loose wire blog

Facebook may have just won a theoretical warchest from a spammer, but it’s not put its house in order when it comes to scams. Indeed, I suspect they’re getting worse. Now you can get infected without even having to visit your Facebook account.

What happens is that, if you have set your profile to receive email updates when someone sends you a message on Facebook, these trojan scams actually make their way direct into your inbox. Facebook is just the vector:

Here’s a message, as it looks in Gmail:

Click on that link and it takes you, not to the Facebook message page, but straight to the dodgy website. In this case the website is still active. It will have a name like YuoTube:

and a YouTube-like interface:

The message in the ‘player’ says “Your version of Flash Player is out of date.” Without you doing anything the download window will appear:

Of course, if you install that you’re in trouble. But are you in trouble if you’ve already visited the page? I’m still working on that.

I’ve been trying to remove a contact on LinkedIn who proudly claims to be one of the best linked people on the planet. Why that’s a good thing I’m not sure, but I noticed I was getting LinkedIn spam—spam to my own email address, but coming via LinkedIn--from this person, so I tried to remove him. 

Turns out that it wasn’t enough. This morning I got an email from another guy claiming to be the best connected person on the planet (“(he is one of the most linked people in the world”) who said I had been referred to him by none other than the LinkedIn spammer guy I thought I’d removed eight months ago. He wrote:

If so, then please accept my connection request. Since I presently have over 8,900 first tier connections, I cannot send an invitation to you because I have exceeded my limit. Therefore, to connect with me and to benefit from the millions of total connections that I have, click here: [LINK DELETED] and enter my email address [EMAIL DELETED].

So what gives? How come someone I removed from my LinkedIn network is able to refer me to someone else who has somehow been able to get my email address despite not being my buddy, nor connected to a buddy of mine? I’m asking LinkedIn about this, but I also wanted to know what happened to the original spammer I’d deleted. Was he still in my system?

Turns out he is.

Removing a connection in LinkedIn is not, it turns out, the same as removing a contact. It seems to work like this (and I might be wrong, because the explanations on LinkedIn are contradictory.)

The FAQ says you remove a connection via the Remove Connections link:

which takes you to a separate list:

What you’ll notice about this list is that, unlike your Connections list, it’s not alphabetical. Well it is, in that you can jump straight to a letter (M, say) but within that list the contacts are not in sub-alphabetical order. A cynic would say this is an extra deterrent to connection-pruning, but I’m not a cynic so I won’t say that.

But you might notice this:

Huh? Good that the connection won’t be notified that they’ve fallen off your Christmas card list, but how come they’ll still be on my list of contacts? And  how does it square with this other note, on the same page, that says:

Note that once this action is completed this individual will not be able to be added back as a connection.

So the person you’ve gone to all this trouble to remove will still be in your contact list—no way that I can see of removing them from there—but you can’t change your mind and then re-add them back as connection. You can, however, re-invite them, and, indeed, they will remain in your contact list as a constant reminder.

(Just out of interest, how do you re-invite someone to be a connection who didn’t know you’d banished them before? How do you explain that, exactly? “Sorry, I hated you before, but now I don’t hate you anymore?” Could be a good lyric in there.)

Confused? So am I? But here’s the kicker: Does the fact that he’s still in my contacts, and that he’s out there, apparently, recommending me to other LinkedIn spammers, mean I’m still in the LinkedIn spammer’s list of connections?

I suspect it does, because he’s still in my list of connections (but not in my Remove Connections list, if you’re still with me) and he’s still listed as 1st in my list of connections—meaning we still have a connection.

In other words, unless this is a glitch, it is impossible to remove a connection from LinkedIn once you’ve established one.

I’m going to ask LinkedIn to shed light on this. But if it’s true, it should give you pause for thought before you accept a connection via the otherwise useful service. It’s one thing to build one’s network. It’s another to find you have no control over that network—and who in that network might use the information you put there—once it’s built.

I sometimes wonder what software companies—Apple, Google, Microsoft, Yahoo!, they’re all the same—want from their customers.

I spend enough time with novice users to know how confusing using computer software can be. Especially online: It’s a scary world out there (they’re right to be scared) but these companies, which should know better, make it more so. By trying to hoodwink into using their products they are undermining users’ confidence in using computers in the first place. If they keep on doing this, expect more people to use computers less—and certainly to install less software, or experiment in any way online or off.

