How to have a Merry Christmas

Posted on by The Old Wolf

Well, according to one math professor, this is how it’s done:

  1. CodeCogsEqn
  2. CodeCogsEqn (1)
  3. CodeCogsEqn (2)
  4. CodeCogsEqn (3)
  5. CodeCogsEqn (4)

Funny. But all joking aside, Oxfam has come up with a practical formula for knowing whether or not you’re really enjoying the holidays, and it looks like this (and there’s no reason this wouldn’t work for Chanukkah as well):

formula-oxfam

That’s a bit more complex; here’s what it boils down to as a “word problem”:

“It’s great to see that ultimately, happiness at Christmas comes down to quite simple things, such as enjoying time off work to spend with friends and family.”

Key ‘happiness factors’ include:
• Number of calories consumed on Christmas Day (any more than 7,000 calories and you’ll be too stuffed to enjoy yourself)
• Amount of time off work (just one day off boosts happiness by 70%, with three weeks being the optimum amount)
• Centimetres of snow (15cm is ideal)
• Family arguments (more than five and happiness levels plummet)
• Number of hours spent trawling the shops for gifts (any more than 10 hours and shopping-induced stress sees happiness decline rapidly)
• Miles driven to see friends and family (0 miles is ideal, with 500 miles generating a 40% reduction in happiness levels)
• The number of gifts you receive has an impact on happiness (6 gifts gets you to optimum happiness levels), but….
• ….most crucially, how many gifts you give (even giving just one present makes a huge difference to happiness levels, increasing Christmas enjoyment by 50%).

To estimate your score, visit the original article. (But we need a bigger picture of the formula there.)

The Old Wolf has spoken.

Why I love reddit

Posted on by The Old Wolf

Yes, it can be a tar pit of trolls and Not Safe For Work posts, but if you arrange your settings to filter out the garbage, it’s also an amazing community.

Example 1:

  1. User /u/thespite posts a clever way to send a holiday greeting using Google Maps. You can try the Holiday Message yourself.
  2. User /u/benlaor tries it, and discovers a picture of his beloved dog of blessed memory. He wrote: “Thank you, thank you, thank you for this. You don’t understand what happened because of this video.I have never looked at my house on street view before (strange, huh?). This was the first time. The images for Israel are a few years old, probably around 5 years in most cases.

    At the end of the video it lets you just look around freely. I look around my house, look over at my parking stop, and there he was. Lazying about in the sun was my plump little fatass of a dog, who was my favorite thing in the world until he died a few years ago. I have almost no pictures of him due to my not backing anything up and my HDD being destroyed in a power surge.”

  3. User /u/jangoo identifies the location.
  4. User /u/thespite extracts a high-res image
  5. User /u/fatty_tines creates a lovely color drawing of the dog.
    tS2shSI
  6. Tears all around.

Example 2:

  1. User /u/LE_POOR_MERIT has a teenaged son who does an awesome drawing entitled “Who Dares Summon Chrismotron?”
    egQ6lO5
    ©2014 “Unknown ben LE_POOR_MERIT”
  2. User /u/pohjankonna, a freelance artist from Finland, does an amazing digital rendering of the drawing
    Chrismotron
    ©2014 Pekka Veikkolainen
    and makes this offer: “You have of course the permission to print & frame it, after all I took the original without asking first! I do have a slightly larger version that I can send you. Better yet, I could also send you the original Photoshop file with all the different layers on it, if your son would be interested in deconstructing the painting to see what it’s actually made of (kind of a step-by-step view to creating a digital painting).”
  3. Tears all around.
  4. For those interested, a wallpaper version.

Keep in mind these people don’t know each other from Adam’s off ox. They’re just regular people being awesome to one another for no good reason, which is what the best of humanity is all about. Also, these are only two recent examples; similar things happen all the time on reddit. It always lifts my spirits to read about one.

The Old Wolf has spoken.

How to get your senators’ and representatives’ attention on any issue without being a wealthy donor

Posted on by The Old Wolf

Seen at reddit: Protip from a former Senate intern, with thanks to /u/SomeKindOfMutant.

