Listen to the Podcast
17 June 2022 - Podcast #797 - (20:17)
It's Like NPR on the Web
If you find the information TechByter Worldwide provides useful or interesting, please consider a contribution.
If you find the information TechByter Worldwide provides useful or interesting, please consider a contribution.
Scammers are a varied lot. Some work hard at their craft and create bait that looks realistic while others send out gibberish that's unlikely to fool anybody. And yet even those poor attempts do fool some. Let's take a look at some recent catches.
Click any small image for a full-size view. To dismiss the larger image, press ESC or tap outside the image.
The more realistic the effort, the more likely it is to work for the scammer; but even the most carefully constructed scam is still a scam and usually obvious signs exist. Consider this message from "Microsoft Team". It looks quite convincing at first glance. Take a second glance, and flaws are immediately apparent.
"Microsoft Team" is wrong. It's "Microsoft Teams" and this is not the kind of error Microsoft would make, but that kind of error is easy to overlook. The first big clue that this is a scam is the email address uses. Long, long ago I had a Hotmail account. Microsoft acquired Hotmail, but I have never associated that account with any Microsoft entity.
Overall, the message is a good attempt. "Unusual sign-in activity" is likely to get most people's attention. The sign-in details show that the attempt originated in Nigeria, but the IP address is shown as "10.112.126.02" and the browser used is reported to be "chrom". Google's browser is "Chrome" with a capital C and an "e" at the end, but the more telling flaw is the IP address. Any address that begins with 10 is unrouteable because all addresses from 10.0.0.0 to 10.255.255.255 are private addresses. No browser will ever present with one of those addresses. But many people don't know that. They just see an IP address and they skip over it because it looks real.
Messages about possible fraudulent log-ins invariably have two options: One is a button that's labeled "No, this wasn't me" and the second will be either a button labeled "Yes, this was me" or a note that you should ignore the message if it was you. Neither of those options is present.
And the "No, this wasn't me" button isn't a link to Microsoft. Instead it goes to a fake site that will harvest your email address and password when you go there.
Some scams are really just spams with lipstick, but (as the old saying goes) a pig with lipstick is still just a pig.
This is a message that came to me from the contact form on the website, but it's the kind of message that could easily be blasted out to 10 million people via standard email. "This is Irina," the message says. "I am sending you my intimate photos as I promised." This is followed by a link that is obfuscated by the TinyURL link-shortening service.
I don't know anyone named Irina, so she has never promised to send me intimate photos. In any event, "Irina" is probably Ivan. But what's the URL? Did you know that TinyURL offers users a way to see the full URL so they can check it out before following an unknown link? Start with the TinyURL (https://tinyurl.com/yyk97tdf) and add "preview" before the domain name (https://preview.tinyurl.com/yyk97tdf). This will reveal the true destination:
https://stoteron.ga/?u=1705SC5&yg8jpt <<< Do not follow this link!
The domain (stoteron.ga) is a free domain registered to Gabon TLD. Gabon, of course, is a west African nation south of Cameroon and Equatorial Guinea, north and west of the Republic of the Congo adjacent to the Gulf of Guinea and the South Atlantic Ocean. Using PowerShell to safely retrieve the code that runs the website, I can see that it is a dodgy porn site that should be avoided.
To get back to the "looks legitimate" type scams, here's a message that claims to be from United Settlement. United Settlement appears to be a legitimate operation that attempts to help people who are in debt get out of debt and clear their credit history.
The sender, however, is shown as "united.debt.settlement@100walr.com". The domain is registered to an unknown organization in Reykjavik, Iceland. It's also worth noting that United Settlement is headquartered on West 37th Street in New York City, but the email claims United Settlement is at 23638 W. Lyons Ave in Newhall, California. Would you be surprised to learn that the California address does not exist? The street address does exist in Santa Clarita, but the scammer claims to be on the fourth floor of a one-story building.
Here's one that I'm still trying to sort out. A "system notification" from blinn.com tells me that two unreceived emails are "stuck" on the server. If I don't follow the link to retrieve the delayed messages within 24 hours, the messages will be deleted.
I run my own server and know two things: First, messages do not get "stuck" on the server, and second I have no notification process in place for stuck messages because, as I noted, messages do not get stuck.
