The Web For Blog

Internet marketing observations, perspectives, tips and tricks for your education and enlightenment.

Looking for Gold in the Junk Folder

Mark Kawabe - Monday, April 23, 2018

Junk email coming in.Technology's supposed to make our lives easier. I think by now, most people will have noticed that while tech is good, it's not flawless. A case in point: the junk mail folder.

As spam detection technology has improved over the years, most people have seen a noticeable decline in the amount of junk mail that hits their inbox. Spammers know this and they do their best to get around spam filters. It's a bit of an arms race, and it's not victimless. Myriad legitimate emails still get filtered every day because the technology in use varies from recipient to recipient. Between mail server filters and then one's own computer's email filters, there are myriad ways for messages to get sucked into the vortex of the junk email folder.

I bet most people don't check their junk message folders often. Certainly not daily. I currently have 322 messages in my junk mail folder. While most of them are definitely junk, there were 30+ messages that were legitimate, including one with an invoice attached. (Sorry Jennifer - payment is forthcoming!) Some messages were from a regional Chamber of Commerce and a software company I'm a customer of. Others were from community organizations and some administrative type emails auto-generated by WordPress websites I manage. All legitimate, yet all filtered by my local email software (Microsoft Outlook).

As a sender of email, you probably have a reasonable expectation that your email will make it to your intended recipient. After all, you're a legitimate business person with a perfectly valid reason to be contacting someone. Yet Gmail doesn't know that. Neither does Yahoo, Microsoft, or the thousands of other email providers out there. What they see is only on a technical level, and sometimes those systems flag legitimate messages. These are referred to as "false positives".

Mail server filtering can mean your message never even makes it to the desktop of your intended recipient. They'll never know they missed something from you, unless you get in touch with them in some other way to ask. It seems silly to have to do that, but if you don't hear back from someone regarding an email you sent, it's a reasonable thing to do. Don't assume they're just ignoring you. They might not even know you're trying to reach them.

Of course, it's possible for messages to be diverted to a person's junk folder as well, which means they'll probably not see it for days at best unless they're one of those rare people who checks regularly. Unfortunately, I think it will always be necessary to have a look in the junk mail folder on a daily basis to make sure our technology didn't flag something as a false positive. Here's a positive thought though. When you find a false positive, you can train your email software to not treat future mailings from that sender as junk. You can create a rule to filter the message into a specific folder, or if your email software has a junk mail setting, you can tell it to always trust messages from that sender.

When you do this, you're essentially creating a "whitelist" of trusted email addresses or domains that you want to receive email messages from. If junk messages make it to your inbox, you can also flag them as spam, creating a "blacklist" of email addresses and domains to filter out or delete. You can also talk to your IT department to do the same with the mail server filters so legitimate messages from customers don't get blocked. 

In short, I don't think technology is yet at the point where we can completely trust it to never filter a legitimate email message into the junk folder. As my supplier will note, her email and invoice to me hasn't yet been paid, so being blocked can be costly. There's also a potential cost to customer relationships when email transmissions aren't flowing smoothly. Most of the spam is spam, but there could be gold in your junk folder so it pays to check it regularly.

Back to Basics

Mark Kawabe - Tuesday, April 03, 2018

Computer basics of security and backups.If you use a computer as part of your business, this post is for you.

What would happen to your business if your computer(s) were unavailable to you for a day, or two, or twenty?

This morning, I received a document from a customer by email. I clicked on it, then realized that it probably wasn't legitimate. That was not wise. It was a bad decision. I knew better, and I didn't apply my knowledge appropriately. Human error - happens all the time.

Upon this realization, I stopped everything. I shut down all running programs, made sure my anti-virus was up to date, set it to run a boot-level scan and restarted my computer. It's been running all morning so far, which means my primary computer is unavailable.

Fingers crossed, I'm hoping I didn't unleash some technical monster on my computer. However, anything's possible, and that got me thinking about my system's security and backups. Here are a few thoughts we can all ponder and a few actions we can take.

Have Up To Date and Always On Antivirus Software

I run Avast Pro anti-virus. It's always on, as it should be. My computer's on 24/7, so the anti-virus should be going as well. There are lots of anti-virus software vendors out there and I'm no expert on all of them but I bring this point up because you SHOULD be running anti-virus software on your system. Period. No excuses. I'm pretty sure Avast scanned the document attached to the email I received from my customer, but I'm doing an additional scan just in case. Really, I should know this stuff better, so let my lack of attention be a reminder to you: if you don't know if you have anti-virus software running on your computer, find out. Install it if necessary. Run it manually on any attachment you receive if you're not sure it did the scan automatically.

Have a Working, Off-site Backup

Where are your business-critical files stored? How about the software you need to run your business? What would the consequences be if nothing was available? Every business that uses computers needs a reliable and safe backup. If all your important data files are on one computer, you're incredibly vulnerable should something go awry. Do you have backups that are stored locally? Same problem - you're still vulnerable. A fire, flood, act of nature like a hurricane or tornado means you can still lose everything. Your best bet is to have a backup stored off-site. If you're not a fan of "the cloud", then have a physical backup of some sort that is stored securely away from your place of business. A hard drive or backup tape stored in a bank's safety deposit box might be a solution that can work for you. If your business is larger and has multiple locations, then having backups at different locations is an option for you as well. Oh, and if you're using specialized software for your backups, make sure you have a working copy of that software somewhere so you can recover your data.

Where Are Your Passwords?

Do you have a list of passwords stored on your computer? What happens if that file is inaccessible? Using an online password management software (I use LastPass), is a convenient and safe way to manage a lot of passwords. It's off-site, encrypted, and secure. There's only one password I need to remember to access all my passwords, and that master password is also physically held securely elsewhere in case I am seriously injured or killed. 

My Computer Industry Friends Are Rolling Their Eyes

Every time I get together with computer technicians I am treated to their horror stories. Often, the problems could have easily been avoided or the effects mitigated by taking care of security, backups, and password management. For a small business owner, the cost of setting up proper backups and security is probably going to cost less than $1000. It's a pittance when you compare it to the cost and stress of dealing with a data loss.

The Same Applies to Your Website

Think your website's immune to problems? Think again. There's always the potential for your host to have a server failure, or for a hacker to ruin your site, or for a regular update to break functionality. You should always have a backup of your website. Period. When you have a backup, you can always restore your site, or move it to another host if the issues are really serious. It is YOUR responsibility to have a backup of your site. Sure, you can go running to your host or your developer if something goes awry, but you should always make sure you maintain your own backups.

Reduce Human Error

Hacks usually happen because of human error. Opening an infected file can lead to all sorts of problems. Sometimes bad emails get through the best technical filters, leaving the final filter - the human mind - to deal with the situation. Educate yourself, your staff, your customers, friends and family about how to respond when faced with questionable emails. Read up on "social engineering" as it pertains to security. It's fascinating stuff.

I've spent all morning watching my computer run an anti-virus scan. Everything will probably be fine. Fingers crossed. However, since I made a mistake, I thought I'd use this event as a "teachable moment" and take the opportunity to remind you of some of the basics of computer security. If even one person takes action as a result of this post, it'll be worth it.