Internet identity theft, phishing, and scamming had all been headaches of the average computer users. I remember those days when Yahoo! still did not have a spam filter. It was also so easy to prank people by enrolling their e-mail addresses to lewd mailing lists. Imagine receiving 1500 new e-mails daily from your friendly neighborhood bestial porn site.

Anti-viruses, spam filters, and secure log-in policies had eased several of the burdens from the average user. However, these security options are just as good as fruitcake from last Christmas’ gift-giving brouhaha. Phishers and crackers are becoming more and more creative in their approaches to their malicious activities.

I am all for stricter policies on web-based accounts as I rely on them a great deal for my personal interactions with other entities. I do have some very personal e-mails stored in my mailboxes and I do not want them to get circulated just because Yahoo! or Google had a lapse in security.

However, security has its own price. Imagine that your office implements a new security system that requires you to flash an IR identification, have a biometric fingerprint scan, and retina scan just to enter the company washroom. And you just had a bad case of been burrito. Haha.

Much like Linux vs. Windows debate as to which is more secure. Hands down Linux bitchslaps Windows’ vulnerable kernel in terms of stability and virus threats are the least of your worries in Linux. However, shifting to Linux technology demands some re-learning and it is quite generally accepted that despite the GNOME interfaces of Linux, people just seem to be more comfortable with Windows.

What I am driving at is there should be a balance between policy and user-friendliness.

Personally, I hate those human-checker protocols when I can barely decipher those alphanumeric gibberish. Sure, they provide a real layer of protection from bots and make work tedious for brute forcers who use the webpage’s interface (pretty dumb for a cracker) but I refuse to be threatened by my own e-mail account especially when “1″ looks like “l” and a capital “i” all swirled like they just got flushed down the toilet. Learning leetspeak becomes a prerequisite to accessing my own e-mail!

The latest threats with Yahoo! users are those mimicking Yahoo! websites. I encountered several of these through. After obtaining Yahoo! IDs and paswords from victims, the phishers would use these to send bogus messages via Yahoo! Messenger to repeat the vicious cycle.

Yahoo!’s latest security fix is quite interesting with the use of personalized “sign-in seals.” If users cannot see their sign-in seals then they probably are in phishing sites.

I admire Yahoo!’s effort but I guess this is after thousands have already been victimized by phishers. They should have released disclaimers and announcements upon initial encounters with rampant bogus accounts.

Either way, I have been preferring my Gmail account since I love their inbox space and efficient handling of mail. I still use my Yahoo! accounts though and I appreciate Yahoo!’s move.

Check out these other posts:

1. Yahoo! is still bringing it on with Mail Beta
2. Playing catchup with the big G, or in reverse?
3. Paranoid security
4. Identity theft and call centers
5. Keeping it real: blogs and identity theft