Archive for the ‘Uncategorized’ Category

One of the first things I discovered in Second Life is that you need money to buy land or rent a shop front.
(more…)

I have to admire these strange and intricate works of art created by digital artist Alex Dragalescu.

This series of 3D digital portraits inspired by internet security threats was commissioned by the internet security firm MessageLabs.

Subjects include Phishing, the Netsky virus, the Ghost spyware program, Trojanagentil3, Russian 3 spam, and the Storm botnet.

Once the site was ready enough to go online, I added Statcounter code and set it up to send me weekly summary reports by email. I’ve also written about each week’s triumphs and mishaps in more detail, to be serialized here in this blog (woohoo, exciting!) – just choose the
‘Launching a local directory’ category of posts to read all of them.

As a brief summary to anyone reading this post first, the website is a Joomla / Sobi2 based local directory for the county of Devon, which accepts family friendly free listings with a focus on arts and environmental groups, and offers paid-for extra features such as maps, galleries, ecards etc (some of which are free for artists and environmental groups).
(more…)

Here’s why I’m convinced that spam can’t all be entirely automated: I noticed some funny names cropping up as supposed email senders for a while and started collecting some of them:

Bulks P. Upbraiding
Unknown H. Litterbug
Ministerial B. Blab
Oxygenation J. Woozier
Outsides A. Postmark
Yuck Q. Infections
Impotence K. Sikh
Alphard L. Trampled
Kickoff J. Boyle
Dumfounding D. Flight
Atrocities L. Heretical
Disadvantageously G. Anniversary
Bricklayer B. Invasive
Profiting S. Agglomerates
Rashest D. Quintessential
Helm S. Malign

Boring day at the Spam office? It’s almost good to see some of this!

During our recent trip to visit my mother in law in California, we spent a few days in San Diego, where the local magazine was running a story about Second Life.

Like many others, I’ve been wondering about the virtual world known as ‘Second Life’ for quite a while, wondering, for example, if I’d ever get round to checking it out.

Unlike many others, what I also wondered is why is Second Life ok when Everquest was not considered cool? I decided to check it out and see if Second Life is really the way forward and so much cooler than fighting snow leopards in Everfrost Peaks and Halas. This post will be the first in a series investigating Second Life and the opportunities it offers.

Personally I liked Everquest a lot, so I had mixed feelings about Second Life from the start: on the one hand that it couldn’t be as good, but on the other hand it held the potential of many of my favourite aspects of Everquest – exploring the virtual world and so on, without having to do any fighting. It’s also free to get a basic membership.

From the San Diego Reader, I discovered that much of it’s popularity comes from the potential for members to create their own content, and also to give away, sell, rent or advertise their creations.

The attractions for designers and programmers are obvious, but some have also been able to make a living out of this.

This capability has drawn in entrepreneurs, and led many bigger companies and organisations to establish a Second Life presence (3).

Apparently Second Life now has some 8.5 million players worldwide, of which the majority are in the US. However, the game has seen a jump in popularity in the UK over the past two years, with several thousand Britons believed to now be regularly trading through the site.
“Some make over $10,000 a month, selling virtual goods. It’s an excellent tool for nurturing entrepreneurial skills as you learn the ‘art of doing business’ without taking major risks.” (1)

In the last year Second Life incomes have become widespread enough that HM Revenue and Customs has begun investigating people who are making real-life profits in Second Life (4). The same tax rules apply to internet trading as to any other form of trading and HMRC has a bot, known as Xenon, which trawls the internet in search of people who use the web to trade but don’t pay taxes. It would be possible for Xenon to track down someone who was making substantial profits through a game such as Second Life.

So is it possible to make money in Second Life? Yes. Is it fun and easy money? Well I just don’t know. So I continued my investigation to find out more about how money works in Second Life (more about this in the next post).

So is Second Life cooler than EverQuest? No. It isn’t a game, but it’s more like the Web: in part a great place for technical development and creativity, in part featuring greater encroachments by big businesses, and in part being infiltrated by get-rich-quick schemes dependent on spammy invasions of privacy.

