|
Fraudsters continue to innovate
You have money, a computer, a credit card, a bank account, and more. Somebody on the Internet wants these and is willing to lie, cheat, and steal to get them. The techniques these creeps are using continue to improve, but there's almost always a clear indication that fraud is afoot. Let's take a look at a few examples that I've seen in the past week.
The bogus greeting card
We receive electronic greeting cards on our birthdays and anniversaries, on holidays and other special days, and sometimes for no particular reason. Those who want to take over your computer have used the greeting card scam for a long time, but the attempts were usually so pitiful that only a fool would fall for them. Well, they're getting better.
Here's one that arrived last week. It claims to be from "American Greetings", but look at the actual address. What kind of company would send cards from "rthq" at "coxinet.net"?
As I've said before, legitimate greeting card providers will tell you exactly who sent the card. "A family member" is not an exact identification. So the card has two strikes against it immediately.
If you open the message, you'll undoubtedly be greeted with a link that will try to look like a greeting card link. But if you examine the link's real destination, you may find that the file the link points to is something like this:
"GreetingCard.gif .exe"
All of those spaces in the file name are intended to move the real extension to a place were you won't see it. You'll think the file is a harmless gif when in fact it's a harmful executable file.
If the card doesn't come to you personally and if the card isn't from a name an address that you know personally, discard it immediately. If it claims to be to you (by name) and is from someone you know, examine the "from" address and examine the destination URL. If anything looks even slightly suspicious, confirm that the person who is shown as the sender really did send the message.
|
|
|
Here's another example that tries to look good, but ends up giving itself away.
First, it claims to be from "greeting-cards.com" but is really from someone else at another domain (and that address is probably forged anyway.)
Next, there's no indication who the card is from.
The invitation contains at least two errors that would not have made it past any native-English-speaking editor.
And the link is to an IP address, not a domain name.
CLICK THE IMAGES FOR A LARGER VIEW.
|
|
|
|
I have an application that allows me to see what the target domain is serving up and here's what you'd get for your trouble:
The website will try to run an executable file. (What a surprise!) At the very least, that file will attempt to take over your computer as a zombie. It might also search your computer for personal information (account numbers, user IDs, banking information, and the like.) |
Our old friend is still there: Canadian Pharmacy
I've written about these clowns or their inbred cousins previously. Canadian pharmacies, as a rule, don't send out spam and, if they do, they use their own domain. Additionally, one might expect a Canadian pharmacy to actually be located in Canada, not in Hong Kong, which is what the domain indicates.
Closely related to Canadian Pharmacy is the "United States National Medical Association". A message from this group cautions against dealing with fraudulent on-line pharmacies and offers a list of fraudulent operations.
|
|
|
The spam explains the dangers of dealing with unknown operations that pass themselves off as pharmacies and invites you to their website.
CLICK THE IMAGES FOR A LARGER VIEW.
|
|
|
|
But that's not where you'll go if you click the link. You'll be taken to a website in Hong Kong. A website that just happens to offer on-line drugs. |
|
|
|
What does the United States National Medical Association think of this fraudulent use of their name? (Don't get too far ahead of me here.)
Try a Google search for "United States National Medical Association" and you'll find links where the "organization" is discussed in far-from-favorable terms.
In other words, the United States National Medical Association is a fraud. |
Caveat emptor
I'm old enough to remember when Julius Caesar said that, but tempus was fugiting and he had to hurry off for breakfast of hard-boiled eggs with Brutus, where he et tu. (And if you're a Latin teacher or ever studied Latin, I apologize.)
If you do an on-line search for something, you'll probably see at least a few responsible from "price comparison" sites. These are operations that once seemed to be sufficiently ethical that they weeded out the bait-and-switch operations, but sadly that's no longer the case.
Here's an example using a product I'm sufficiently familiar with to know when the priced cited are bogus: A Nikon D200 digital camera. The current price for the body alone (no lens) is about $1500 from reputable stores (B&H Photo and J&R Electronics in New York both have the camera at that price.) Here in Columbus, Cord Camera has it for about $1700.
|
|
|
Here's one of those "shopping service" pages. It seems that I can buy a $1500 camera for just $329. Margins on cameras are slim. No camera store, not even a huge store such as B&H would be able to buy the camera for $329, much less sell it for that.