Take what just happened. I use Windows Live Writer to blog: it’s an excellent program, by far the best things Microsoft has done in years, and today it prompted me that an update was available. I duly clicked on the link to download the Writer beta installer:

Only, of course, it wasn’t the installer but The Installer From Hell:

Prechecked are six programs, none of which I have on my computer right now. There’s no single button to uncheck those boxes, and most novice users may not even know they can (note the confusing text above it: “Click each program name for details” and “Choose the programs you want to install”—nothing to explain to novices that these choices have already been made for you, and how to unchoose them.)

It’s not as if Microsoft is trying to sell us smack. This is free software. But it’s very damaging in ways only someone who spends time with real people can understand. Even when the software is installed for example, you get this last little twist of the Knife of Befuddlement:

This might not seem like much, but if you’re an ordinary user, finding your home page all different and your search engine altered to something else can be as disorienting as coming home to find someone’s moved your furniture and the cooker is now in the bathroom. Well, not quite that much, but you get the idea.

Of course Microsoft’s not alone in this. Even Google’s been playing the game, and Yahoo! tries to bundle the toolbar in with pretty much every piece of software that’s ever been downloaded--which also alters the homepage, and default search engine, and probably moves the fridge around as well.

The problem is that the more these companies try to fool us, the easier it is for real scammers to scam us—because what they both do starts to look very similar.

Take this scam that I came across this morning. A splog (spam blog—a fake blog) had used some of my material so when I tried to access the page to find out why, I instead got this believable looking popup

This without me doing anything other than clicking on a link to a blog. A graphic in the background appeared to be checking the computer for viruses, and of course this window is nigh on impossible to get rid of. Try clicking on the red cross and you get this:

Try to get rid of that and you get this:

And then this:

It’s obviously a scam (it’s adware), but it’s darned hard to get rid of. And to the ordinary user (by which I mean someone who has a real life, and therefore doesn’t see this kind of thing as intrinsically interesting) there’s no real difference between the trickery perpetrated by these grammatically challenged scammers, and the likes of Microsoft et al, who try to inveigle their software and homepage/search engine preferences into your computer.

Either way, the ordinary user is eventually going to tire of the whole thing and say “enough!” and go out fishing or, if it’s that time of year, wassailing.

Let’s try to avoid that.

(And yes, the latest version Live Writer is good, though don’t use the spellchecker. Just a shame that it’s made by Microsoft.)

I find that the auto suggestions feature from Google Suggest in the Firefox search box very useful. But perhaps not in the way it was intended.

Google Suggest works via algorithms that “use a wide range of information to predict the queries users are most likely to want to see. For example, Google Suggest uses data about the overall popularity of various searches to help rank the refinements it offers.” In other words,  type one word and Google will tell you the next word most likely to be typed after it. Type “dimitar” and the most likely second word will be “berbatov” (this may not been a lot to non-soccer fans, but trust me, the two words go together like rock and roll for the rest of us):

This can be useful, or at least revealing.

For example, I received one of those awful pieces of spam from Tagged.com that give the whole social networking thing a bad name:

Click on the “Click here to block all emails from Tagged Inc., 110 Pacific Mall Box #117, San Francisco, CA. 94111” and you’re taken to a page where you’re asked to sign in or sign up. A sure sign of a scam if ever there was one; what happened to opting out a la CANSPAM?

So I figured I should Google these clowns and see what’s being said about them. Type their name into the Firefox search box, and then hit the space bar, and this was what Google offered me as the most popular search terms:

Having your product name coupled with “spam” and “scam” in its top three searches can’t be good.

Needless to say, tagged.com is a scam, at least in the way it tries to hoodwink users into signing up and signing up their friends. Here’s how the excellent and resourceful Amit Agarwal recommends you get rid of it from your inbox. It’s a shame that so many apparently good names are involved in something so blatantly anti-social and spammy. At what point do these people feel they’ve lost the game and allow corners to be cut? One of the founders even spoke at last year’s Authentication and Online Trust Summit for crying out loud.