This is worth sharing, since most of us are not among the 1% who have access to government:

An email to your senator or representative may result in a form letter response and a phone call to the office may amount to a tally mark on an administrative assistant’s notepad. But, for any given policy concern, if you want to get their attention a letter to the editor in one of your state’s 5-10 biggest newspapers that mentions them specifically BY NAME is the way to go. If your message is directed to your representative, pick a newspaper that is popular in your district.

That is the crucial thing to know–the rest of this post is an explanation of why I know this is true.

I know this because, when I interned in the D.C. office of a senator one summer, one of the duties I shared was preparing a document that was distributed internally both online and in paper format. This document was made every day and comprised world news articles, national news, state news, and any letters to the editor in the 5-10 largest newspapers within the state that mentioned the senator by name. I was often the person who put that document on his desk, and it was the first thing he read every morning after arriving to the office.

I began to suspect that this was standard operating procedure because several other senators’ offices share the same printer in the basement of the Russell Senate Office building, and I saw other interns doing the exact same procedures that I was involved in.

Since the internship, I’ve conferred with other Senate and House employees past and present and determined that most–if not all–offices use essentially the same procedure.

Usually when I write or call or email a senator or representative, I get the expected form letter in return. Recently I was actually contacted by a staffer at Orrin Hatch’s office who had some more questions about a letter I wrote regarding the regulation of money-transfer services like Western Union who are participating in so many Nigerian scams. It was gratifying.

That said, this is an excellent tip.

The Old Wolf has spoken.

Don’t Help the Scammers

Posted on by The Old Wolf

There’s an old joke circulating out there that occasionally crops up in people’s inboxes:

You have just received the [Amish/Polish/Aggie, etc.] Virus! Because we don't know
how to program computers, this virus works on the honor system.
Please delete all the files from your hard drive and manually
forward this virus to everyone on your mailing list.
Thanks for your cooperation.

It goes without saying that this would be a Bad Idea. That said, there is a very current scam going on which I ran across yesterday, in which the victim is carefully walked step-by-step through the operations necessary to allow Bad Guys to take control of their computer. I referred to it in a previous post, but here’s the complete run-down.

While researching spoofed and phishing URLs, I decided to use a misspelling of a popular website as an example. I typed in http://www.micorsoft.com (DO NOT DO THIS!) and discovered a rat’s nest of scam operations embedded in this one redirect.

According to WHOIS, the domain is registered thusly:

Domain Name: MICORSOFT.COM
Registrar: EPIK, INC.
Whois Server: whois.epik.com
Referral URL: http://epik.com
Name Server: NS1.DNSLINK.COM
Name Server: NS2.DNSLINK.COM
Status: ok
Updated Date: 19-oct-2014
Creation Date: 13-oct-2001
Expiration Date: 13-oct-2015

Epik is a domain-name registry service, so beyond that I don’t have the chops to dig deeper and see who is really running this operation, but this much I know – they’re wastes of human cytoplasm.

This domain redirects to a number of different scams.

1) You’ve won a prize!

Prize1

Here’s the first popup. The URL is your typical scam alphabet soup address.

Prize2

After answering four inane questions about age, whether you shop on line, gender, etc. you’re presented with this:

Prize3

Well, of course I qualify. You think the scammers would turn down a sucker? No, I didn’t win a prize, I won a “chance” for a grocery gift card. Call the number, and what you hear is “Congratulations! Won a chance to win a gift card!. Stay on the line to complete your entry! Dingdingding your initial entry has been registered, but stay on the line for other additional offers!” You then are bombarded with advertising. Since I used Google Voice to call, there’s no way they could possibly know who is calling or how to contact you if you were really a winner – this is just spamvertising, pure and simple.

