robo phone phishing

November 28th, 2014

3rd robo phishing call in as many days.
Today it spoofed my own number as it’s caller ID
and pretended to be AT&T. Telling me to enter
the last 4 of my social. Their scheme was that
my account had been “flagged”. Entering
false four digits prompted in a “flag has been removed”
message. So that people easier forget. I wonder what
people want to do with the combination of my
phone number and the last 4 of my social.

It is frightening to think that they might a have a success
rate in the double digit percentages with this scheme.

TM-Edition Trademark Scam

October 12th, 2012

One of the “benefits” of having a registered trademarks is that scamers will try to make a quick buck.

TM-Edition Ltd.
Széchenyi t&eacuter 17.
2000 Szentendre
HU
	
Bank: MKB Bank Zrt.
SWIFT: MKKB HU HB
IBAN: HU57 1030 003 1056 3675 4902 0011

just tried this, trying to charge 1650 USD for “registration costs”

Sadly such scams must work often enough that it is worth somebodies while.

I think there should be severe punishments for this kind of behaviors. Allot of energy goes into nowhere for such scams.

For every dollar these idiots make they cost the world hundreds. And they contribute zero.

amazing

August 11th, 2009

in my mail there was a letter fake seal and everything. Looked very official. Total rip off. On the envelope it said:


BUSINESS FILINGS DIVISION
980 NINTH ST. 16th FL
SACRAMENTO, CA 95814
--------------------------------
BUSINESS MAIL - IMPORTANT NOTICE ENCLOSED
THIS IS NOT A GOVERNMENT DOCUMENT

When scanning over this I read the first line and then in the lower right the two words “GOVERNMENT DOCUMENT”. They offer an unneeded service for $239 that would have a ‘penalty’ of $250 in a weeks time. Since I overlooked the “NOT” I actually put this on to the todo stack. Of course their business model is very pre-internet. Google works faster than this one can set up new addresses and contact info.

I find it interesting that I almost fell for it.

It is hard to believe, but somewhere out there must be a person who feels good about running this kind of enterprise. They took great care in everything. A lawyer must have looked over it. This kind of things takes allot of work to set up. All these efforts for something that only has one purpose: moving money into the pockets of the initiator. There is nothing being offered in return. I wonder what a day in the office looks like for people who do this kind of thing.

when marketing turns into propaganda

June 18th, 2009

I am developing some exciting new features for INTERDUBS. I made the mistake of not testing the code I wrote for 3 days in Internet Explorer. When I check it again I realize that this cock-sucker of a browser just quits. So I had to roll through three days of changes to find out what exactly made this piece of shit simply quit. No warning, no indication. Nothing. Just fucking ended displaying the page. 6 other browsers were fine, and had been during those three days of development. There were no warnings, no hints of something causing a problem. Nothing. Turns out that a simple

made the ‘thing’ puke. This wasn’t the first time that working around Internet Explorer took almost as long as doing the actual work. Internet Explorer is just horrible and bad. Later version might be better. But overall Internet Explorer is a waste of time.

This would not be worth the ramble. It has been like this for a long time. But Microsoft has the audacity to put out a page like
this. Here it feels that IE8 is just awesome. Indeed it is much better than Firefox.

Which is pointing to a bigger problem: Somehow people started to believe that in marketing everything goes. They believe that it is OK to blatantly lie about things. The bigger the better. I don’t know where that comes from. But it is rampant. A competing company to INTERDUBS inflates the client count by roughly 200% on their public site. They don’t deliver the slightest proof for that number. Their web site looks very pretty. But it is still emitting something that is outside of the truth. And somehow that is supposed to be OK.

I think it is a problem. Not so much on their end. I can understand that they try to get away with as much exaggeration than possible. The problem is us: We let an administration get away with getting into a war over weapons of mass destruction. When there were not any, somehow nobody ever cared to follow up on that. So if nobody gets in trouble for sending the country into war for the wrong reasons, what could be so wrong in tripling your client count? What is so wrong on Microsofts end to claim that IE8 is more secure than Firefox? I personally think it is a miss-conception that something really great can be built on skewed facts. Maybe that competitor hopes to reach that claimed count one day and therefor make their lie less wrong. Problem is, that during the process they lost all credibility. Internally and externally.

Truth is a tricky thing. It will show up. Always did, and always will. Everything else is just a detour. Microsoft will learn that too.

how easy was that!