I wouldn’t be surprised if those things happened in that order, as they did on the web. I would guess there may have been a golden age of Second Life, as there was in the early days of the web, but from now on we will mostly be hearing about whether it is influential, brand-building or profitable.

But these are early days for me, and somewhat coloured by the first ‘popular places’ I visited there (more about these in my next Second Life post). I can also see that Second Life does hold enormous potential, both for expressing creativity, earning money, influencing others, testing various skills in a safe environment and even experiencing things which are not possible in the real world (like flying). So despite some slight initial disillusionment, I’m looking forward to spending more time there.

(1) Virtual reality is serious business

(2) The Second Lives of San Diegans

(3) Virtual Visions

(4) Tax office tackles growing trade in virtual items for real money

(5) Second Life website

(The first couple of months, warts and all)

View all blog posts about launching my local web directory.

Background: I’ve been working on a Devon directory with a focus on promoting arts and environmental concerns alongside general clubs, blogs and business listings.

Summary: Once the website got to the point of being presentable enough, I started gradually making it more available, while continuing to work on the site, and beginning to actively promote it. This is how I did that and what happened.
(more…)

In the last month, I have seen many many phishing scams pretending to be emails from banks. I will post some here in case it helps clear up any confusion. As I am not a customer of any of these banks (nothing personal!), I am convinced that every one of these is a phishing email:

The first ones to appear targeted Royal Bank of Scotland customers, followed by the Alliance and Leicester, NatWest (National Westmainster) and Sparkasse, which appears to be a bank in Germany.

The following are examples of the phishing emails:

The Royal Bank of Scotland: please read this message! (message id: 5992548690)
The Royal Bank of Scotland
to Faust_lehmus

22 Oct
(well done to my Firefox ‘Better Gmail’ extension for catching this )Warning: This message may not be from whom it claims to be. Beware of following any links in it or of providing the sender with any personal information. Learn more

Dear customer of The Royal Bank of Scotland,

RBS Customer Service requests you to complete Digital Banking Online Form.

This procedure is obligatory for all RBS Digital Banking users.

Please click hyperlink below to access Digital Banking Online Form.

(link removed, domain name began with rbsdigital-id)

Please do not respond to this email.

—————-

The Royal Bank of Scotland © 2007

(NB Remember, these are Phishing emails not the real thing)

Alliance and Leicester Mobile Banking – Not. This one was scarily realistic looking, but when you hover over the links you can only see an IP address. Also, as I said, I’m not one of their customers:

Know what your money’s doing – whatever you’re doing
from Alliance & Leicester Business Banking hide details 26 Oct
date 26 Oct 2007 17:16
subject Know what your money’s doing – whatever you’re doing

Dear Alliance & Leicester Commercial Bank Customer,

MONILINK™ Mobile Banking

Know what your money’s doing – whatever you’re doing

As an Alliance & Leicester Business Banking, when you register for Mobile banking through Internet Banking and use the service before 31st December 2007, you will receive ?5.

Plus we’re offering FREE Mobile Banking to all new and existing Mobile Banking customers until 31st December 2007. So register today – MONILINK is also free to download!

If you are an Internet Banking customer, simply log in to Internet Banking as normal and select Mobile Banking from the left hand menu to follow our simplified registration process, allowing you to start using Mobile Banking straight away!

If you’re not an Internet Banking customer, there is still a quick and easy way to register; just choose the “All other customers” button on the right hand side.

MONILINK™ Mobile Banking

With MONILINK™ Mobile Banking you can:

-Check your account balance*

-Request a mini-statement*

-Add credit to up to 5 pay as you go mobile phones, direct from your current account for no extra charge

Access account information 24/7, even abroad*

Mobile Banking Security

You can rest assured that your information is secure. Your details are protected by a personal Passcode and any information displayed is automatically deleted. No personal details are stored on your mobile phone.

To register for MONILINK™ Mobile Banking all you need is a compatible mobile phone and your Alliance & Leicester debit card.