Many people seem to think that stores routinely mark up goods by 100% or more and, thinking that, become suckers for this kind of marketing. Come with me to the website of one of these merchants.
CLICK THE IMAGES FOR A LARGER VIEW.
|
|
|
|
Here's the camera we're looking for. The Nikon D200 for $329. |
|
|
|
"Availability: Yes." Yes? Yes is not the same as "in stock". There's a danger sign.
They're also offering a special "$200 value" kit free. Another danger sign. What's in the kit? A lens-cleaning kit (value about $2), a screen protector (it's already included with the camera, so it has no value), and a "full size" tripod. "Full size" isn't defined, but it's probably worth about $10. Oh, there's also a "digital slave flash", whatever that is. Probably some no-name strobe they buy for $5 each from China. |
|
|
|
Before going any further, let's take a look at B&H Photo. The price is legitimate. The rebate is from Nikon. And B&H has some used cameras in stock for less money, but even the used cameras are far more expensive than what the other store is offering.
But notice the tab that shows what's included. |
|
|
|
What's included? EN-EL3e Rechargeable Li-ion Battery, MH-18a Quick Charger, USB Cable, Video Cable, Neck Strap, Body Cap, Eyepiece Cap, DK-21 Rubber Eyecup, BM-6 LCD Monitor Cover (this is what the other store includes in their "$200 value" kit), PictureProject Software CD-ROM, and a 1-Year Nikon U.S.A. Limited Warranty.
|
|
|
|
If you hop across town to J&R, you'll find a similar price and the same items are included in the price.
|
|
|
Now let's go back to the "bargain" store. This is the store that listed nothing as included and included specific wording in the ad that this was the "body only". This is an old trick that shady camera stores liked to pull on unsuspecting customers. I thought that the practice died out, but apparently not. |
|
|
|
The "bargain" store will sell you the battery that Nikon includes in the box. You can buy one of these batteries from a legitimate camera store for $45. The "bargain" store wants $180 for it. |
|
|
|
And if you buy the battery, you'll certainly need the charger. There's another $200. The charger is in the box as it comes from Nikon and shouldn't cost extra. |
|
|
What about the USB cable, the video cable, the neck strap, the body cap, the eyepiece cap, the DK-21 rubber eyecup, the PictureProject software on CD, and the 1-year Nikon U.S.A. limited warranty? You can bet that they'll all add $15, $25, $50, or even $100 to the price and that the final price you pay will be substantially more than you'll pay if you buy from a legitimate seller.
There's also a good chance that you won't get a 1-year US warranty because the camera will be a gray-market unit that's intended for sale in another country.
And what if you try to buy just the body? You know you can get the other pieces at a reasonable price from another store. Do you think they'll sell you just the camera body? Here's a hint: No. |
Vista: Why did they do it that way?
Vista is the most secure Windows ever. At long last, Windows has the equivalent of the root user (well, more or less, anyway) and nobody runs as root. Even those who are considered administrators have to invoke supervisor status to do some things. That's good because it's another roadblock to malware and it's a way to ensure that less competent users aren't able to touch critical components. But sometimes this can get in the way and then it becomes necessary to outsmart the operating system.
Here's an example. I prefer the Classic Start Menu to the new start menu. Yes, the ability to type the first few letters of an application's name and then press Enter is neat. I was impressed when I first saw the feature on a Mac. But I don't use the feature on a Mac. In fact, I've cobbled together what is essentially a Start Menu for the Mac. I much prefer hierarchical menus so that publishing applications are in one branch, Web development tools are in another, and so on. An application such as Photoshop might be located in several branches (Web development, graphics, and publishing) so that the applications I'm most likely to need at any given time are close at hand.
