Tag Archives: bank accounts

The Fate of New Acquisitions: Whither or Wither?

By Jeremy Wagstaff

I’m writing this on a Windows PC using a great piece of Microsoft software called Windows Live Writer. And that’s only part of the problem.

As you no doubt know, Microsoft have announced they bought Skype, the Internet telephony company, for $8.5 billion. You’ll have to look under a lot of stones to find someone who thinks this is a good deal for Microsoft. Skype made $20 million last year on revenue of $860 million, posting a net loss of $69 million because of interest expenses. In short, this is not a company about to fill Microsoft’s coffers with dosh.

Whenever a big company goes on a buying spree I reach for my gun and head for the hills. These things never end well. A few weeks back we heard about Cisco buying and then killing Flip, those great little pocket cameras so simple to use people actually use them. I used to keep a list of these acquisitions, because I naively used to think that a big company buying a smaller one was a happy ending. I’ve nearly always been proved wrong.

Yahoo bought a browser bookmarking service called delicious that they parked in a siding until eventually selling it, a few weeks back, to someone who actually seems to understand the product. In fact a fun game is to quiz Yahoo PR people about the state of their company’s lesser known products and count how many “I’ll have to get back to you on that one” responses. I’ll give you a head start: Ask about Konfabulator, a sort of desktop widgets program which was excellent, but has quietly withered on the Yahoo vine. The developer’s blog hasn’t been updated since 2007.

Yahoo are probably the most egregious offenders but everyone does it. Google boughtJaiku, a twitter-like service that was better than twitter, but have done precisely nothing with it. Nokia bought dopplr, a social networking service for people who travel, and have done precisely nothing with it. (Product blog hasn’t been updated since September 30 2009, two days after Nokia bought it.)

So why do it? Buying companies makes people money, somewhere in the chain. It disguises ineptitude, or it is what is called a defensive play: I’ll buy it so you can’t.

The Skype deal neatly illustrates Microsoft’s problem is a simple one: It lacks direction. It doesn’t seem to know what it wants to do so it creates a new brand, a new product, a new division—often out of an old one. The product I’m writing this on is part of (frankly the only good part of) the Windows Live array of products—whatever that is; I’ve never quite figured that part out. (Type live.com into your browser and something different seems to happen each time; now it’s a sort of stream of consciousness page that’s more of a stew of Microsoft’s various offerings. ) Windows Live Writer was part of a product Microsoft bought called Onfolio; it has survived, somehow, though few people seem to know about it outside a very narrow group of enthusiasts.

And here’s the rub. Microsoft has no idea what to do with all these products it spews out or inherits, so it forgets about them. Most of you know that Hotmail and Bing are Microsoft products. But how about Lync? Or Kin? Anyone remember Zune? And what is the difference between Windows Live and Windows Live Essentials, for example? Or Windows Messenger, Office Communicator, Windows Live Messenger and MSN Messenger? Or Sync Center, Live Mesh, SkyDrive, FolderShare and Live Sync?

No, I’m not sure either.

Go to Windowsmarketplace.com and you’ll be told that “Windows Marketplace has transitioned from an ecommerce site to a reference site.” Confused yet? Go togetpivot.com, the website of what was billed a year or so back as “the most ambitious thing to come out of Live Labs” and you’ll get directed to, er, bing.com. Live Labs itself was disbanded a few months later. Now old links to Live Labs go to bing.com, which was where those members of the team ended up that didn’t quit. Out of the 14 projects initiated by the lab counted on Wikipedia, all but five are dead. Of those, only a couple seemed to still have any life in them.

When a company diverts a link from one of its own press releases barely a year old to, effectively, nowhere, it’s a pretty good sign that’s where the vision has gone too. This was after all Microsoft’s big research team—at least the most exciting one (Microsoft spends about $9 billion per year on R&D, according to Jean-Louis Gassée, a French analyst.) Microsoft products seem to get lost in a labyrinth of confusing branding, branching and segmentation tunnels, confusing and demoralizing the user to the degree they throw up their hands and go buy a Mac.

