Archive for May, 2009

Two Examples Of How Not To Instill Trust

Wednesday, May 6th, 2009

When offering a service to customers, trust plays a big role in the relationship. One of the questions that any potential customer is asking themselves about a new purchase is “why should I trust you?” Basic copy writing guides always point out that when writing sales copy, the instillation of trust is key. Web sites commonly place logos of reputable organizations or seals from third-party companies responsible for evaluating the trust of companies on their web site.

One service that MicroSoft offers intends to help consumers avoid “phishing” scams, or online scams in which a web site attempts to appear to be another web site in an attempt to steal personal information such as passwords, account numbers, etc. A common version of a “phishing” scam is one in which an e-mail is sent to a potential victim that explains that their account information at some web site needs to be updated. The links in the e-mail send the person to a site that looks an awful lot like the site that the e-mail mentioned, but it is not, and unless the user is savvy enough to glance in the “address” bar of their browser, they may not know that they are not on the correct web site.

To correct this from happening, MicroSoft introduced the “Phishing Filter” to MSIE with the intention of notifying a user that the web site that they are on is not what it actually claims to be. In other words, it alerts you to when one web site is pretending to be another.

Today, I noticed that a web site that I am developing was triggering this phishing filter for some reason. There was no obvious problem that should lead the filter to believe that the web site was pretending to be another, so I filled out the form and decided to check the FAQ on MicroSoft’s Phishing Filter. However, when I tried to access their FAQ, I received the following warning:

MS Phishing Filter FAQ

In other words, the web site “phishingfilter.microsoft.com” is pretending to be “smartscreen.microsoft.com” by using its security certificate.

This service that is supposed to protect me from one web site pretending to be another is itself attempting to use the certificate of another web site.

This does not instill trust! Do not do the exact thing that your service is supposed to be preventing – seems like common sense.

(As an aside, MS responded promptly to my inquiry and resolved the issue with the site that I am developing, the SSL cert issue remains.)

Another example comes from a web site which offers analytics services. The site touts how great their analytics software is, how you can’t be without it, and generally provides all of the marketing pitch that you would expect from such a web site. However, after I checked the source code of the web site I noticed a curious thing:

analytics_fail

The web site that is touting their analytics software uses Google Analytics for its own analytics. I supppose that this is to track their PPC advertising campaigns, if their own analytics is unable to track this information, but it does seem strange.

This does not instill trust! Don’t use a competitor’s product in your own sales pitch – don’t let a customer see you driving a Toyota to your job at the Chevy dealer as a sales representative. 😉

In and of themselves, these two examples are really no big deal and do not represent any major problems or flaws, however, they are enough to cause me (the potential customer/user) to doubt the services that both of the companies in these examples were offering.