January 12th, 2009

While trailing the log files this messages showed up:


Jan 12 16:49:13 andreaswacker vsftpd(pam_unix)[20094]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=74.141.98.100

turns out some bot/script etc from 74.141.98.100 was trying to find an ftp user with a stupid name. Would have had no luck, but I don’t like my log files to be cluttered. So it turned out that a simple


iptables -I INPUT -s 74.141.98.100 -j DROP

blocks that IP address from now on. Nice. I think I will use that often now. There are lots of misconfigured systems out there. Like that Windows 98 computer in the philipines downloading the same file 5000 times yesterday. Thank you iptables.

“BOARD OF BUSINESS COMPLIANCE” scams don’t work while the Internet is there

November 14th, 2008

I got an officially looking letter from the “Board of Business complicance” asking $125 ‘due now’. I was about to ask my Tax people about this. But then it turned out that entering it in google already fixes the issue. Just by reading the excerpt made it cleart this is a scam. 30 seconds later I found a concise legal summary about this scam citing California Corporations Code Sec. 1500 600, 9510.

Done. Scam attempt goes in the shredder. The upside is how fast this did go. How effortless scamers can be dwarfed. Still bad that people can be in business ripping people off.

spam costs money

February 14th, 2008

In the past gmail has been good with spam filtering. Just now I checked up on a prospect. It turned out that he felt I was interested in his business, since I did not reply to his emails. They were in the gmail spam folder. Nothing special about them. Sadly you can not search the spam folder. Spammers never made a single cent with me. But they cost me and everybody else money. When I was looking at the last 3,000 spam mails I got (2 days) it seems that they peddle only a few items. I am sure that most of the spam tries to benefit just a couple of business. How about somebody going over there to these people and kind of make then reconsider the business attitude?

fighting terror, sans SSL

January 14th, 2008

the small chronies (50K in tax money wasted for this site) get caught

Actually those monkeys at Desyne kick out a 403 to me, since my IP is not one that is in the US. How pathetic.

I would have not missed much. Just verbage like:


Our clients range from global Fortune 100 corporations to local retailers. They all, however, share one thing in common: an absolute commitment to a strategic marketing approach wrapped around a comprehensive web-based technology capability. It's a formula for success we have delivered to more than 1000 clients since our founding in 1996.

Awesome that they all share “an absolute commitment to a strategic marketing approach wrapped around a comprehensive web-based technology capability”.
That evokes strong mental images. No, really.

use HTML code in Wikimedia

January 12th, 2008

since it is pretty tricky to google for, here the wonderful scary as hell wikimedia addition that lets you add raw html code in your pages:
[make sure to read the end of this post]


< ?php
# RawHtml.php - raw HTML extension
#
# Defines the tag pair .
# Sends the content out without any processing.
#
# To use, include this file into your LocalSettings.php
# To configure, set members of $wgRawHtml after the inclusion.
#
# include ‘RawHtml.php’;
#
# $wgRawHtml = array(’JoeUser’, ‘JoeUserBot’)
#
# Adapted from code by Jan Steinman

class raw_html_settings { };

$wgRawHtml = new raw_html_settings;
$wgExtensionFunctions[] = ‘wf_raw_html_ext’;

function wf_raw_html_ext() {

global $wgParser;

$wgParser->setHook(’RawHtml’, ‘render_raw_html’);
}

function render_raw_html($raw_html_src, $style='’) {

return $raw_html_src;
}
?>

found here.

It really is easy to use: Just add the file as RawHtml.php and then add in the end of LocalSettings.php the following lines:


include 'RawHtml.php';
$wgRawHtml = array('user-name-to-use-this-goes-here' , 'this-would-be-a-second-one');

It turns out that the user names get absolutely ignored. So actually this is really dangerous to do, since ANYBODY that can edit the wiki can also insert any html code. Which is ok in a non public wiki, but NOT out there on those internets.

So the code above is plain malware: A bot could crawl the sources of wikis and could insert any html that might please in those pages. Allot of harm can be done that way.

For a decent explaination how to add your own addition look here

I ended up boiling up a couple of probably horrible php lines myself:


?php
#mimg.php
#insert image in wikimedia pages.
#to use add code like:

#/path/to/image.png

#please note that I have no freaking clue what I am doing.