Not I. I know about Microsoft products because I use them. A lot. And the more I usemy Mac the more impressed I am with parts of Windows 7.  The problems with the operating system could be fixed in an afternoon: Watch a couple of users try it out and then ask them what was missing. Build those bits into a new version, ditch the trash and you’re good to go. (Some clues: something like iPhoto but better than Photo Gallery for handling photos. Something like iMovie but not Movie Maker. Apple’s products all come pre-installed. Microsoft’s are a confusing, lengthy and intrusive download and reboot away. Oh, and something half way between Microsoft Word ($200 or thereabouts) and the freebie WordPad; Apple’s equivalent Pages costs $20. It’s not as good as Word, but it’s a 10th the price.)

So where is Skype going to fit into all this? Well, the problems start with Skype itself. Since eBay bought it in 2005 it has been something of an orphan, passed around with little idea of what its future might be. It wasn’t always thus. I drank the Kool-Aid back in 2005, and thought like others it was going to change the way we communicated and did business online. I joined the vision of a world where everyone from clairvoyants to business consultants (ok, that’s not such a wide swathe) would offer services over Skype. Audio, text, video, you name it.

That hasn’t happened. For most people it is just a way to avoid paying rip-off phone charges and do the odd video call. Everything else is marginal. The most recent Extra—the add-ons that were supposed to be part of this new Skype ecosystem–is dated January 2010 and that’s just an update on an old program. One guy I interviewed in 2005 had set up a network of 30,000 experts in 50 countries on a website called Jyve.com that was going to piggyback this new Skype-connected world. He’s nowhere to be found now and Jyve.com is an empty page.

eBay didn’t get it, of course, but that’s only part of the story. About a year ago I wrote a piece calling on Skype to realize that it was at heart the world’s most effective social network tool. I wrote:

If Skype dovetailed with Facebook, twitter and LinkedIn it could position itself at the heart of social media. After all, it’s probably the only application that most Internet users have installed, loaded and [have] active on their computer. Unlike Facebook et al, Skype is there, right in the moment. It’s the ultimate presence app.

Indeed, it’s much more like an instant Rolodex (remember those?) than all the other networking services we use. If I want to contact someone the first place I check is Skype—if they’re online, what’s the point of contacting them any other way?

In other words, Skype offers a granularity that other social networking tools don’t: Not only is it comfortable with one to all (the status update message), it’s also comfortable with the one to several (add people to a chat or call), it’s also great at instantly connecting one on one. You can even reach people offline via it, if they have call forwarding enable, or you have their SMS details stored.

No other social network offers that.

Skype sits on every computer (and most smartphones.) By definition all the people the user is connected to are people he wants to actually communicate with—rather than just ‘friending’ or ‘ ‘connecting to’. It’s an easier way to share stuff—photos, files etc–and it’s now pretty easy to set up groups and stuff (In Afghanistan we used it as a way to share security updates; people could see the information in real time or catch up on messages when they got online. In Singapore I use it to talk to my students via teams and the whole class.)

Unfortunately Skype may have read my piece, or they may not. Either way, they half went down this road by trying to throw in lots of things that people didn’t need—including an annoying Firefox extension that turned every number on a webpage into a phone number, including bank accounts. Now Skype is so big and clunky it crashes on my Android phone and my Windows computer.

But in a perfect world Skype works. It’s simple. For many people it’s a telephone. For others it’s a presence indicator: I’m online, I’m not. My computer is connected to the internet (green button showing) or there’s a problem with the connection (grey downer button showing). For some people it’s become a very useful way to organize teleconferences (though don’t talk to my colleagues on an Indonesia project about this; they spend hours trying to get a connection going.)

Skype wasn’t first but it worked better than others, which is why everyone has a Skype account, and why asking for someone’s Skype ID is almost as natural as telling asking for their email address.

But unfortunately I’m not sanguine about a Microsoft/Skype future. Either they integrate the technology behind it into their other smorgasbord of products, in which case you wonder why they didn’t develop the technology themselves, or they leave it as it is. Either way it’s not good: While analysts have focused on how Skype might fit into Microsoft’s non-PC products like Kinect and Xbox, it’s hard to imagine that Microsoft won’t try to shoehorn Skype users into one of its misbegotten sub-brands, losing non-Windows users along the way.

