Phishing for Brand Value

Imagine you went down to your local bank, the one just around the corner, to discuss retirement plans. Imagine you did so because you’d been receiving letters from your bank manager for the past 21 years. He’s a great guy. He knows you and your family’s finances better than you do yourself.

I agree — let’s stop right there. It’s too far-fetched. I can’t imagine it, either.

First of all, you probably never receive real letters from your bank anymore. Second, there’s no longer a bank just around the corner. Third, your bank manager has evaporated and been supplanted by a call center. That call center makes anonymity into a fine art by adding that special, impersonal touch. Every time you call and put in the requisite time on hold, you eventually speak with some new person who deals inadequately with your apparently stupid questions and who ensures everything you discuss is forgotten the minute you hang up.

OK, that’s over the top. But not by much. Back to the point: branding.

Recently, I received an email from Citibank. It said the bank was updating my client data and asking me to help it do this. Not unusual. I receive such automatic business card update requests almost daily. Being skeptical, I checked out the Citibank email carefully. It seemed perfectly OK. So was the email address, the sender, and the link to the Web site.

In the good old brick-and-mortar world, even in the old click-and-mortar one, you’d know if an email was authentic or not. You’d at least have known the person sending it. If you weren’t certain, you’d have called that person at the bank. Let’s be frank. The bank would never have sent an email. It’d have sent a real letter. A fake one would have been easy to spot, and you’d be unlikely to pass on your confidential data to some unscrupulous charlatan.

Alas, this is no longer the case. The only way I could ascertain whether the email was from a genuine sender or not was to judge its looks. Thank heavens I didn’t comply and reply with all my details, because this email was, of course, an example of brand phishing.

Spammers employ this technique by assuming an identity to extract valuable data from unsuspecting consumers. They then hack into victims’ bank or credit card accounts to transfer money to their own accounts.

So how would I know if this email was genuine? I put this question to a top programmer who confirmed there’s no way to really know whether an email message is authentic. Major financial institutions outsource their direct email to vendors. Most bear names consumers have never heard of. Sure, the address might look right, but who knows about the sender?

This leads to the issue of superficiality. As things stand right now, most consumers base their assumptions of credibility and authenticity on an email’s looks and logo.

Phishing is the fastest-growing scam in the world. It’s made possible because of a small, but crucial, fact: We’ve taught consumers to evaluate brands simply on looks alone, the superficial image. We’ve forgotten the value of the handshake, eye contact, branch offices, real letters, and real addresses. We’ve systematically denuded brands of authenticity, left them with no protective features, and made them vulnerable to brand phishers in the process.

New technologies will solve the problem, and new scams will emerge to replace this one. One thing’s certain: Online fraud and scams will never disappear. We must strive to communicate what our brands stand for without compromising authenticity in the interests of cost savings. That’s difficult to achieve.

If, for example, the branch office was your brand’s real point of differentiation, don’t get rid of it. Think how Starbucks has made its cafés its real point of identity, with those couches and comfy chairs. If having a real name on your email and real people on the phone differentiates your brand, stay that way.

You might very well save money in the short term by cutting everything down to a logo. Consider whether it’s worth it in the long run.

I often dream of the good old days, when I knew my bank manager. If I’m ever contacted by a bank that promises the personal, face-to-face scenario described above, I’ll happily open an account — even if I have to write them letters rather than email.

Join us at ClickZ’s upcoming AdForum and at Search Engine Strategies.

Vote for your favorite product or campaign from July 20 through close of business August 2.

Related reading