GS Logo
The Green Sheet, Inc

Please Log in

A Thing
View Archives

View PDF of this issue

Care to Share?

Table of Contents

Lead Story

Diversification versus specialization: Which is better?


Industry Update

NetBank bubble bursts over mortgage loans

Feds propose rules on Internet gambling

Merchants give Congress their take on interchange

Kinks at the QSR drive-thru

Is the PCI DSS pie in the sky? The NRF's Hogan wants to know

Ontario nixes 'use it or lose it' gift cards


The skinny on trade associations

U.K. banks push contactless tech, despite consumer demand for cash

Ron Delnevo
Bank Machine Ltd.


The assault on interchange widens

Patti Murphy
The Takoma Group

Coping with the credit crunch

Biff Matthews
CardWare International

Clich├ęs, monsters and a dog named Spot


Street SmartsSM:
Next stop: Tradeshows

Dee Karawadra
Impact PaySystem

Using e-mail effectively: Managing lists

Nancy Drexler
Marketing Moguls

Don't let security slide

Steve Schwimmer
Renaissance Merchant Services

PCI DSS implementation: A concise review

Robert Heinrich
Alpha Card Services Inc.

Dam spam with secure e-mail

Michael Petitti

The next ISO widow could be yours

Adam Atlas
Attorney at Law

Company Profile

Comstar Interactive

New Products

PIN protection for online purchases

PIN Debit Service
ATM Direct

A payment plug-in quick as a hare

Skipjack Payment Plug-in
Skipjack Financial Services, Inc.


Optimism is an inside job





Resource Guide


A Bigger Thing

The Green Sheet Online Edition

October 22, 2007  •  Issue 07:10:02

previous next

Dam spam with secure e-mail

By Michael Petitti

You are sitting at your desk when you hear a bell indicating an e-mail has landed in your inbox. It could be a note you've been waiting for all day or a new client, perhaps. But instead, the document looks something like this:

In the beginning, the appearance of these exhortations in your inbox was a minor annoyance. But when the amount of junk mail received daily tripled in size, it became a battle.

According to a study by Spam Filter Review, 40% of all e-mail in 2006 was considered unsolicited. At a business with 1,000 employees, 2.1 million spam e-mails are received annually. In 2001, spam merely trickled, constituting 5% of all e-mail. Now, we're submerged.

The continued increase in spam volume presents an opportunity for you, as enterprising ISOs and merchant level salespeople, to understand that security will, if it hasn't already, become the No. 1 priority for merchants who accept payment cards.

Reselling a secure e-mail service that scans for spam and associated malware will expand your offerings to include a solution to a problem experienced by every merchant, every day.

It will also distinguish them as a trusted entity that understands data security concerns and productivity issues. Every person receives some e-mail spam.

With e-mail being the preferred method of communication in today's business world, spam is ubiquitous and hinders productivity everywhere - if only because of the time it takes to determine a message is unsolicited and delete it.

But that's only the beginning. Spam clogs cable, slowing network traffic and possibly overwhelming an e-mail server until it is forced out of service.

Threat levels heighten

Spam serves as a hackers' courier for delivery of viruses, worms and other malware that are ever more cleverly disguised. These programs can commandeer a machine, allowing a user to send commands to the computer from a remote location.

These computers are referred to as zombies, and a network of them can send millions of e-mails in a short amount of time without the computer owner's knowledge.

Malware can also lead to the theft of cardholder data from a merchant's network. In Trustwave's investigations of more than 325 cases of payment card compromise, it finds malware is the most common method by which a hacker gains access to a merchant's payment system to steal cardholder data.

Keep in mind the vast majority of these cases occur with merchants whose only acceptance of credit cards occurs in a card present environment.

Make security a priority

As has been emphasized throughout this series of columns, the threat of payment card compromise and mitigation efforts such as the Payment Card Industry (PCI) Data Security Standard (DSS) are having a profound effect on the payments industry.

More and more merchants are learning about protecting cardholder data and complying with the PCI DSS.

As a result, merchants have more security-related questions. They are beginning to demand solutions designed with data protection in mind and offering associated data security services and products.

Reselling Unified Threat Management (UTM) appliances and Extended Validation (EV) SSL certificates is helpful.

To offer merchants a cost-effective solution to spam's onslaught, you can resell a secure e-mail solution designed with the payments industry's requirements in mind.

This can both widen your revenue stream and show merchants that you truly keep their needs in mind.

E-mail security technologies on the market help combat spam and associated threats in a number of ways.

First, these solutions ensure that every message sent to an organization is clean before it enters the network to ensure that the protected network isn't bogged down with e-mail.

In addition, users of these solutions can rest easy knowing their network is protected from viruses, worms or other malware that could lead to a breach of their payment system.

Michael Petitti is Chief Marketing Officer of Trustwave and is responsible for all of the company's marketing initiatives. He serves on the Merchant Risk Council's board of advisers and on The Green Sheet Inc. Advisory Board. Call him at 312-873-7291 or e-mail him at

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | Simpay | USAePay | Impact Paysystems | Board Studios