Skype Messenger anyone? Live Skype? Skype Office? Skype Explorer? I shudder to think what will happen. I may be wrong—I’ve been plenty wrong about Skype before—but my fear is of a Skype that gets as clunky and overloaded as MSN Messenger, as bewildering as the Live family of products, as impossible to separate from other Microsoft products as Microsoft Word, as doomed as Outlook Express and anything from the Live Labs mob.

I do hope I’m wrong because of all the networks I have on my computer and cellphone, Skype is still the one I actually need. Skype: whither or wither?

Banks Cross Borders, But Their Service Doesn’t

Banks always talk about being global, and thinking local, and all that tosh. And it is tosh. Really.

My bank just called me, for example, to congratulate me for linking my bank accounts in different parts of the world so I can see them from one website. Great idea, weird it hasn’t been possible until now. But I couldn’t help smiling to myself at its limits. The conversation went like this:

“Mr Wagstaff Jeremy Rupert John (they seem to call me this, I guess it sounds better), do you have any questions or feedback for us on our service?”

“Well, I found I couldn’t remember one of the passwords for one account in country X. Can you help with that?”

“Er, no, that is handled by our other office in that country. I work here.”

“Oh.” Pause.

“Any other feedback or questions?”

“Yes. I’d like to complain that I can’t ask about resetting my password in my account in another country even though it’s the same bank.”

“OK, thanks for that. Any other feedback or questions.”

“No, that’s it.”

“OK, thank you for using our service.”

“No, thank you.”

Gee, banks are old fashioned. Why haven’t they disappeared already? Still, they give me free coffee every time I drop by, so I shouldn’t complain.

Technorati Tags: , ,

Thaksin Needs Your Help


For those of you who thought the former Thai prime minister Thaksin Shinawatra was living it up in Europe buying soccer teams, you’re wrong. He’s having serious financial problems and needs your help, according to this email I just received in his name:

Good day.

This may appear a bit surprising to you but very sensitive; as a matter of urgency, I am desperately looking for a foreign partner whom I can trust to handle some investment or fund movement under is control for security reasons. I am Mr. Thaksin Shinawatra, Former Thailand Prime Minister, I went on exile for some months over allege assassination of me and my family, and was charge for corruption and purchasing of Government lands. They also confiscate (froze) my 21 bank accounts, wealth and money I deposited with a bank firm in Thailand,

See the web link for more details:
http://www.voanews.com/burmese/2007-06-16-voa4.cfm

I have pleaded to be allowed to live freely, and with dignity, but Mr. Surayud has urge my assassination when returned to my own land for abusing the rule of law, been the current Prime Minister in power I have known objection than to remain on exile. While in exile, I have decided to move the fund I deposited with a security firm here in Europe for a reliable business purpose and also gain access to fully support the less privilege which the government of my country is against. I am calling your attention for partnerships deals towards assisting me invest this fund under your custody for security purpose till the accusation levy against me is cleared off.

All further communication of this transaction would be referred to my lawyer in your next mail to scrutinize the legitimacy of my partner (you), and also assign to you the legal protocol and modalities of this transaction.

Yours Sincerely,
Mr. Thaksin Shinawatra
thakshinw@tiscali.co.uk

Please see what you can do. Of course, there’s an off-chance this could be one of those scams, but I’ve read it carefully and checked the VOA link, and it rings true to me. Really.

Tags: , , , ,

The Phisher King Goes To Jail

Another phisher jailed, and another example, if any were needed, of the Russian gravitional pull to such tricks. But there’s a backstory to this that all accounts have ignored. Here’s the meat, first, from The Register:

An American who masterminded the UK part of a multi-million pound ID theft scam was yesterday jailed for six years. Douglas Havard, 24, was sentenced on Monday at Leeds Crown Court after pleading guilty to conspiracy to defraud and conspiracy to launder money. His accomplice, Lee Elwood, 25, of Glasgow, was jailed for four years after pleading guilty to the same offences in June 2004.