2) The Random Cybersquatting Page

Next, i was redirected to this horrific URL:

http://www.searchnet.com/Search/Index?
utm_source=8&utm_campaign=AuctionErrorWithInfo&utm_term=XP%20Home%20Premium;
Microsoft;microsoft;download%20internet%20explorer%2010;microsoft.com;www.microsoft.com;
microsoft%20windows;window%20live%20messenger;servers%20xp;microsoft%20help%20support;
microsoft;microsoft%20help%20center;online%20ms%20training;
microsoft%20programs;xp%20small%20business%20edition%20;downloads;
microsoft.com;windows%20updates&utm_medium=Ciclostare32

User Nokkenbuer at WOT (Web of Trust) posted on 09/21/2014:

  • I don’t trust
  • Malware or viruses
  • Poor customer experience
  • Scam
  • Misleading claims or unethical
  • Privacy risks
  • Suspicious
  • Spam
  • Potentially unwanted programs

This website was involved in redirecting me to a malicious site after accessing a typosquatter website (http://www.micorsoft.com/). I do not trust it and may aid in infecting your computer with unwanted malware, spyware, or grayware.”

By the way, if you don’t have the WOT extension on your computer, I’d recommend it. It gives you advance warning of sites that have been flagged as malicious, like this:

Wot1

For any site, you can always “read more” to see what users have said. It’s wise to do, because on occasion a website was flagged early for suspicious behavior, but domains change hands and it could be a legitimate site at the present time. User comments will usually reflect this. At all events, you have the option of leaving before you actually visit a potentially dangerous website. Sign up, and you can leave your own feedback for websites as well.

3) Is Your Computer Running Slowly?

slow1

If you click OK, you’re directed to this page:

 Slow2

This one looks slick and official, but it’s a solid guarantee that if you call that toll-free number, you’re at risk for being scammed or having your computer infected or both.

4) The Scare Tactic

This is the one I referred to in my earlier post, and today I followed up on the game to see how it plays out.

Viruse2

This page is a little different than the first one I encountered; it doesn’t mention specific viruses, but includes an annoying, repeating, and loud chirp to add urgency to the scam. If you try to navigate away from the page, you get this:

virus1

If you bite and call the number (855- 979-7382) you will be connected to a polite-sounding Indian or Pakistani boiler-room worker who will engage you as follows:

  1. I was asked kind of problems you are experiencing, what kind of computer I am running, and what my operating system is.
  2. On a Win7 box (your mileage may vary for other operating systems) I was asked to hit “Windows-R” to open the Run dialog, and then type in “MSConfig” and hit enter. This is harmless, but displays running services on your computer.
  3. I was asked if more than 15 services were stopped?
  4. I responded that yes, more than 15 services were stopped.
  5. The agent informed me that since more than 20% of my services were stopped, my system was vulnerable to application errors. Once Windows 7 has services stopped, that is the main problem. This, of course, is utter bulldust, but is technobabble enough to flummox most callers who get this far.
  6. I was told that we need to check why these services are stopped. Again directed to the “Run” dialog, I was instructed to type in “hh h” and hit “Enter”. This brings up the HTML Help Window, which “Cannot be Displayed.”
    Help1
  7. I was instructed to hover my mouse over the little question-mark icon in the window, and select the “Jump to URL” option.
    Help2
  8. I am presented with a dialog box, and asked to enter the specified URL:
    Scam3
    N    ote: This is a sneaky way to get you to visit a website, instead of typing it directly in the URL bar.
  9. Once this is done, I am directed to this website: https://secure.logmeinrescue.com/customer/code.aspx
    Login
    This is a website which allows outside users to take control of your computer, usually for tech support reasons. If you trust the party on the other end it can be useful, although I prefer to use TeamViewer.
  10. Before proceeding, the agent had me run inetcpl.cpl, click on the connections tab, and ensure that no proxy was being used.
  11. Having done this, the agent instructed me to enter the code 941073, and hit “Enter.” He asked me what I saw on my screen.
  12. At this point, I told him the only thing I saw was myself closing Chrome, because I had no intention to give control of my machine to a bunch of scammers, and hung up.

There are enough methods out there that the Bad Guys can infect your computer if you’re not careful, but helping them with the process is generally a Lousy Idea.

Be careful out there.