At first, it appeared that the scammer was attempting to hide behind a fake "GoogleAPIs.com" address that was really hosted at AppSpot.com. But both GoogleAPIs.com and AppSpot.com are registered to Google. I reported the scam to Google but you will probably be surprised not at all to learn that there has been no response from Google. Not even an autoresponder message.
Some scams jump up and down, shout, and would wave their arms if they had arms. This is one of those. (1) A message sent from Contabile Renner to Contabile Renner wants to know when I will send a payment receipt. A message that has been sent to the sender is a clear indication that we're dealing with a scammer who doesn't quite understand how to use email. That should be it. End of story. Nothing to see here. Just move along, folks. But of course I can't do that.
I'm supposed to believe that the message is from (2) a company in Spain. I have never dealt with a company in Spain and the sender's email address ends with ".cf". I had to research that one. It's the internet country code top-level domain for the Central African Republic. Once again, that should be it. End of story. Nothing to see here. Just move along, folks. But of course I still can't do that.
The message says (3) "I enclose proof of payment, corresponding to invoice No. 814. I am waiting for the receipt." Reality check time! If Contabile Renner has "proof" of payment, he doesn't need a receipt. So, once again this should be it. End of story. Nothing to see here. Just move along, folks. But there's more.
The attached (4) "proof of payment" is an Excel file. Anybody can create an Excel file, so it can't be legitimate proof of anything. And no, I will not open that Excel file. This is it. End of story. Nothing to see here. And I'm done.
I've received sometimes as many as a dozen scams in Japanese almost every day for the past several months. The simple fact that they are in Japanese is sufficient to inform me that it's a scam. The messages are unexceptional for the most part. They claim to be from a Japanese consumer goods and finance conglomerate and the scammers have done an excellent job of making the messages appear to be from the legitimate company.
One bit of information can't be faked, though: The originating IP address. The address where the message originated (120.48.26.97) is in Beijing, China. Would a large Japanese company send messages to the United States from China? I don't think so. Add that to the fact that I don't have a credit card from a Japanese company and the fact that I don't speak or read Japanese and we have what is clearly a scam.
Another scam I see frequently is the one that claims to have been sent from my own email address by someone who has infiltrated my computer and will send compromising messages to everyone in my contacts folder unless I pay them hundreds (or thousands) of dollars in the next couple of days.
The easiest way to confirm that this is a scam is to examine the routing headers. Microsoft's Outlook makes this difficult, but it's possible. Most other email programs make it easy. What you'll find is that the message didn't originate from your email account.
Just delete the message and get on with your day.
The United Nations does not use GMail. The UN also doesn't hold lotterry drawings to allocate covid relief funds. I'd like to think that most people would recognize a message supposedly from the UN that asks for the recipient's full name, address, date of birth, and telephone number for what it is: An attempt to steal the recipient's identify.
Apparently this is not the case, and that's what the crooks depend on.
Like ants at a picnic, scammers infest the internet. There's no shortage of thieves and crooks anywhere, but the internet makes thieving easier. The crooks don't need to be near you. You'll never see them. It's virtually impossible to catch them if they're in Russia or China and unlikely even if the scammer lives in the house or apartment next to yours. All we can do is treat every communication with reasonable, rational suspicion and make every effort to be smarter than the crooks.
Sometimes one has to wonder what Microsoft developers do during the day. Sometimes it seems that they spend all their time working on spiffy enhancements while ignoring essential features.
Click any small image for a full-size view. To dismiss the larger image, press ESC or tap outside the image.
As an example, consider the Windows File Explorer. There are several view options such as details, list, and several sizes of icons. Choosing any of the icons options will display thumbnail images of some graphics files. This is useful when you're looking at a directory with a lot of gif, png, or jpg files. It should be equally useful if you have a directory full of Adobe Photoshop psd files, but it isn't.
That's because Microsoft hasn't bothered to have its developers create the code needed to show thumbnail images for psd files. Why? After all Photoshop has only been around for about 33 years. Well, we could spend a lot of time trying to figure out why Microsoft doesn't create a function that is so obviously essential. By default, the Windows File Explorer won't display thumbnails for a lot of file types.
When you've grown sufficiently weary of that shortcoming, start your browser and visit the SageThumbs section on SourceForge. Download the free application and install it.