The court heard the duo were integral to a phishing scam that netted an estimated £6.5m. The duo operated the UK end of an international operation that tricked consumers into handing over their banking credentials to bogus websites. The pair used credit cards obtained under false names, money raided from compromised bank accounts and the illicit purchase and sale of goods online to finance a lavish lifestyle.

According to a report on kvue last year, Havard was allegedly just one of

15 global middlemen linked to the hackers, who systematically stole from hundreds of bank accounts daily, one of Mr. Havard’s former associate says.

But it’s the Douglas Havard guy who is most interesting, and an example of the kind of people getting drawn into the phishing world: Check out this long and fascinating account from the Dallas Observer three years ago, when Havard was still on the run. One particular episode caught my eye:

Take the bar code scam, which allegedly began during Havard’s sophomore year at Winston. Havard bought a special printer and high-gloss paper precut in the shape of price stickers, with adhesive on one side. The equipment and materials were specialized, but not exotic; he could buy all he needed at an office supply store.

Havard went to Target and purchased, say, a box of Legos for $17. He duplicated the bar code on the Legos and then went back to the store. As he browsed through the toy department, he’d slap a bar code sticker reading $17 onto a box of MindStorm Legos that sell for $200 a box.

At the checkout, Havard paid $17 for the Legos. He later returned the Legos to the store, getting a cash refund or store credit for $200. Profit: $183. He’d then go back and buy two more expensive boxes for $17 each. Profit: $366. Investment: $17, plus the printer and sticky paper.

Havard’s research revealed that Target wouldn’t investigate until the sixth return, so he would do the con a total of five times in his own name, then use a fake drivers license and do it five times in another name. He then pulled in other people to repeat his performance five times each in various names, also using fake identities. After calculating how many Target stores were in the Dallas-Fort Worth region, he sent out his minions with handfuls of forged bar code stickers.

Havard was making up to $15,000 a day from the scam, according to the Observer. From there he graduated into credit card scams. And others:

He and a buddy started cruising the parking lots at NorthPark, looking for expensive SUVs loaded with fancy accessories like front grilles. They’d write down the license plate numbers, drive home and look up the addresses of the owners on the Internet. Late at night, they’d drive by the houses, steal the grilles and sell them on eBay.

It’s all quite a tale. Phishing in Leeds was perhaps the easiest scam Havard ever did.

Snake Oil? Public Service? KMGI Responds

Yesterday I wrote about the odd press release from the Internet Security Foundation and the apparent conflict of interest between a foundation pointing out flaws in software (in this case, Windows) while at the same time promoting its own related software.

Today I received a response from the founder of the company that registered the site, Alex Konanykhin of KMGI. Konanykhin may be familiar to some readers as the Russian entrepreneur and former banker who fled his homeland and has since faced a long legal battle in the U.S. over extradition on embezzlement charges. Konanykhin subsequently set up KMGI to sell web advertising services and software. Earlier this year the National Republican Congressional Committee chose him as their New York Businessman of the Year.

Konanykhin, in response to my posting and a request for comment, says he erred in not making clear KMGI’s relationship with the foundation:

After reading your reaction to our news release in your blog posting, I realized that it was a mistake to limit our Internet Security Foundation site to the discussion of the password vulnerability and not include a page on what compelled me to establish the Foundation.

He says his motives for setting up the foundation were entirely motivated by realisation that users did not understand their passwords in Windows remained vulnerable even if they were concealed by asterisks:

We researched this issue further and found that 86% of Internet users believed that the passwords hidden behind the asterisks are securely protected. As we opined in our press release, this false perception may result in criminals and terrorists unlawfully obtaining passwords of unsuspecting Internet users, gaining access to bank records, and other private information such as bank accounts. So, I urged Microsoft to fix this security hole (even thought it would kill our revenues from sales of SeePassword), but Microsoft refused to do it.

I was surprised by Microsoft’s position which leaves hundreds of millions of Windows users at risk of identity theft. So, I felt compelled to fight on – and founded the Internet Security Foundation. I allocated a significant portion of our proceeds from sales of SeePassword to informing computer users about the grave but largely unknown risk they are facing. The press release you received was the first step of this campaign which, I hope, will minimize the risks to the Internet users.

