DMGReal World Spam Filtering
I'll spare you the rant. The nutshell is that since my credit card number was stolen back in August, I've received communications from several companies wishing to update my billing information. (I thought I'd updated everything, but a couple things fell through the cracks.)
Most companies handled the glitch with courtesy and efficiency. However, there have been two that completely dropped the ball. They left voicemail messages or letters in my mailbox that gave absolutely zero information about who they were or why they thought I owed them money. Typically, it would just say, "Hi, this is Member Solutions. Please call us immediately to give us your credit card number."
The messages and notes looked so convincingly like phishing attempts that the only reason I called back at all is because I knew what it was probably about.
Bottom line: the legitimate stuff now looks like phishing. And the phishers are getting more and more adept at looking legit. This nothing but bad.
We have two problems: First, some companies are too lazy to communicate well. Nothing to be done about that.
More troubling: I haven't seen a good recommendation for some kind of handshake protocol for communications initiated by people who want money from me. How do they prove they're legit without risking giving away my private information? I just insisted that they tell me what they were billing me for, what the ammount was, and my old (canceled) credit card number. If they have all that, I figure they're probably okay. So far, so good.