The bigger issue is how to stop these sites from damaging social networking further. But that’s for another day. For now, using Google Suggest is a good quick way to know whether you’re on a hiding to nothing if you even click on a link in one of these emails. Take another scam networking site I’ve written about recently, Yaari. Its Google Suggest juice comes out looking similarly dodgy:

Compare that with something a bit more bona fide, like LinkedIn:

While this is a useful tool for us, I’m guessing that the companies involved are going to be hiring some drones to try to massage these results so they don’t look quite so  bad. \

I was amused, and somewhat perplexed, to read on BuzzMachine yesterday about a bizarre splog—spam blog to the rest of us—which copies text and then converts it to synonyms. Jeff explains: 

New splog tricks

In my ego searches, I just saw a splog that copied text of mine but ran it through ridiculous almost-synonym replacements. I’m assuming this is done to fool Google into thinking it is original content and perhaps to fool the text cops folks like the AP hire.

I still can’t quite work out what the function of this is. But I did come across another one on one of my own ego searches. It took me a bit of time to figure out where it came from. (It’s from Betsy Weber’s blog.)

Here’s the splog text, with the original in italics first. My questions:

• How the hell does group become “Washington entranceway”?
• and member become “sorority girl”?
• I kind of like the fact that loose wire blog has become “Unfixed Twist Blog” and the WSJ has become the “Commodity Exchange Annual”;
• But somehow which you can see here became “which her philander play against hither”.
• And the last two paragraphs are so full of weirdness I don’t know where to start.

Join the New Screencast Group on Facebook

Clique with the Untouched Screencast Colligate in reference to Facebook

Are you addicted to Facebook like I am? I recently joined and find myself checking my Facebook page daily! Facebook is a great way to keep up with friends all over the world. Anyone can join Facebook for free.

Are them addicted up to Facebook freak out on You double sideband? Yourselves before heaped and decree myself checking my Facebook serve weekly newspaper! Facebook is a severe want as far as bear in cooperation with friends under the sun the people. Anyone heap up build up Facebook so footloose.

I was excited to see that Amit Agarwal from the Digital Inspiration Blog recently started a new group in Facebook all about Screencasting (link will not work unless you are a member of Facebook). I'm excited to learn and swap tips with fellow members in the group. I'm in very good company - I know expert screencasters, Beth Kanter and Long Zheng have joined the group. Plus, technology expert Jeremy Wagstaff of the Loose Wire Blog and Wall Street Journal is in there too! Remember Jeremy? He wrote a great directory of screencast resources which you can see here.

I was chafing over against run in that Amit Agarwal off the Radical Direct communication Blog previously started a fashionable Washington entranceway Facebook all nigh about Screencasting (deduction plan not lick excepting alter are a sorority girl re Facebook). Ba'm fidgety into go into training and trading tips with fellow members fellow feeling the peer group. Ba'm in very noble cohort- I savvy technical expert screencasters, Beth Kanter and Unrelenting Zheng force twin the collect. And, craft informed in Jeremy Wagstaff re the Unfixed Twist Blog and Commodity exchange Annual is ultra-ultra there inter alia! Think back Jeremy Yourselves wrote a commanding business directory upon screencast capital goods which her philander play against hither.

You cannot access the Screencasting group without being a member on Facebook. But, it's painless to sign up for Facebook. Click here to register. And, if you join, feel free to add me as a friend!

You cannot access the Screencasting dig up except existing a belonger wherewith Facebook. Unless that, ego's Mickey Mouse so do a tour in behalf of Facebook. Go as of now up bound. And, if number one knit, glance freely in contemplation of figure out you now a playmate!

Hope to see you join Facebook and in the Screencasting group to share your tips and tricks! Now I have an excuse to go into Facebook while at work. ;-)

Hope into smell subliminal self link up Facebook and in the Screencasting detail up to quantum your tips and tricks! The present hour Better self buy an breast-beating up to talk Facebook lastingness at advanced work.

So could someone explain the point of these? There are no ads on the page—it’s a WordPress.com blog, so there can’t be. And, more importantly, what kind of synonym engine are these guys using?

I’m off to register unfixedtwist.com and, while I’m at it, numberoneknit.com.

