Each week we receive calls from users who report not receiving e-mail from people. Often this is a very simple change of settings, other times you will need your e-mail provider’s help.

Here are some things you can do to resolve this problem for our top two reasons of not being able to receive e-mail.

1.        “My friends say they emailed me, but I just never got it. They didn’t get any error messages either.”

The most common cause of not receiving mail from your friends or family is filter settings.  Windows Live Hotmail offers several methods for users to set receiving rules for their inbox. 

·         Check your junk e-mail filter and blocked sender list  

·         Set the junk e-mail filtering level

·         Block or allow messages from specific senders and domains

·         Filter incoming messages

2.       “My friends are saying that they get an error message saying permanent failure when they send to me.”

Occasionally, when an email service provider sets up new servers, our network doesn’t yet know them. The addresses of the servers are as unknown to our network as one that would be created by a spam robot. Brand new providers may not be aware of our requirements for senders and our filter incorrectly recognizes them as spam. This can even happen to established providers in some unique cases. If someone who sends email to you, receives the message below, saying that there is a permanent failure, first check with your friend to be sure that they have the correct address. If so, and the problem persists, have your friend submit the error message to their email provider’s support channel.

Here is an example of the message that your friend would see:

PERM_FAILURE: [Your Friend’s Email Provider] tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 550 550 SC-001 Mail rejected by Windows Live Hotmail for policy reasons. Reasons for rejection may be related to content with spam-like characteristics or IP/domain reputation problems. If you are not an email/network admin please contact your E-mail/Internet Service Provider for help. Email/network admins, please visit http://postmaster.live.com for email delivery information and support (state 13).

If the information above doesn’t help address your specific situation, please contact customer support.

Identity protection is one of the most important considerations in today’s society. At every corner, you are asked to give your email, mailing, web site address, or even more personal information. According to the Javelin Strategy and Research February 2007 Identity Fraud Report, 8.4 million people had their identity stolen in 2007. This is big business that the study shows costs each victim an average of $5,720.

Understand how phishing works by reading this example story of a phisher.

Phish – (MSN Encarta - commit fraud to get financial information: to trick somebody into providing bank or credit-card information by sending a fraudulent e-mail purporting to be from a bank, Internet provider, etc. asking for verification of an account number or password)

A day in the life of a Phisher

Evil Ed sits in his easy chair with his laptop, watching TV. He’s doing web searches on names that he found from various Internet forums and chat rooms.  Ed has written a computer program to read these sites and gather names and email addresses. The program puts these names into a file on his computer.

Ed loves his house. Everything in it was bought and paid for by someone else. He grins as he begins the day’s work.  First, he calls a contact that is looking for email addresses.  Ed has just finished creating the list of new emails his program found that week.  His database now has over 40 million unique addresses.

After agreeing on a price for the complete list, Ed hangs up the phone and begins his real money maker; stealing people’s identity. Ed has another computer program that takes all the names it found with the email addresses and sends them through all the search engines he can find. When the search returns numbers or words like “street”, “avenue”, or a city, it catalogs those to a smaller file.

It’s here that the work begins. First, Ed cross references the information he finds in Internet white pages with any public records that are available, such as deeds, death notices, or marriage licenses. When he finds connections, those people can expect to have their cell phone companies, Internet Service Providers, and any other discoverable business relationship phished.

Ed calls a dating site he found and presents himself as innocent@somedomain.com. “Here’s my address I used to sign up for an account. What are the last four digits of my credit card? Hmmm, well I know I used a few different ones during that time, I think it was a Visa®?” The agent, trying to be helpful answers yes, no, or provides a helpful hint, “No, it was a MasterCard®.” Ed hangs up the phone.

He immediately calls back and now phishes for the last four digits of the MasterCard®. This is called social engineering and you can see where this goes.  How about the people that didn’t have any connections to  accounts or other information?  Well, Ed still has the email address and the web site it was found on, as well as the email provider (e.g. Hotmail, Yahoo, Gmail, etc). Ed now creates an email that looks exactly like it is from that provider. The email tells the user that their account is expiring, in violation, or needs more information. Click this link now to save this account! Each person that clicks that link, and enters that information, has now been caught in the phishing net.