The Old Wolf has spoken.

Taking the High Road with a Scammer

Posted on by The Old Wolf

Man-shouting-into-a-phone-012

Photo: Alamy

If you follow my blog, you’ll know it has become somewhat of a warning beacon against scams and frauds, which little crusade began after my own mother was scammed by cross-border fraudsters out of a large chunk of her savings.

Here, however, is an interesting article from The Guardian entitled “How I Talked a Scammer Into a Better Life Choice.”

Written by Amanda Willis, it describes her conversation with a Pakistan-based boiler-room worker who was trying to get her to download malware. The results were encouraging, and worthy of being shared. Her entire essay is definitely worth a read.

The tagline of the article is “Getting angry with fraudsters dehumanises them, but if we engage them in conversation we might be surprised by the results.”

Unfortunately, many scammers who are directly involved in criminal enterprises become frighteningly abusive when confronted with their scam, and I’m not sure I want to get involved with inviting that sort of negative energy into my life. But the principle at work here is the one found in Proverbs 25:21-22:

If thine enemy be hungry, give him bread to eat; and if he be thirsty, give him water to drink:For thou shalt heap coals of fire upon his head, and the Lord shall reward thee.

The Old Wolf has spoken

Phishing: Watch the URL’s

Posted on by The Old Wolf

Had this in my email this morning:

Bank of Ireland
Well, it looks official enough, and I don’t even see any major grammatical errors or the kind of Nigerian English that usually function as a dead giveaway for a scam.

So, if you click the embedded “Click here” link (SOMETHING YOU SHOULD NEVER DO), where does it take you?

To http://365.bankofireland.com-zeyqfqjj.taole.com.br/boi-ireland/index.php,

a phishing website that has already been deleted.

Anyone can create a domain name and have it registered. I could register this name right now:

microsoft-walmart-bankofamerica-ramalamadingdong-whackamole-boom.com

The fact that a corporate name appears in an URL is no guarantee whatsoever that you’re on that company’s website. Have a look at the real Bank of Ireland 365 URL:

https://www.365online.com/online365/spring/authentication?execution=e1s1

That “https” in red up there indicates that you are on a secure site, meaning that communication between the website and you is encrypted and can’t be intercepted/read by bad guys. You should always look for that “https” on any website where you will be entering sensitive information: banking, internet shopping, login pages, etc.

Have a look at some different URLs, some real and some fake:

paypal.com: Real
paypalsecure.com: Fake (The name contains PayPal, but is not valid)
paypal@accounts.com: Fake (Watch out for @-signs and dashes in a name)
paypal@150.44.134.189: Fake (The root domain is an unknown IP address)
http://www.paypal.com/signin/: Real (Even though the address is longer, “paypal.com” is the last thing before the first “/” in the address.

microsoft.com: Real
microsoft.verification.com: Fake (The root domain is “verification,” not Microsoft.)
purchase-microsoft.com: Fake (The hyphen instead of a period)
signin.microsoft.com@10.19.32.4/: Fake (The root domain is an unknown IP address)
micorsoft.com: Fake and dangerous (The name of the company is misspelled)¹
microsoft.com/en-us/default.aspx: Real (Even though the address is longer, “microsoft.com” is the last thing before the first “/” in the address.)

  • The company name (i.e. paypayl, microsoft, etc.) should be the last thing, or the last thing before the first “/” in the address.
  • Beware of hyphens or other symbols in names, or 4-part numbers like “192.168.0.0” which are IP addresses.
  • Be wary of country suffixes like “br,” “za,” “cr,” etc.
  • An address does not have to contain “www.” to be valid.

For those wondering, what’s an “URL” anyway?  It stands for “Uniform Resource Locator“, a pointer to a specific internet address.

12812.strip
Dilbert

Here’s a typical clueless manager trying to “add value” in an area he knows nothing about, and giving his savvy tech worker a month’s vacation at the same time.

Be careful out there.

The Old Wolf has spoken.