MONILINK™ Mobile Banking

(NB Remember, these are Phishing emails not the real thing)

Phishing email aimed at Nat West bank customers:

Urgent security notification for client of the NatWest Bank! (message id: d88545068688fi)

National Westminster Bank Plc
to Mansurmerrifie.

show details
08:33 (6 hours ago)
(better Gmail caught this again!) Warning: This message may not be from whom it claims to be. Beware of following any links in it or of providing the sender with any personal information. Learn more

Dear National Westminster Bank (NatWest Bank) customer,

We regularly perform scheduled maintenance for our OnLine Banking customers. We intend upgrading our OnLine Banking security server for better online services.

In order to ensure you do not experience service interruption, you are required to complete our OnLine Banking Customer Form by following the secured hyperlink below:
(left this link but unlinked it because of a couple of odd things: firstly it’s not a secure link, as a secure link would be https, not http:, secondly, a whois check shows that Nat West bank does own natwest.com themselves, so something else must be disguising the destination of this link, and thirdly, what does that Referrer ID number do?)
p://www.natwest.com/securesession/action.aspx?refererident=78 (long number, needs a line break!) 8533442182465046534329762369580434607716155702425

Thank you for banking with National Westminster Bank, the industry leader in safe and secure online banking.

National Westminster Bank Customer Service

—————————————————————————-

National Westminster Bank © 2007

(NB Remember, these are Phishing emails not the real thing)

Another one aimed at NatWest:
Your Online Account With Natwest Bank!
NatWest Bank
to annabel

show details
5 Nov

Dear NatWest Bank customer,

NatWest Client Service Team requests you to complete the Customer Confirmation Form (CCF).

This procedure is obligatory for all clients of NatWest Bank.

Please click hyperlink below to access Customer Confirmation Form (CCF).

(link unlinked, redirected to a domain including ‘natwest.co.uk.fwpls.cn’, a subdomain of a Chinese domain name)
ps://www.nwolb.com/default.aspx?refererident=BE34EEE

Thank you for choosing NatWest Bank for your banking needs.

! Please do not respond to this email.

This mail generated by an automated service.

(NB Remember, these are Phishing emails not the real thing)

The email above was obviously so much less convincing a forgery that I wondered if it might even have been produced by the same people to make customers more likely to believe the more convincing looking ones.

(NB Remember, these are Phishing emails not the real thing)

Here’s one aimed at the German bank Sparkasse:
Sparkasse Online-Banking (nachrichtenzahl: q8305588)
Sparkasse
to Faust_lehmus

show details
8 Nov

Sehr geehrter Kunde, sehr geehrte Kundin,

Die Technische Abteilung der Volksbanken Raiffeisenbanken führt zur Zeit eine vorgesehene Software-Aktualisierung durch, um die Qualität des Online-Banking-Service zu verbessern.

Wir möchten Sie bitten, unten auf den Link zu klicken und Ihre Kundendaten zu bestätigen.

(link removed)
Wir bitten Sie, eventuelle Unannehmlichkeiten zu entschuldigen, und danken Ihnen für Ihre Mithilfe.

=================================================

(NB Remember, these are Phishing emails not the real thing)

Personally I’d like to know where that original forged email from ‘Faust_lehmus’ went that is potentially causing me trouble.

It took a village to make this (Devon directory) and it took me several months to complete it.*

I’d been experimenting with Joomla! and Drupal, and one of the first things I found was that Joomla! has several options for purpose built business directory extensions, and Drupal doesn’t have any (at least it didn’t at the time). Joomla also seemed a lot more user friendly. So I went for Joomla.
(more…)

Some of my new site’s registration emails are not being received, so once again I am fiddling about with SPF records.

Here are some useful links:

• SPF setup wizard. This is a good place to start, but then use the validation checked in the next tool as well, because each edit takes hours, or even a day to become updated.
• Scott Kitterman’s SPF tester is a Python tool that can either look up the current SPF record for for your domain, or check the validity a record you enter. I’ve found this very helpful.
• Email this address: check-auth@verifier.port25.com to get a reply containing the results of the SPF check.
• Enter your server’s IP address here to check whether it is blacklisted by Spamcop
• Find out a lot about your domain and server with the DNS report here.

I almost can’t believe it: today I had a returned mail message that actually had come from me. I also recently had a special offer on Adobe products that really did come from Adobe. What’s going on? I’ll be hearing from a genuine pharmacist or dentist next.