date of Birth :

It’s funny in a way, they say “to create more space”, like “it’s getting crowded over here on the Internet, sorry, we’ve got to delete you to make more room in the tubes!”

Another message attempts to create credibility via a signature line, “COMFIRMATION CODE: Sonic.net-/93-1A388-480 Technical Support Team. Another, “Sonic Support/Maintainance Team TSR. I am not sure what a “Team TSR” is, but if we meet them, I can assure you the real Sonic.net staff will beat them soundly at a game of Street Fighter.

The point is, there is an urgent call to action that is totally contrived, but which is intended to get people to react.

They are simply trying to fool customers into providing sensitive information. When these phishing emails arrive, we react and block them, and we block the reply address so any responses customers might send do not make it back to the phish’s sender, but it’s an ongoing and reactive process.

Please, don’t be fooled. Sonic.net will never ask for your password. We will not ever email and ask for it, and we will not call you and ask for it. (BTW, when these type of things are done over the phone, it’s called “social engineering”, as opposed to email, where it’s called “phishing”. Either way, think before you respond!)

The senders are hoping to gain access to your email box. They would presumably then use this to attempt to gain access to online banking and other sensitive resources. Always use a strong password for your email, and never give it to anyone under any circumstances.

Phishing is a growing problem on the Internet, with criminals engaging in all sorts of ruses in an attempt to steal personal and banking information. The Department of Justice advises email users to “stop, look and call” if they receive a suspicious email.

• Stop: Resist the urge to immediately respond to a suspicious email – and to provide the information requested – despite urgent or exaggerated claims.
• Look: Read the text of the email several times and ask yourself why the information requested would really be needed.
• Call: Telephone the organization identified, using a number that you know to be legitimate.

If you have been “phished”, and believe that you have provided sensitive information about yourself through a phishing scam, you should:

• Contact the business or financial institution affected.
• Contact the three major credit bureaus and request that a fraud alert be placed on your credit report. The credit bureaus and phone numbers are: Equifax, 1-800-525-6285; Experian, 1-888-397-3742; and TransUnion, 1-800-680-7289.
• File a complaint with the Federal Trade Commission at www.ftc.gov or 1-877-382-4357.

Consumers should never provide their personal information in response to an unsolicited telephone call, fax, letter, email or Internet advertisement. Don’t get hooked by fraudulent phishing attempts!

To learn more about phishing, see the Wikipedia phishing page.

We are researching the idea of offering personalized surname based email and web addresses. This would mean that a customer could select an email address like firstname@lastname.com, and an optional web address of firstname.lastname.com for example.

Each would forward to a customer’s usual mailbox or website, so there would be be no change to existing addresses or settings – just a new personalized address in addition.

Over 35,000 surnames are available, matching over 60% of individuals.

What do you think? Is a surname based email address and web address worth a few bucks a month? Comment here with your opinion please!

Most Internet users either use POP (post office protocol) to access their messages, or a webmail interface of some sort today.

POP is simple – an email client such as Outlook Express or Thunderbird connects to our servers, authenticates, and fetches all of your email. The client tells our servers that everything has been received, and the messages are deleted from our storage here. If you’ve just got one PC, this is adequate, and convenient. All of the messages are stored locally though, so if you keep emails for future reference, a computer crash can mean the loss of your archive.

Webmail is the direction that many Internet users have gone, because there’s a natural desire to be able to access email from any PC. At home, at work, while at a friend’s house, etc. This desire has caused many Internet users to select a free webmail service such as Yahoo, MSN’s Hotmail or Gmail. The down side of these free services is that they have very limited accountability, and they are supported by advertising. You can’t phone up Yahoo’s support line if your messages go missing or call Google if you can’t log into Gmail – they don’t have a phone number and simply don’t want to talk to you. It’s free, so it’s not reasonable to expect much from them.

IMAP solves these problems. It centralizes the message storage here at Sonic.net, on reliable storage, and makes the entire inbox and archive available from multiple locations and via the web. Sonic.net is the only mainstream Internet Access Provider that I know of who provides IMAP, and it’s a feature that I’m very excited about.

(click image to enlarge)

It might seem odd to be excited about something this simple, but because email is so essential, and such a big part of so many people’s daily lives, I know that changes to the way that we access and use email can make a huge difference.

Like POP, you can use IMAP with clients like Outlook, Thunderbird (which I use and recommend), etc. It also allows access from portable devices such as Apple’s iPhone. And finally, when you’re at a random PC, you can use it via our webmail interface.

A unified inbox is wonderful, particularly as your email volume grows. You receive an email while you’re at work, read, respond, and delete it. On the way home, you check mail on your iPhone – and your inbox is shown at exactly the state you left it in when you departed the office. Once home, you respond to a few items and delete them, and back at work the next day your inbox is identical to the way you left it when you departed home. If you’re using a PC that’s not your own (and which thus doesn’t have your email client (Thunderbird!) installed with your settings), you can use the web interface, and the messages are all right in the state that you left them in.

There are a lot of advantages to using IMAP over both traditional POP and free webmail solutions, and if you use more than one PC or want to access your email from anywhere aside from your primary PC, I recommend that you switch right now.

IMAP is easy to set up – in your client software, you simply select the IMAP protocol instead of POP, and use the server imap.sonic.net instead of pop.sonic.net. You’ll duplicate these settings as you install client software (Thunderbird, Outlook, etc) on any additional PCs (at work, laptop, etc). If you need any assistance, phone our support group at 707-547-3400 and they’ll help you through the settings right now.

IMAP allows unified access to email without using a free webmail service. This provides you with the ability to establish a long term email address, knowing that it will be available to you for as long as you like. With free webmail, the service could become restrictive or fee based, may become too ad-laden to be usable, may include ads sent at the bottom of every email (Yahoo does this), or you may simply lose access because someone sent spam using your name. There is no one to call, and no reason for them to help you, because you are just another free mailbox.

There’s too much risk in free webmail, your email and email address are too important.

The practical risks involved have however been judged to be worth taking by many Internet users, as you can see by the proliferation of @yahoo.com and other similar addresses. The upside was unified access, which POP just couldn’t provide.

Now, with IMAP at Sonic.net, that problem has been solved, providing individuals with a more powerful way to manage their messaging.