#this will only work with local links to images, since all
#characters apart from numbers, letters slash and dot will be filtered when rendered
#to install save this in a file and include in LocalSettings.php

class mimgclass { };

$mimgo = new mimgclass;
$wgExtensionFunctions[] = ‘installmimg’;

function installmimg() {
global $wgParser;
$wgParser->setHook(’mimg’, ‘mrender_mimg’);
}

function mrender_mimg($mimg, $style='’) {
$mimg = preg_replace (’/[^a-zA-Z0-9\/\.]/’ ,”",$mimg);
return ““;
}
?>

40 months later

October 27th, 2007

In June of 04 I found and read Grubers “Broken Windows” post. Found it via blogsNow, and finding that post alone made writing the tool worthwhile. Gruber explains logically why Mac’s are without malware and PCs are not. Reading it today it still makes sense.

Back in the day the most prominent argument against this was market share: People claimed that there were simply not enough macs around to be attractive for viruses. Since Gruber’s post mac sales have almost trippled. And they have switched to the same CPUs that Windows runs on. Number of Mac viruses? Zero. Still. Not even a single one.

Back in the summer of 04 Apple shares did cost 15 US$, now they are 185 US$. Sure, there is the iPod and the iPhone. But even without that Apple would not look that shabby.

I actually makes me happy that the ‘broken windows’ post holds up. It’s hard to decide if it’s the pointless yet human pride to have been right. Or the happyness about forty month of right decissions based on the right theory. I am sure I save allot of time during those forty month in that I was not battling malware on my laptops.

permanently damaged software???

September 25th, 2007


“Apple has discovered that many of the unauthorized iPhone unlocking programs available on the Internet cause irreparable damage to the iPhone’s software, which will likely result in the modified iPhone becoming permanently inoperable when a future Apple-supplied iPhone software update is installed,?

Now, how stupid Apple thinks people are?? Permanently damaged software? Excuse me? Yes you can paint yourself into a corner and a device might be unable start when you mess
with it’s boot software for instance. But you can not permanently damage software. That’s like suggesting the letter ‘e’ got damaged and can no longer be used. That’s just plain stupid. Or marketing via FUD. Only companies on the loosing slope resort to FUD. Nobody has ever recovered to prosperity via FUD. With AAPL trading at a stagering 150 US$ I wonder why Apple things they have to sling some bullshit like that. Probably since they always did so. Apple has always operated on ‘bended truths’. Anybody remember how the PowerPC is just so much faster than those Intel CPUs?

about those two years

September 20th, 2007

So, my iPhone fell down. And the ‘volume up’ button got stuck. Bad luck. Then Apple lowered the price and the 4GB Version gets sold for 299 right now. So I thought I get a new one. I asked in the Apple store if I would need to renew my contract to activate the new iPhone. They said this would not be necessary. They said that I just would need to replace the SIM card from the old to the new phone.

Of course that is not the case. Calling Apple got me the answer that AT&T would be responsible for this. Well, it’s not me that did choose AT&T. It was Apple that did that for me. Calling AT&T they told me that the only way to activate the new iPhone is to restart the two year commitment with them.

By now I really hate both companies for their blatant ways of trying to rip people off. Even though they seem to win this time, I will make god damn sure that they will not come out of this on the upperhand in the long term. They neither can run nor hide, and I will get both of them. With interest, and fun-bonus. They deserve it for been taking for a ride, as they try to do it with their customers.

iPhone data roam shock

August 31st, 2007

The iPhone worked in Germany. Which is good. I was worried about roaming charges, so I left it off most of the time. But during four days I was out of reach of any wifi network, and Vodafone’s data network did work. It was painfully slow, hardly hardly usable. I checked my email during those four days. Maybe 8 times in total. Now I returned and got the bill: 358.18 US$ in data transfer charges. The roaming cost for data transfers comes down to almost twenty dollars per Megabyte! Imagine the connection would be faster. I certainly wanted always to pay a hundred dollars to watch a youTube movie. Can be done easily.

I am not very pleased how big corporation error on side of blatant rip off. Almost 400 US$ for checking my email a couple of times. Finding out what those roaming charges would be on the website of AT&T? Good luck. That’s impossible. I should have called them. Would only take ten to fifteen minutes of voice mail hell to find out I would guess.

