I know what you need (thanks to all that data!)

Nude Doll
Back in 1976, Cosmopolitan[1] published a short story by Stephen King entitled I know what you need. Thanks to Big Data and our promiscuous social online habits being available to anyone who wants to pay for them, turns out marketing guys do too.

Continue reading

419 fun: Taxonomy of Internet fraud

In case its not obvious, THIS IS A SCAM. No question about it.

From: allenbradbury@fdbplc.co.uk
Mr. Allen Bradbury
Tel: +44 7757542903
Dear Friend,
I apologize if the contents hereunder are contrary to your moral ethics. But
please treat with absolute secrecy and personal.
Oops, I didn’t respect his moral ethics.
I am an employee of a commercial Bank here in the United Kingdom and an
Account Officer to a deceased customer who is a National of your country.
No you aren’t. Your language and grammar indicates someone who is from Africa.
We lost this customer and his family in an auto crash here in England some
years back and his account valued at £10,800,000.00 (Ten Million, Eight
Hundred Thousand British Pounds) with us has been dormant and unclaimed due to
unavailability of a next of kin / relatives to claim his estate, since his son
whom he used as his next of kin died in the same auto crash with him.
Wow, ten million!
In accordance with the Es-cheat laws of England, the Board Of Directors of the
Bank met a forth night ago and resolved to turn the estate of the deceased
over to the Government having waited for too long without the deceased
relatives/next of kin surfacing, and if this is done, invariably the funds
will end up becoming Government property too, so it is as a result of this
that I am moved to contact you considering the fact that a known relative of
him have not been Located and since you bear the same last name.
I don’t you know. I know most of the people in the UK who have the same unusual last name as me. And what the billy shears are “Es-cheat” laws?
In view of this, I am seeking for your co-operation and understanding to stand
as the deceased next of kin to enable us claim the inheritance before the time
period given by the Bank elapse.
Hmm, this is too good to be true. Wait, this appeals to my sense of greed, I could end up with the money.
(Of course, this is what you’re meant to think)
Hence, If this proposal is OK by you and you do not wish to take undue
advantage of the trust I hope to bestow on you. Then kindly get back to me
immediately, strictly via my private email address only:
allenbradbury1@yahoo.co.uk write to enable me enlighten you on how we are to
proceed.
The hook.
I will not contact any person or Company until I hear from you, so as to
enable me decide on what to do next. Be rest assured that it is a risk free
project and the proceeds will be shared 50% each once the funds are
repatriated into your account either there in the Canada Or elsewhere.
The line.
I wait for your prompt response.
Regards,
Allen Bradbury.
NB: PLEASE NOTE THAT IT DOES NOT MATTER IF YOU ARE NOT RELATED TO MY LATE CUSTOMER, THE FUND WILL STILL BE PAID TO YOU, SINCE I AM PRESENTING YOU AS HIS NEXT OF KIN, BASED ON THE FACT THAT I WAS HIS PERSONAL ACCOUNT OFFICER, WHOEVER I PRESENT WILL BE PAID.
The sinker.

So what actually happens here is they ask for my account details, perhaps a “holding deposit” if I look like I’m dumb enough, then they vanish into the night.

Having said that, I know of people who have lost their life savings, and been very angry and bitter and have not allowed these people to vanish, and have gone to Africa to seek them out.

They were never seen again.

Ross Anderson: Google Techtalks: The Search for evil

The encyclopedic knowledge of Ross Anderson at work (or at play?) here.
See it at http://youtube.com/watch?v=7WlHhZUayUw

With Ross, you’re the boss.

Social (pariah) networking

My Dad doesn’t like Facebook. To be fair, he has nothing against the people who developed facebook. He holds no strong views on their politics, or their personal hygiene. From a coding and software architecture point of view, Dad thinks they’re just fine.

What he does worry about is how much personal information they allow us to share, quite often with a far larger audience than we intended. He’s not alone either, as several information security managers across the sector, including commercial directors, and CISO’s for charity and NGO bodies have sent out similar “calls to vigilance”.

Personally, I think facebook is ok. The phone number that’s on there goes straight to a fax/voicemail service that winds up in a corner of my inbox. As for the other stuff I choose to share, well you can only see all of it if I’ve already known you in person for some time. There’s quite a good chance that you know it already. Facebook therefore becomes a convenient directory for me (although when my ex sent me a friend request, this was ignored!)

I’ve mentioned in other posts how facebook is rapidly eating the lunch of more business-oriented sites like LinkedIn – although at least two of my contacts plan to stick firmly to the limits of LinkedIn, and ignore Facebook, Bebo, and all the others. Rest assured, those two contacts are worth me staying there, for the time being.

There’s another candidate out there for the “frankly, you’re strange” website award, and that’s ecademy. Put it this way, if networking sites were religions, LinkedIn would be the rather nicely ornate cathedral your parents worshipped at, and facebook would probably be a gospel hall with a choir led by James Brown.

Ecademy would be the cult of people dressed in white, who smile, stare at your left ear while they talk to you, and are suddenly found overdosed on Kool-aid.