BuzzMachine » Blog Archive » New splog tricks

Accused of spamming: Prerna Gupta, founder of Yaari.com

Look at a social networking site lie Yaari and you can see where the social networking phenomenon may fail, simply by abusing the trust of its users.

Sites like LinkedIn, Plaxo etc rely on expanding quickly by offering a useful service: trawling your address book to find friends and contacts who use the same service. We’ve gotten used to this, and it’s a great way to build a network quickly if you sign up for a new service.

But any service that uses this needs to stress privacy, and put control in the hands of users. Plaxo learned this a few years back. Spam a user’s contact list without them realising and you invite a firestorm of opprobrium on your head.

But surprisingly some services still do it. And in so doing they risk alienating users from what makes Web 2.0 tick: the easy meshing of networks—your address book, your Facebook buddies, your LinkedIn network—to make online useful.

Take Yaari, a network built by two Stanford grads which has for the past two years abused the basic tenets of privacy in an effort to build scale.

What happens is this.

You’ll receive an email from a contact:

It’s an invitation from a “friend” which

• gives you no way to check out the site without signing up. The only two links (apart from an abuse reporting email address at the bottom) take you to the signup page.
• neither link allows you to check out your “friend”  and his details before you sign up.

If you do go to the sign up page you’ll be asked to give your name and email address:

Below the email address is the reassuring message:

Your email is private and will stay that way.

But scroll down to below the create my account button and you’ll see this:

By registering for Yaari and agreeing to the Terms of Use, you authorize Yaari to send an email notification to all the contacts listed in the address book of the email address you provide during registration. The email will notify your friends that you have registered for Yaari and will encourage them to register for the site. Yaari will never store your email password or login to your email account without your consent. If you do not want Yaari to send an email notification to your email contacts, do not register for Yaari.

In short, by signing up for Yaari you’ve committed yourself, and all the people in your address book, to receiving spam from Yaari that appears to come from your email address. (Here’s the bit from the terms: “Invitation emails will be sent on member's behalf, with the 'from' address set as member's email address.”)

You should also expect to receive further spam from Yaari, according to the terms:

MEMBERS CONSENT TO RECEIVE COMMERCIAL E-MAIL MESSAGES FROM YAARI, AND ACKNOWLEDGE AND AGREE THAT THEIR EMAIL ADDRESSES AND OTHER PERSONAL INFORMATION MAY BE USED BY YAARI FOR THE PURPOSE OF INITIATING COMMERCIAL E-MAIL MESSAGES.

In other words, anyone signing up for Yaari is commiting both themselves and everyone else in their address book to receiving at least one item of spam from the company. Users complain that Yaari doesn’t stop at one email; it bombards address books with follow-up emails continually.

Needless to say, all this is pretty appalling. But what’s more surprising is that Yaari has been doing this for a while. I’ve trawled complaints from as far back as 2006. This despite the company being U.S.-based. I’m surprised the FTC hasn’t taken an interest.

So who’s behind the site? This article lists two U.S.-born Indians, Prerna Gupta and Parag Chordia, and quotes Gupta as saying, back in 2006, that to preserve the integrity of the network access is restricted to the right kind of Indian youth. I’m not young, I’m not Indian, and I’m probably not the right kind, so clearly that goal has been abandoned.

Here are some more details of the two founders.

Gupta, who is 26, is an economics major who graduated in 2005, was working for a venture capital firm in Silicon Valley called Summit Partners until 2005. Her facebook profile is here; her LinkedIn profile is here. According to this website she once won the Ms Asia Oklahoma pageant (her hometown is listed as Shawnee in Oklahoma, although she lives in Atlanta.

Chordia, chief technology officer at Yaari, has a PhD in computer music, and is currently assistant professor at the Georgia Institute of Technology, according to his LinkedIn profile. His facebook profile is here.

There’s a video of them here. An interview with Gupta last year indicates that they’re going hell for leather for size:

We are focused on growing our user base and becoming India’s largest social networking site within the next two years. Our goal for the next year is to become one of India’s Top 10 Internet destinations.

What’s interesting is that nearly every site that mentions Yaari and allows comments contains sometimes angry complaints from users. In that sense Web 2.0 is very effective in getting the word out. Unfortunately if Yaari and its founders continue to commit such egregious abuses of privacy, we can’t be sure many people will trust such websites long enough for the power of networking sites to be properly realised.