¹This particular misspelling is especially malicious. It redirects to a number of bogus or dangerous websites, ,including this one: http://104.143.5.145/perror2.php:

scam

If you land here, your computer issues a frightening-sounding beep and presents you with the above screen. You will be unable to dismiss the tab or even close your browser until you have clicked a hidden box that says “Prevent this page from creating additional dialogs.”

If you call the number, a female-sounding computer-generated voice informs you that if you are experiencing problems with viruses or a slow PC, to  please press “1”. I did so, and got no answer. The assumption is that if anyone answered, they would walk you through steps necessary to download malware to your own machine, or ask for credit card details for some bogus cleaning software.

Edit: Just as I thought. This morning I called the number and got a very polite foreign gentleman who walked me through the steps needed for him to control my computer and download Mogg knows what. A full post on the encounter will follow.

The Next “Miracle Weight Loss Herb” – Caralluma Fimbriata

Posted on by The Old Wolf

According to Wikipedia, caralluma ascendens, another name for caralluma fimbriata, is an edible form of cactus used throughout the Indian subcontinent as an appetite suppressant, or so-called “famine food.”

Leave it to the snake-oil hawkers to turn this into the next big thing they can make a few bucks on.

Got an email today from a “friend,” one whose email account or information had been compromised:

From: Redacted

To: store-news@amazon.com, ChaseNotification@emailonline.chase.com,

…snip… pmlncc@kkwl.ac.th, mrs.phillipjones@live.com

Subject: [Redacted]

Hi! How are you?

It works! http://nationalbranding.com/probably/dead.php

[Name Redacted]

These spoofed emails are so transparent at this point that I can smell the fraud before I even open them. But, in the interest of public service, I follow these links to see what new scam is being perpetrated on the general public.

Today’s bowl of steaming camel ejecta led me to a website hawking caralluma, the new New NEW weight-loss miracle.

Landing

This is the same kind of affiliate marketing effluence that I have described elsewhere (just do a search at this blog for garcinia cambogia, for example).  Notice the tiny print below “ACT NOW!” that obligates you to a monthly $10.00 charge. But in the end, they’re less concerned with selling you their product as they are about getting your information which in the long run is much more valuable to them than a single sale.

Smell the foul rot of desperation as we proceed through the following screens:

Hook7

The first come-on is BOGO. If we don’t fall for that, we get this:

Hook1

Wait wait wait! OK, what now?

Hook2.jp

One of 50 customers, huh? Wow, I must really be special. But I guess I’m not really interested after all.

Hook3

Wait wait wait! Wow, a free trial bottle, and the offer is good for only 10 minutes! Shall we look and see?

Hook4

Now this is a wondrous thing. Instead of caralluma, I’ve been sent to a page to order garcinia cambogia. Looks like the affiliate marketer forgot to update his previous campaign.

Hook5.jp

More desperation.

Hook6

Now the bottle is free, and I only have to pay 99¢ for shipping. But remember, I’m still providing my credit card information, and obligating myself to that $10.00 per month “subscription.” Once these drones have your financial information, they are in a position to bill you for anything they want, or sell your credit card and personal information to other scumsuckers.

It’s all garbage, poorly-crafted but sadly effective affiliate marketing for products that have little or no value, or worse, are actually detrimental to your health.

Be careful out there.

The Old Wolf has spoken.

Another “Domain Registration” Scam

Posted on by The Old Wolf

Edit: 5/26/2025 – Still going on. Mail received from “Domain Name Services” in Buffalo, NY. They want $265.00 for a 5-year renewal

Here’s some junk email that showed up this morning:

ATTENTION: IMPORTANT NOTICE
Domain SEO Service Registration Corp.
Order#: 780438
Date: 12/14/2014

EXPIRATION NOTICE

DOMAIN: [redacted]

Notification Offer
EXPIRATION DATE: 12/22/2014

Bill To: [Redacted]
Domain Name: [Redacted]
Registration SEO Period: 01/05/2015 to 01/05/2016
Price: $64.00
Term: 1 Year

SECURE ONLINE PAYMENT

Domain Name: [Domain Name Redacted]
Attn: [Owner Name Redacted]

This important expiration notification notifies you about the expiration notice of your domain registration for [edited.com search engine submission. The information in this expiration notification may contain confidential and/or legally privileged information from the notification processing department of the Domain SEO Service Registration. This information is intended only for the use of the individual(s) named above.
If you fail to complete your domain name registration [edited].com search engine service by the expiration date, may result in the cancellation of this domain name notification offer notice.

