Blog article
See all stories »

Spam and the Phishing Opt Out

Given my fairly loud views about green browser bars and snake oil (in case you haven't read them - basically I put them on a par with the guys who sell those pills alleged to make one's parts bigger). I don't have a great deal of faith in them and I'm well endowed enough already.

This didn't stop Verisign from sending me a suspicious email:

"It's coming up to the busiest shopping period of the year, and the best way to help bring in more online business is with the green bar from VeriSign®.

What’s the green bar all about? In high-security browsers (such as IE7, FF3+, Opera 9.5), the green bar indicates that your site is secured by an Extended Validation (EV) SSL Certificate, now the standard in online shopping security:

  • 93% of online shoppers prefer to shop on sites that show the green bar1
  • 97% are likely to share their credit card information on sites with the green bar1

Now’s the perfect time to get
a green bar of your very own


1 Tec-Ed Consumer Research — January 2007
2 Your company’s results may vary."


Well I like to look at the fine print first - "Your company’s results may vary"

By gads it's even more like those "individual results may vary" disclaimers on the dick pill ads.

I assume I'll be the one with the' varying results' and the product will turn out to be much like the pills.

I might mention that I don't hold shoppers' opinions in very high regard when it comes to spending on security. I'm also not of the opinion that a paint job for browsers is really going to improve security and have I a bit of a thing about bullshitting either myself or the customer into a false sense of security. I suppose I'll flag that offer.

Then comes the bit that convinces me that its a dud. I try to 'unsubscribe' from future emails.

At this point I'd remind readers that giving any further information away while 'unsubscribing' will likely see you put up as an example of what went wrong on the Phishing Expert channel.

According to Australia's anti-spam laws (where the message was delivered to)

Examples of unsubscribe facilities that are clearly worded and easy to use include:

  • Email: 'Unsubscribe: if you no longer want to receive messages from us, simply reply to this email with the word "unsubscribe" in the subject line.'
  • Email: 'If you no longer want to receive these messages, please click the "unsubscribe" button below.'

The US (where the email was sent from and the unsubscribe link goes to) their  Can-Spam Act (heard of that guys) goes like this:

16 C.F.R. part 316, "Definitions and Implementation Under the CAN-SPAM Act; Final Rule" went into effect July 7, 2008 and changed the original CAN-SPAM Act of 2003 by (1) Adding a definition of the term "person"; (2) Modifying the term "sender"; (3) Clarifying that a sender may comply with section 7704(a)(5)(A)(iii) by including a post office box or private mailbox and (4) Clarifying that to submit a valid opt-out request, a recipient cannot be required to pay a fee, provide information other than his or her email address and opt-out preferences, or take any other steps other than sending a reply email message or visiting a single page on an Internet website.

I'd hazard a guess that doesn't include asking a whole lot of questions  - marked with the dreaded *asterisk. Here is Verisign's optout page in facsimile



*  First Name  

*  Last Name     

Organizational Role

*  Email Address


*  Street Address  

*  City  

*  Country


Zip Code  

*  Send Mail Updates

*  Send Email Updates

It wasn't at all clear what the selections meant but I didn't bother with a click because those asterisks were not only illegal but I wasn't going to give any site with a dodgy unsubscribe page a single click.

Now I hold the belief that a reliable and responsible - dare I say 'honest' company would make itself aware of the laws applicable to the way they do business, and that if a company drops the ball in a major way - that is generally an indication of their state of play.

I find it hard to believe that the spotty enforcement of the Spam act didn't influence the designer of Verisign's system but perhaps the task was given to the crew behind the green browser or maybe they just had no email experience.

I'm afraid Verisign haven't inspired me.

In case you've forgotten - I'd be more likely to buy the pills, but I've got a big enough bar already and I don't believe it'll work any better if it's green.


Comments: (2)

John Dring
John Dring - Intel Network Services - Swindon 16 November, 2009, 10:46Be the first to give this comment the thumbs up 0 likes

Funny Dean, liked it.

I too hate those subscribe/unsubscribe/register/install questionaires which 'force' mandatory but irrelevant information.  The trouble is that they hide behind the cloak of 'official-ness' and the threat that you have NO CHOICE if you want to proceed.   The result for me is I provide a whole set of junk input and alter-identity.

Alexander De Lange
Alexander De Lange - Aurelia Financial Consultants cc - Johannesburg 17 November, 2009, 04:11Be the first to give this comment the thumbs up 0 likes

Identify the originating address as junk and let your browser bounce back future mails does it for me!

Member since




More from member

This post is from a series of posts in the group:


A place to share stuff that isn't at all fintec related but is amusing, absurd or scary.

See all

Now hiring