(I’ve sought comment from Gupta, which I’ll include in this post when received.)

Got my first LinkedIn spam today:

Hi Jeremy,

[name deleted], here... we are linked on LinkedIn

I know you're interested in earning an in~come on the internet. I also know you probably wouldn't mind if 'understanding it' was made easier for you.

Well, I've been notified about a new F.REE report by internet marketers, [etc ad nauseam]

I logged in, and it's true: We are linked on LinkedIn. Or were; I've deleted him as quickly as I could. Or at least I tried to: There's no easy way to do it. (I found the answer, not in LinkedIn's answers or help page, but on Ask Dave Taylor, who points out that "with so many different social network sites cropping up, it's pretty amazing to me how few actually let you edit the connections you establish."

My policy with LinkedIn has been to add more or less anyone who asks to be linked. This is highly irresponsible of me, of course, but I figured it wasn't going to do any damage since I don't really use the tool. Now, after this bit of spam, I'm not so sure. If people see I'm connected to a spammer, maybe that could do me some damage. As I've never received a job offer, or even an indecent proposal, via LinkedIn I'm frankly not quite sure what it's for. But if it's a way for people to spam me then I'm all for tightening the guest list a bit.

So I'm going to start weeding out my LinkedIn contact list, which currently stands at about three gazillion people, only four of whom I've actually met.

Courtesy of ABC Australia IT guru Paul Wallbank, the source of my chat with Veronica Sexy may have been discovered: an automated sex talk service called CyberLover.ru. Paul points to this story from Conor Sweeney of Moscow's Reuters bureau:

A Russian website called CyberLover.ru is advertising a software tool that, it says, can simulate flirtatious chatroom exchanges. It boasts that it can chat up as many as 10 women at the same time and persuade them to hand over phone numbers.

The service, on the surface, appears aimed at guys who aren't able to win over girls online any other way: "It's happened - a program to tempt girls over the internet!" Reuters quotes the site as claiming. "Within half an hour the CyberLover program will introduce you to ... girls, exchange photos and perhaps even a contact phone number," it states. Woohoo. 

But is that all it does? Antivirus and software developer PC Tools says it's much more dangerous than that. “As a tool that can be used by hackers to conduct identity fraud, CyberLover demonstrates an unprecedented level of social engineering,” a company press release quotes Sergei Shevchenko, Senior Malware Analyst, as saying. “It employs highly intelligent and customized dialogue to target users of social networking systems.” The goal, Sergei says: to gather personal information about users and also to lure them to websites, possibly to infect them with malware (a generic terms for software that infects their computer which can then be used as what is called a bot to grab data, infect other computers or send spam.) That doesn't sound like the Veronica I know. 

The website itself denies this, according to the Reuters report. "The program can find no more information than the user is prepared to provide," one of the site's employees, who gave his name only as Alexander, said in an emailed reply to Reuters questions. "It maintains a dialogue with a person, but is not engaged in hacking or any other such schemes, I think this should be obvious," he said.

Well, there's hacking, and there's other stuff that comes close to it. The company or individual behind this product appears to be the same as that which runs Botmaster.Net, both of which are registered to one Alexander Ryabchenko. Botmaster sells a $450 piece of software called Xrumer, which spams websites, forums and blogs to build up a website's profile on search engines (it claims to get past CAPTCHA screens, where users are asked to identify letters in images.) Given the name of the website is botmaster you can't help wondering what else it does. 

So was Veronica Sexy an early prototype of of CyberLover? Well, they're both run by Russians, but beyond that it's not clear. I hope to find out more. What is clear, though is that SkyperSex, the website Veronica was trying to lure me to, is an affiliate of Streamray, a sex website that is one of several just bought by Penthouse Media as part of its purchase of Various Inc (for $500 million). It should make for an interesting bit of research. 

Oh, and if you're looking for automated online chat that's a bit more real, check out My CyberTwin.

Russian computer program fakes chatroom flirting - Yahoo! News

Maybe this is commonplace for others, but I've just got my first sex-chat-spam on Skype. It's from someone called Veronica Sexy, whose profile indicates that it's unlikely to be someone I've met and just forgotten about (as if I would):

Just in case you can't read that last bit, it reads:

can't wait to get real nasty and show off :) IM REAL MISS WEB CAM!