It’s not that they are nasty people – they aren’t, and its not that they are a foreign company – its run out of the Home Counties of the UK. Its just that Ecademists seem to have a passionate belief that as long as they pay more money to the founders, good things will flow.

Erm.

Which leads us onto the “pariah” portion of this article. I dislike spam. I heartily dislike spam. It wastes disk space, time, bandwidth, and resource in dealing with it. Google Mail has a very efficient spam filter, and to make it even better, I’ve also joined the Cloudmark spam detection system – basically, if you see a spam, you tag it, the cloudmark system then alerts all the other members. Over time, if the majority agree with you, your trust level rises, and the decisions you make over your spam have more effect on the behaviour of the cloudmark agent installed on other people’s computers. I now have a little gold Cloudmark star, which means they think I know what spam is (and isn’t).

So, I got this spam….

From: lucas.wyrsch@gmail.com to me
Subject: Lucas Wyrsch has invited you to their network on Ecademy!

Hello,

I’ve seen your profile on LinkedIn!

I would like to add you as one of my contacts on Ecademy, where successful
business people grow their business.

There are three membership levels:

* Basic members – free to join
* PowerNetworkers – proactive networking
* BlackStars – accelerated networking with mastermind groups

BlackStar membership is making a significant difference to the business
success of its members! BlackStars are determined to develop centres of
excellence for Networking, Relationship, Knowledge and Business.

More: [link removed, you weren't really going to click on it were you?]

Click here to connect with me:
[link removed, you don't need your head examined]

Thank you,

Lucas Wyrsch
lucas.wyrsch@Gmail.com

p.s. Sign up today and you’ll get one month’s *PowerNetworker subscription

Cloudmark and gmail anti-spam measures, notified. Its pretty accepted that spammers promote unsound products and services, so I think that’s cleared up Ecademy’s “business profile” once and for all.

Dropped to the bottom of my spam bucket. I will never hear from you again.

And nor will quite a few other people.

Audio Spam: The Latest Twist on a Never-Ending Security Threat – CIO.com – Business Technology Leadership

Audio Spam: The Latest Twist on a Never-Ending Security Threat – CIO.com – Business Technology Leadership: “A new form of spam using MP3 audio files to send a stock pitch has surged today. Today this audio form of spam has risen from being virtually nonexistant to become 10 percent of all spam traffic, according to several security researchers tracking the phenomenon.”

The constant battle for our 30 minutes of discretionary time a day continues. I know that friends and colleagues have received this type of spam, so far I’ve not seen it (the three layer spam defenses are holding up well!)

We’ve had boring old text spam (delete), poetry spam (delete), Image spam (boggle then delete), PDF spam (antivirus, boggle, sigh and delete), and now audio spam (snicker at funny voices, then delete).

Of course, the one thing that will be deterred by MP3 spam will be the 411 fraud that has made Nigeria famous. I doubt I will believe a strong male african accent promising to be a young 21-year old californian lady. Not much, anyway.

How to be Spam

Like most IT geeks, I get a lot of email, and so in an attempt to make sure I set foot out of the door occasionally I have various methods to deal with my email.

My current favourite is to run all my personal email through Google Mail, and then to download it onto my desktop for folding, spindling and mutilating. I use Cloudmark’s spam filter, and since I’m pretty careful about what I mark as spam, my “trust rating” is high.

Well, I’ve been getting emails from “ITProPortal” – a fairly miserable collection of stories scrubbed from “The Inquirer“, and similar online publishers, sprinkled with their own ads, links, and other rubbish.

Today, a story caught my eye about how FaceBook is rapidly taking over LinkedIn as a business networking tool. I’m not surprised, basically FaceBook is
a) fun (I’m enjoying an ongoing game of Scrabble with a friend)
b) free (rather than LinkedIn’s rather snobby approach of making me pay $100 or so to keep my outlook contacts on there!)
I thought, well that will be fun for today’s blog entry, (and I think you’ll agree, its been slightly pleasurable at least), and clicked on the entry. ITProPortal promptly whisked me off to a page all about how Vista begins to look more like rubbish (another Inq lift, hmmm). Interesting story in itself, but if I wanted to read that story, I would have waded through the spam and click up ads on ITProPortal for it (or read the story on Inq’s RSS Feed).

So, farewell ITProPortal. I have used the benefit of my high cloudmark rating to push you to the bottom of my spam folder. I will never hear from you again.

And nor will quite a few other people.

Herbal Essence

I bumped into the following video today:

and it made me laugh my tiny socks off. I’ve long noticed that in advertising there are certain defined roles that while appearing to reinforce the notion of gender equality, actually divide it further. Next time you see an ad that uses sex (and you won’t have to wait long), replay it in your mind, but swap the roles of the male and female actors.

In other news, I attended my second Ceroc class last night. Lots of fun. I returned to my email this morning to find that a spammer is faking mails from “gifsecuritypracticesyb@securitypractice.com”. If you have found your way to this blog as a result of these mails,
a) I’m sincerely sorry, and I share your pain (I have to read all of the bounce messages, for a start).
b) There’s nothing I can do about it. The spammers are faking the domain, and your mail server is beleiving their fakery. Please use some form of sender verification.