So if you are abroad: DO NOT use the iPhones data mode. Twenty dollars a Megabyte is steep.

pirates

May 26th, 2007

Sometimes there is a refreshing new view in acts of crime. Since the usual rules don’t apply, people get to be innovative. Or at least a bit out of the ordinary.

spam, human one

May 21st, 2007

BlogsNow is back. The added spam detection seems to work. Since I never trust new code, especially not when I wrote it, I pay a bit more attention to which blogs get flaged as spam. Once they are flaged they are ignored. This shows the blogs that google had seen updates for in the last ten seconds. Good luck finding a legit one. There are in there. Somewhere.

Today I thought I had found another bug. Blogs like these: example example example example example example started showing up being spam. Although they are written by people. After looking into it I realized that these people participate in a ‘pay per post’ scheme: They get paid if they blog about something. Sandwich men. I decided to ban all those blogs. No matter if it’s a spam bot or a human being getting paid to write his/her own copy and flagging it all-so-PC with ‘paid post’: The effect is the same. Links from those sources can not be trusted. I am aware that I delete lots of mid range blogs with that. But then, I don’t care: There is no short supply in blogs. BlogsNow can afford to look for the pure ones. Interesting how spam-detection can be a good training ground for other, yet related, schemes.

new way to get rich

May 16th, 2007

Somebody managed to send an email out that the iPhone would be delayed. In the following hours that it took the official Apple PR machine to react and ‘catch the bad meme’ the Aaple did go down by a couple of dollars. Then it rebound. Somebody could have made 3% in a couple of hours.

update 5/17/07:

techcrunch says that the false engadget news wiped of four billion dollars in market cap in six minutes. New travels fast it seems.

mail fseek: Invalid argument panic: temporary file seek

March 21st, 2007

With a full mailbox mail might die with:

fseek: Invalid argument
panic: temporary file seek
Aborted

of course it’s all spam. That aside it seems that

mutt

can deal with these big mail boxes.

greyfication

January 7th, 2007


So far botnets have predominantly infected Windows-based computers, although there have been scattered reports of botnet-related attacks on computers running the Linux and Macintosh operating systems.

That’s the NY Times being clueless about Botnets. Good that they write about it. As it is a problem.
Bad that they write so badly about it. The author seems to like ot cover his bases here. “Scattered reports”? God, there are scattered reports about Ant’s playing doom in mongolia. This is as covering. Not more. The reality is that 100% of all botnets are run on Windows machines. There are still no Viruses for OS X. There are MS Office infections that affect the OS X flavor of the product. But the Operating system has been save.

It’s as binary as that. Don’t get me wrong: Apple sucks in some areas. But their OS has had no real life virus infections. People seem to shy away from such binary truths. Easier to throw in a ’scattered reports’ here and there. Pseudo Balance. It’s actually much more harmful than it seems: It leaves loopholes. It kills the truth: Somebody with an intention could quote now the New York Times that there have been Botnets on Linux and OS X. Which is a lie. Not true. The big question that needs a real answer is, if Vista can join the club of predomiantly safe operating systems or not. Unfortunately journalists will not help in finding this out.

The only real weapon against malware is the truth.
Too bad that the New York Times is too afraid to avoid it.

spamindustry

November 25th, 2006

the next weapon in the arsenal of the spammer of today: people. cheap ones

larger than life

November 15th, 2006

Some things are so odd, weird, strange and yet predictable, you simply can not make them up:

Microsoft launches two products right now. “Vista” and “Zune”.
they migh have trouble working together

In case you don’t trust a site called “appleinsider” to break news about Microsoft products, here it is from the the horses mouth

OJ can stand for the juice of oranges or for a strange man, that had an even stranger run in with the legal system.

Youtube has now attorneys. And apparently they are bored.

top 10 spammers are supposed to create
80% of all spam
.
I guess that each dollar a spammer makes costs around 10,000 US$ in damages. It might be good for the world, if these individuals would be prevented to use computers. Maybe a few companies get together and make sure that the top 10 spammers are always being caught?

gmail scares me

November 12th, 2006

Just got an email back that I had send. Or should we say that I supposedly sent. No, I have not switched to Windows and are victim of the usual malware. No I don’t think that just because somebody has put in my email address in the “From:” field that I have sent it. What just happened is much much scarier:

Only the tail of my email was what I sent. The start was spam. I send this email with gmail to somebody that uses SBC or pacbell and is pretty sure on a mac as well. If my email get mixed up with spam then they certainly have a hard time getting delivered.