Reply to the message and immediately you're asked to share your contact details (a la Skype.) I didn't risk having Veronica spam all my friends (not sure how that would work, but I've got some nice people on my list, and I'd hate for them to be upset.) But I did reply to her message, and her responses were quick, and, dare I say it, felt a trifle automated:

[8:53:55 AM] Veronica sexy says: Hi are U busy?
[9:03:43 AM] Jeremy Wagstaff says: hi
[9:03:50 AM] Veronica sexy says: How are u ?
[9:04:30 AM] Jeremy Wagstaff says: i'm great. who are you?
[9:04:31 AM] Veronica sexy says: I would love to chat with you, come on http://www.SkyperSex.com !!!

[9:04:36 AM] Jeremy Wagstaff says: no thanks
[9:04:37 AM] Veronica sexy says: I would love to chat with you, come on http://www.SkyperSex.com !!!

[9:04:45 AM] Jeremy Wagstaff says: i'm a bit busy. really
[9:04:47 AM] Veronica sexy says: My internet connection  is very bad come on http://www.SkyperSex.com !!!

[9:04:54 AM] Jeremy Wagstaff says: my internet connection is great!

That was the last I head of Veronica, although her scent lingers on.

The web address, by the way, is pretty much what you expect it will be -- lots of alleged clips of ladies cavorting. The administrator of the website is one Alexandrof Tiberiu in Moscow, who also owns www.yourlivecams.com.

I guess what's interesting here is that Skype don't seem to do much policing of this kind of thing. This could be a sex site spam, or it could be something worse.

(If you want to prevent Veronica getting in touch with you, go into Skype options, Privacy settings, and click on the Show Advanced Options button. Make sure the Allow chats from... option is only people in my Contact List:

Chances are Veronica won't come calling. Frankly, your life won't be the poorer for it.

Just because something has the word Wiki, community and/or .org in its name, doesn't mean it isn't a scam. I just received an email from someone called Navin Mirania about Wikimmunity which on first glance sounds like a worthy project: a website designed around local community content. But on closer examination it has the word 'spam' written all over it: 

How are you?  My name is Navin from Wikimmunity.org. I recently tried to contact you by phone regarding your blog/web site Endangered Spaces to see if there was any opportunity for us to work together.  Wikimmunity.org, the local community source, is looking for writers to write about local organizations, groups, attractions, people, places, and more.

We pay a modest fee for writing about places and things that you already know about in and around your local area.  Your idea/topic list is unending. Let me know if we can set up a time for us to discuss further. We’d like to help you to generate additional revenue from your blog.  In the mean time, visit  https://www.wikimmunity.org/affiliate/scripts/signup.php to register.  I’ve also included some other links that you might be interested in visiting below. Thanks and I look forward to hearing from
you NAME HERE

Navin calls himself a "Content Distribution Specialist" which is a new one on me. I guess it sounds better than "spammer who forgot to set the autofiller in his distribution list software".

And what of the website itself? Well, it looks and feels like Wikipedia, until you realize there's no information about who's behind it, and until you start reading some of the entries. Which are, it has to be said, unconsciously amusing. Try this one, for example, about Walmart:

walmart has a lot of people's needs at great prices. they have snacks, electronics, drinks, furniture, sports stuff, music, and many more. they have video games and acsessories and many more. If you want the newest things for a great price go to walmart. They have so much sales and and items you know it is goinig to be a good store all around prices. if you wann visit their online store [1]. they are one of the best stores to go to. they have toys, fishing equipment, tires, and even t.v. so for this holiday that is coming up you must go to walmart for their awesome prices

Copy I'm sure Walmart would be proud of. Or this one on Barnes & Noble:

Alot of people should be Familiar with this store. In case you don't know this is a book store. in this store you can get all kinds of books in this place. they have fiction, non-fiction, realistic fiction, and many more. They also have new releases of books all the time. They also have cd's. the music they have is rock, classic rock, country, rap, and others. this is a good store to get both books and music. They also have drum books. They have Jimi Hendrix cd's!!!

Well, blow me down. Jimi Hendrix CDs?