Ed ends his day by heading out to the mailbox. It’s about 3:30 in the afternoon now. He hopes that the letter from his cousin Andy has arrived. Andy works in a refreshment booth at one of the many tourist attractions in his area. Every month, Andy mails Ed a list of credit card numbers and names that he has copied into his notebook. He gets these numbers from people paying for their food and drinks.

Ed chuckles to himself; just because the Internet Age is here, why ignore the original methods of identity theft?

You can protect yourself – here’s how:

Never post any personal information in an Internet forum, chat room, or blog. Doing this allows programs like the one described above to harvest and use it for other reasons. This can be anywhere from full blown identity theft to using your email address as the “From” address in their spam; most likely getting your account closed by your email provider in the process.

Search on yourself. Go out to search engines like Microsoft Live Search and enter your name in the search box. You may be surprised by the results. Something as innocent as being listed in the phone book can get you listed on the Internet. Each data provider has different methods that you must take to remove the information, if you choose to do so.

Enroll in an identity protection program. Today, every credit card, mortgage, or other lender offers some type of identity protection program. Do your homework and find the one that monitors all three major credit reporting agencies: Experian, Equifax, and TransUnion, and which fits in your budget. A good service will send you a proactive report each quarter. The higher-end services offer real time alerts to your phone or email. You should only need one program for all of your accounts.

Change your account information. Changing your password is not enough. You must also change your secret questions and it is recommended that you also change other information. Maybe change your house phone to your cell phone or your house address to your mother’s address. Not every account warrants the same change, but your critical ones do. Put up as many barriers to social engineering phishes as possible.

Ensure you are running virus protection, malware protection, and a firewall. Ensure that they are all current with updates. Although this is now becoming a truth along the lines of you should look both ways before crossing a street, I cannot stress enough the importance of this item. In my days as an independent consultant, I worked with many clients and businesses that could have saved both time and money, in the case of my bill and their lost work, if they had only installed and turned on their security software. Microsoft offers products like Windows Defender and Windows Live OneCare that together offer a unified platform for users wanting to protect their personal information and computer systems.

Don’t let your ATM/credit card out of your sight. This one isn’t easy sometimes, especially in restaurants, but do you best to maintain visual contact with your ATM/credit card at all times. The news of the day is all the online identity theft. That is because the traditional method of manually stealing names and numbers through garbage sifting and unethical service employees is old hat. If your card leaves your sight, be diligent about reviewing your statement. Shred all personal documents, such as account statements, pill bottle labels, and even the pre-approved credit offers, when you discard them.

Own your information. Many people do not realize that they own their personal information. Even more people do not exercise that right. Each pre-approved credit offer is a check on your credit score. Each time you list in your local phonebook’s white pages, you also list in their online directories. The way to maintain and control this information is different in each case. Some are tedious, like removing yourself from all pre-approval lists after buying a new home, to others which are much simpler, like merely submitting a request to the company. At Microsoft, privacy is one of our top concerns and we have a very strict privacy policy. Every employee at Microsoft must complete a privacy training course annually.

In closing…

The scope and prevalence of this crime is that we must protect ourselves and our family. Law enforcement agencies the world over are understaffed and overworked in trying to shut down identity theft rings. Be safe and be sure.  Be the one who is protecting your identity.

Until the next time…

-s

Resources

·         Microsoft Security at Home – Ways to keep your family's online experience safe and enjoyable: http://www.microsoft.com/protect/default.mspx

·         Federal Trade Commission – Latest regulatory information, studies, and legislation: http://www.ftc.gov

·         Snopes.com – Debunking of urban legends: http://www.snopes.com

·         Authentication and Online Trust Alliance – Consortium of email senders, providers, and support leaders committed to the Internet trust ecosystem: http://www.aotalliance.org

·         Messaging Anti-Abuse Working Group – Global organization focusing on preserving electronic messaging from online exploits and abuse with the goal of enhancing user trust and confidence, while ensuring the deliverability of legitimate messages: http://www.maawg.org/home/