PLEASE CLICK ON SECURE ONLINE PAYMENT TO COMPLETE YOUR PAYMENT.

Failure to complete your domain name registration [redacted] search engine service process may make it difficult for customers to find you on the web.

CLICK UNDERNEATH FOR IMMEDIATE PAYMENT

PROCESS PAYMENT FOR
[Domain Redacted]
SECURE ONLINE PAYMENT
ACT IMMEDIATELY

This domain registration for [Domain Redacted] search engine service notification will expire 12/22/2014.

Instructions and Unsubscribe Instructions:

You have received this message because you elected to receive special notification offers. If you no longer wish to receive our notifications, please unsubscribe here or mail us a written request to Domain SEO Service Registration Corp., 5379 Lyons Rd. 452, Coconut Creek, FL 33073. If you have multiple accounts with us, you must opt out for each one individually in order to stop receiving notifications notices. We are a search engine optimization company. We do not directly register or renew domain names. We are selling traffic generator software tools. This message is CAN-SPAM compliant. THIS IS NOT A BILL. THIS IS A NOTIFICATION OFFER. YOU ARE UNDER NO OBLIGATION TO PAY THE AMOUNT STATED UNLESS YOU ACCEPT THIS NOTIFICATION OFFER. Please do not reply to this email, as we are not able to respond to messages sent to this address.

Notice several things about this garbage:

  1. The emphasized text in the spam disclaimer, written in tiny, gray print so as to be ignored, states clearly that you are signing up for worthless services, not domain registration. This shows the blatant deception being perpetrated here.
    disclaimer
  2. It’s designed to look like an invoice. There are, sadly, many unwitting office managers and secretaries and even executives who will take one look at this, pay the invoice, and kiss their money goodbye.
  3. The “registration service” being offered comes from http://www.domainrseo.net/, which has been flagged by Web of Trust (WOT) as Phishing, Scam, Potentially illegal, Misleading claims or unethical, and Spam site. The two posted comments are informative:

User Carl Legg posted on 11/29/2014

WARNING: New Internet scam out of a shoebox office in Florida. Called Domain SEO Service Registration Corp. It’s the same, tired old false flag operation.

1.) Perpetrator looks up domain names (owner contact information is public)
2.) Perpetrator e-mails domain-name owner with an official looking “Payment Notice”
3.) Threatening “expiration” deadlines are made in the Payment Notice
4.) Payment notice written in legal-technical gobbledegook to scare people into paying.

The perp makes it look like you are renewing your domain name, but in reality, and through some seriously twisted use of English language (that leaves one’s head swimming), you are signing up for one year of expensive search-engine optimization. Many people would not understand this, and the perp wants it that way.

Registered in Florida, but likely owned by a Hong Kong firm? Hard to tell. Here’s the registration data:

Florida Profit Corporation DOMAIN SEO SERVICE REGISTRATION CORP.
Filing Information Document NumberP14000093458
FEI/EIN Number NONE Date Filed 11/17/2014 State FL Status ACTIVE
Office/Director/Agent: TAUBERT, MATTHIAS (Matthias Taubert)
Principal Address 5379 LYONS RD. (452), COCONUT CREEK, FL 33073″

User eden-g posted on 11/29/2014
“Scam site engaged in misleading illegal activity owned by Chinese criminal Zhu Bing.”

I can’t speak to the source of the name in the second comment, but whoever is behind this scam is a dirtbag.

Be very careful out there. Domain registration scams are rampant, SEO firms are, for the most part, offering useless and expensive services, and most unsolicited commercial email is deceptive.

The Old Wolf has spoken.