When we think of terrorism, we usually don’t relate it to activities that happen online. However, cyberterroism is definitely an issue that all of us have to face at this time. Viruses used to be the primary problem, but other lowlifes are now using defrauding techniques to obtain personal information from unsuspecting users. What’s a computer user to do? How can we fight back against these attacks? Gnomie Davis McCarn recently wrote me an e-mail that documented his thoughts on the matter. He has a lot to say, and I thought that I’d share his comments with everyone.

“In part because I have had one e-mail address for almost a decade now and because I promoted my business heavily a few years ago, I receive almost 400 e-Mails each day. I also have several projects ongoing wherein I am tracking several types of those e-mails, investigating some to see their source and if they have been shut down.

“The purpose of this writing is to report problems that make it virtually impossible to dent the impact of two serious threats to computer users everywhere. I should add that, as a seasoned computer professional with 29 years of experience in PC services, if I am frustrated and seemingly unable to affect any effort to stop these threats despite very specific information passed to the proper parties, the average user may as well not even try.

“Phishing or defrauding a user to reveal personal information for criminal purposes has become enough of a problem that it commanded front-page coverage in a recent edition of the Charlotte Observer; but there is no easy way to report it to most companies.

“eBay and PayPal have a great model; forward the e-mail to spoof@ and you will receive a reply within minutes confirming the e-mail as phishing and giving specific instructions on what to do, including a toll free number to call if the user has already fallen for the scam.

“Citibank, Wells Fargo, US Bank, Sun Trust, and many others not only have no easily found place to report possible phishing; they further do not acknowledge receipt of reports when sent to the addresses found on their Web sites and, seemingly, take no action when phishing is reported.

“I am not a proponent of government regulation, but shouldn’t the companies at greatest risk have some easy method to report and, specifically, follow up?

“Without such a method, phishers will continue to succeed.

“Cyberterrorism takes many forms, with the most prevalent being the spread of computer viruses. Here, too, there is no common or simple way to report and, even when reported, no apparent action is taken.

“In the last six days I have received twelve e-mails containing viruses from the same source, and because they have been several different viruses, some which arrive multiple times, the correct conclusion is that someone using that address is releasing viruses as it is not characteristic of those viruses to do so.

“If reporting a virus gets no action from the people responsible for allowing that computer access to the Internet, how can we ever stop the spread of viruses?

“Phishing has just evolved a new and deadlier method; using a keylogging Trojan to capture login information entered when users think they are going to the same place they used to pay their bills last month. Viruses continue to set new records for how fast they spread and how deadly their effects can be. If an expert cannot get the responsible parties to take any action, how can we ever win these battles?

“It is time for a wake up call to the media, banks, credit card companies, law enforcement agencies, and legislators. If changes cannot be made within private channels, laws, unfortunately, need to be enacted. Without user friendly methods to report phishing and cyberterrorism, along with aggressive follow up by those responsible, it is just a matter of time before…”

Well said, Davis!