Then selecting one of the icon views in Windows File Explorer (or Q-Dir if you prefer it) will display thumbnails for psd files and more than 150 other file types. This raises the question: If someone who has developed a free application can provide thumbnail images for more than 150 file types, why can't Microsoft's developers manage to do this. Avoid those thoughts and questions because that way lies madness. Instead, just download SageThumbs, install it, and carry on.
But, surprise! That's not all SageThumbs can do. Right-click an image and the context menu will display SageThumbs options to send files via email and convert files to more common formats such as jpeg, bmp, or png.
The program options dialog allows user to enable or disable support for any file type. If another program already displays previews or you don't want to see previews in the Windows File Explorer, you can disable the file type there.
SageThumbs is a free open-source application. It works well. It provides features that Microsoft doesn't and offers even more useful capabilities. What's not to like?
When 35mm cameras were introduced in the 1930s, they were revolutionary. Instead of sheet film cameras that were slow and cumbersome, a 35mm camera could be carried in one hand. The quality wasn't as good and many professionals ignored them for decades. By the 1950s, 35mm rangefinder cameras were the clear choice of serious amateurs. Professionals started using them in the 1970s. But have we reached the end of the line?
My father had an Argus 35mm rangefinder camera. I bought my own Pentax single-lens reflex camera around 1963 and a Nikkormat less than 10 years later. My choice was Nikon for many years, but then I switched to Canon. How many people do you know who carry around a 35mm camera these days? I even leave the Canon at home most of the time and carry a Sony point-and-shoot camera. But a smart phone is often my choice.
The smart phone can't take a series of a dozen photos in a second, but I rarely need that ability. It doesn't have much of a zoom range. The camera in the smart phone does a good enough job most of the time. Professional photographers won't use smart phones for commercial jobs because they need the capabilities provided by professional cameras, but how many professional photographers are left? The choices for amateurs is wide. Here are a few examples, mainly at the high end of the spectrum:
Click any small image for a full-size view. To dismiss the larger image, press ESC or tap outside the image.
You may have noticed that I said these cameras take high-quality or good-quality exposures. Exposures, not pictures. The quality of the picture depends entirely on the photographer's capabilities. That leads me to the device I use more than any other for normal family pictures: A smart phone.
The Google Pixel 6 Pro costs $900, fits in my pocket, and creates technically good jpeg exposures that rival those from the Sony RX100 and can even capture raw images. In addition to taking photographs, the Pixel 6 Pro can send and receive email, visit web sites, tell me how to get from one location to another and estimate my arrival time, show me office documents and the schedule for upcoming TechByter programs, send and receive messages, display real-time weather information, show newspapers from around the world, let me play games, show streaming video, wake me in the morning, keep track of my calendar, and remind me about tasks.
Oh, and it also makes phone calls.
Professionals will continue to use digital SLR cameras and the new mirrorless models, but I have to think that the camera market for all but the most serious amateur photographers is soft and nearing collapse.
We didn't know it then, but the 2002 TechX NY was to be the final gasp of PC Expo. The number of participants dropped, the Javits Center wasn't close to being full, and some companies pulled out at the last minute. I was still hopeful prior to the event:
There's still time to register for TechX NY (with PC Expo) and several other programs. The trade show is probably smaller this year than it has been in a decade or more. During the dot-com craziness, it wasn't unusual to find nearly 1000 exhibitors, many of which had no business being in business. The trade show filled the entire main exhibition hall at Javits Convention Center, all of the (slightly) smaller ground floor exhibition hall, and even a small exhibition space up on the third level by the press room.
In the wake of the dot-com implosion, last fall's terrorist attack on the World Trade Center, and a recession, the trade show is smaller. Not "small". Just not as big as it used to be.
This year's show is limited to the main exhibition hall. In many ways, that's a good thing because my meeting schedule often took me from the far northwest corner of the lower level to the far southwest corner of the upper level -- about a 10-minute walk. This year everything but the press center will be on the same floor.
And instead of trying to see and make sense of offerings from 1000 companies, there are fewer than 400. In addition to the "PC Expo" trade show, there are also other specialized events such as "Digital Video Expo", "Mobile Connections", and a conference on "Technology, Continuity, and Security". Outside TechX NY there are "invitation only" events such as Digital Focus, Mobile Focus, ShowStoppers, and a variety of briefings and receptions. So you don't have to worry about me being bored.