-------- Original Message --------
From: Bill Stewart <bill.stewart@pobox.com>
> On 10 Dec 2003 at 15:19, Nostradumbass@SAFe-mail.net wrote:
>  > E-gold and other DGCs do not do much if any due diligence in
>  > checking account holder identification
> 
> Unfortunately, they also don't due much if any due diligence in
> identifying themselves in messages to real or potential customers,
> so it's extremely difficult to determine if I've gotten any
> administrative messages that really _were_ from them
> as opposed to the N fraudsters sending out mail asking you to
- > log in to e-g0ld.com or whatever fake page lets them steal
> your egold account number and password so they can drain your balance.

Actually they do.  Sort of at http://www.e-gold.com/unsecure/alert.html
- Never click hypertext links in HTML formatted e-mail to access your account. 
- Confirm that you are on the e-gold website before entering your e-gold passphrase into either a logon form or a payment authorization form (see note below about e-gold shopping cart interface): 
- Verify the address/location/URL starts with: https://www.e-gold.com/ 
- Verify that the site certificate is issued by VeriSign to www.e-gold.com 

> 
> A policy of PGP-signing all their messages using a key
> that's published on their web pages would be a good start,
> though it's still possible to trick some fraction of people
> into accepting the wrong keys.  

Too few customers would know what to do with such a key.

>For now, my basic assumption
> is that any communications I receive that purport to be from them
> are a fraud, and it's frustrating that there's no good mechanism
> for reporting that to e-gold.

They know about most of the fraudulent emails circulating. They don't want to hear about them from customers because it would exhaust what customer service resources they have.  

I have never received an email from e-gold following my account creation confirmation and I beleive its their policy not to send emails for just this reason.