In Windows XP, I could quickly navigate to C:\Documents and Settings\All Users\Start Menu\ and start dragging folders around. The changes applied to all users. Or I could make changes in C:\Documents and Settings\William Blinn\Start Menu\ that would apply only to me.
Those directories no longer exist in Vista. I expected to find my personal Start Menu settings in C:\Users\William Blinn\, but that's not where they were. I eventually used the Advanced Properties option, which is available from the Task Bar to find my Start Menu, then asked the Windows Explorer to tell me where I was: C:\Users\William Blinn\AppData\Roaming\Microsoft\Windows\Start Menu\. Yeah. I would have probably found that on my own, except that it's a hidden directory. And there was no indication where the equivalent of the All Users directory was.
|
|
|
This is the kind of Start Menu I like. If you like the new menu, and a lot of people will because it's a big improvement over the Windows XP Start Menu, you can use it; but Microsoft has retained this format for those of us who like it.
CLICK THE IMAGES FOR A LARGER VIEW.
|
|
|
|
I looked in the Users directory, where I expected to find an All Users directory, but it wasn't there. Because computers don't operate by magic, I knew that a directory had to be there. I just couldn't see it. So I told the Windows Explorer to show me all hidden files. By itself, that change didn't accomplish what I needed. Next, I told the Windows Explorer to show me protected operating system files. Either of those actions alone is insufficient; both are required.
Note that this can be a dangerous step, even for those who know enough not to change, move, or delete certain files. |
|
|
|
That's what was needed, though. I could now see the directory that I knew had to be there. |
|
|
|
And I was able to navigate to the All Users Start Menu.
The shared Start Menu is located here:
C:\Users\All Users\Microsoft\Windows\Start Menu
Once I knew that, I changed the settings back so that protected operating system files and hidden files would no longer be visible. |
|
|
|
Even with the operating system set to hide protected files, users can type the location in ... |
|
|
|
... and navigate to the directory.
|
|
|
|
Having done that, it's easy to create a shortcut that can be installed on any user's individual Start Menu or on the shared Start Menu. |
Nerdly News
Laptop computer: $250
No, this isn't some fraudulent loss-leader. Intel plans to work with Asustek Computers, a large manufacturer of motherboards, to develop a notebook computer that could be sold for about $250. The target market would be developing countries. You've probably heard of the One Laptop Per Child Foundation, an organization whose name describes its mission.
For years, Intel has donated laptops to children in developing countries. The new venture plans to make near-regulation-size notebook computers, unlike the devices made by the One Laptop Per Child Foundation. But that means they will need electricity to operate and in some parts of the world electricity is available for only a few hours per day. The One Laptop Per Child Foundation's machines may look like toys, but they include a hand crank that can power the device when electricity isn't available.
A fair question might be, however, whether the developing world needs computers or better medical care, better food, and other basic necessities.
Blockbuster nixes Netflix's attempt to block, buster
OK, that was pretty weak. So, apparently, was Netflix's suit against Blockbuster. Blockbuster announced this week that the suit had been settled. Netflix wasn't talking. Blockbuster, mainly a video rental store, has been moving in on Netflix territory.
Blockbuster says it will not make changes to its website or business model. Shortly after Netflix sued Blockbuster last year, claiming the company had stolen its system for placing movie selections in a queue, Blockbuster counter sued, claiming that Netflix’s patents were so broad as to be unenforceable.
Electric problems at the National Security Agency
The Baltimore Sun is reporting that "a year after the National Security Agency nearly maxed out its electrical capacity, some offices are experiencing significant power disruptions as the agency confronts the increasingly urgent problem of an infrastructure stretched to its limits."
Because of power shortages, the NAS can't use some of its new computer equipment. In some cases, power outages are reported to have shut down offices for more than half of the day. If you're willing to cut the NSA some slack because this problem caught them by surprise when they were busy keeping an eye on national security, the current shortage was predicted nearly 10 years ago.
The Sun quotes former NSA analyst Ira Winkler, who says the problem is because of "mismanagement at very high levels." Nobody at the NSA would speak to the newspaper on the record.
|
|