Which is the scariest part of the whole story: I still assume that email works. I send something once, and if I don’t hear back then I do not bother people again. Which is a good way of communicating, as long god damn email works.

little people

September 13th, 2006

little people a nice project. Almost cute.

Unrelated, just that I picked up it from there: BlogsNow is seriously clogged by spam right now. Problem is that 90% spam is preventing the crawl of the real sites get done in time. Many of those spam sites don’t even react in time. Spam is usually horrible about that. They just junk as much as they can, no matter if it even makes sense or not. They are just rushing to the next thing. And it’s done by idiots in the first place. No wonder they can’t keep their stupid little scripts straight.

option ARMs

September 3rd, 2006

Business week on so called option ARMs.

I always thought that ‘interest-only-loans’ would be a scary thing to sign.

Those poor people that will loose everything and then some. Many of them probably have jobs that require lots of time and effort to make some money. All they probably wanted to do, is to get ‘in on the action’ during that housing boom that is now so clearly over.

gruber ups the ante

September 2nd, 2006

he is willing to give a MacBook away

On September 9 we will know what it was about this “Mac’s can be hacked” meme that everybody duplicated but nobody did research.

now that apple sells lots of stuff

July 5th, 2006

they think can take a stroll on the dark side

Idiots. How often can you sell your virginity? Now Apple has marched into the ‘phone home’ camp. And for what benefit? Idiots.

blogspam

June 30th, 2006

Around 80% of all blogcontent is spam. You probably never see it. But search engines do. And that’s what the spammer hopes for. So called Splogs try hard to look like real content. Sometimes the spammer uses buggy code. Like in this example: http://football-shirt.afreeblogforyou.com/
Here the keywords have not been replaced. They still are called {keyword} in the text. This splog is pretty typical in many aspects: Please note the google ads. Yes, google does do business with this kind of content. They do not care. Actually google is responsible for allot of spam, since it’s adsense ads are a premiere resource of revenue for spam like this. The content in this ‘blog’ has simply been ’scraped’ aka copied or some would say ’stolen’ from legit weblogs. Easy to do. The next step in a splogers enterprise is to generate as many pages as possible and to put them into search engines. 70% of all interenet trafic gets steared by search engines. Getting only 0.01% of that can make you a rich man.
Of course the content is around a recent event. That might get you ahead of real content for a day or two. Enough to make a couple of hundred dollars in some cases. And, yes, google pays.

one thief sells a thousand locks

June 29th, 2006

It sounds like good business. But it is not. That one bad person creates usually hundrets to million times the damage compared to his gain. If possible society would fare much better by retiring all those spammers on a decent allowance. Right now they kill millions of business to make a bug or two.

What ever happened to the the ‘canspam’ act that the Administration put in place? Spam is not Bush’ fault. But having a government that is vastly clueless about any thing invented after 1983 did not make the spammers life exactly tough.

find hole in google anti spam rules

June 17th, 2006


and you can make north of 180K a month within 3 weeks

Now this one will be hopefullly be victim to his own success. But the principle works of scraped content works, and is rarely documented simply and straight forward. Even though it is that simple: steal and or buy what search engines think is content. Serve it up as many variations as you can and get the engine to swallow it.

It’s interesting that all those super smart phd holders at google never built it in a trigger in their code that would check if a domain would go from zero pages to five billion within 3 weeks. Actually a domain growing by 100,000 pages within a month is supicious. Like blogspot ;-)

we have no email

May 17th, 2006

I have the best immigration lawyers you can imagine. I know since I also had the worst years ago. The current people are great, not the cheapest, but they really come through with everything. Today they did send me some forms to sign and send back. As Microsoft Word files. Of course they only open as garbage on my computer. I asked for PDFs and these poor souls can not even create them.

Kind of funny that people rather send around a format that can be edited, does not work in all cases and even can contain malicious software.

And, again, these are probably the best immigration experts you can find.

Not being able to send forms and text in PDF is like saying ‘we have no email’. In 1999.

“but os x has viruses too”

February 16th, 2006

no! It hasn’t.

But now there is the first
trojan it seems.

You need to download and click on it. It’s finder icon appears to be forged to look like a jpeg file.

Now would be the time to see if the “Broken Windows” theorem holds true.