After reading Konanykhin’s response to my earlier posting, I’m persuaded that he did not intend to mislead the public or conceal his company’s relationship to the foundation. I think this is more a case of someone inexperienced in the importance of ensuring all interests are plainly visible to the public. That said, I think Konanykhin needs to move quickly to implement his promise to add a page of explanation to the ISF homepage, something that has yet to happen at the time of writing.

In matters of Internet security and privacy, there are enough snake-oil salesmen, piles of skewed or self-serving ‘research’ and bad guys masquerading as good guys for users to be understandably suspicious about the motives of anyone raising alarm bells while simultaneously offering solutions.

A Glimpse Of A Tentacle From The Phishing Monster

Gradually the tentacles of the Russian gangs behind phishing are appearing. But we still have no idea how it really works, and how big the beast is.

The Boston Herald reports today on the arraignment of a “suspected Russian mobster” on multiple counts of identity fraud, having allegedly obtained personal information from more than 100 victims by phishing emails.

Andrew Schwarmkoff, 28, was ordered held on $100,000 cash bail after being arraigned in Brighton District Court on multiple counts of credit card fraud, identity fraud, larceny and receiving stolen property. He is also wanted in Georgia on similar charges, and is being investigated in New Jersey.

What’s interesting is that clearly phishing is tied in, as if we didn’t know, with broader financial fraud. Schwarmkoff — if that is his real name, since investigators are unsure if they have even positively identified him — was found with “$200,000 worth of stolen merchandise, high-tech computer and credit card scanning equipment, more than 100 ID cards with fraudulently obtained information and nearly $15,000 in cash,” the Herald says.

That would at least indicate that phishing is not just an isolated occupation, and that the data obtained is not necessarily just used to empty bank accounts, but to make counterfeit cards, ID cards and all sorts of stuff. What’s also clear is that the Russians (or maybe we should say folk from the former Soviet Union states) are doing this big time. The Herald quotes sources as saying “Schwarmkoff is a member of the Russian mob and has admitted entering the country illegally. “We know some things that we don’t want to comment about,” a source said, “but he’s big time.”

Schwarmkoff, needless to say, isn’t talking. “‘Would you?’ the Herald quotes the source as saying. “Schwarmkoff,” the Herald quotes him as saying, “is more content to sit in jail than risk the consequences of ratting out the Russian mob.” That probably tells us all we need to know.

Meet The Mule, Or Correspondence Manager

Here’s how Russians and other scammers are getting their illicit gains back home.

The BBC website reports on a scam where (probably Russian) scammers are posting job ads claiming to be charities looking for people to forward donations made by hi-tech firms. Those responding to the job ads — usually for something like a “correspondence manager” — are then used as mules to forward goods probably obtained through fraudulent credit card usage online.

The BBC says this “re-shipping” or “correspondence manager” con has been seen in the US and is included in the FBI’s ongoing Operation Cybersweep investigation that targets hi-tech crimes. In some cases, the BBC says, the bank accounts of those who fall for the job ads are used to funnel cash from auction sales of stolen goods to the criminals.

The reason for all this? Many online commerce sites are reluctant to ship to Eastern Europe and Russia because of fraud. (The same thing has been true for the past couple of years in places like Indonesia, where many sites simply do not accept business from. In these cases, fraudsters would simply cite their normal address, but with a different country, hoping the outlet would not be smart enough to figure it out, and the courier would be , and then forward it to the right country. It usually worked.)

Viruses And The Russian Connection

As feared, MyDoom seems to come from Russia. Or does it?

The Moscow Times quotes Kaspersky Labs as saying they used location-sensing software to trace the first e-mails infected with MyDoom back to addresses with Russian Internet providers. “It’s scary, but most serious viruses are written in Russia,” said Denis Zenkov, spokesman for Kaspersky, the country’s largest anti-virus software company.

This is not the first. Russians have long been virus writers. Dumaru, Mimail and Stawin may have Russian origins.

But what has changed in the last year or so, it seems, is the commercialisation of Russian virus writing. These viruses are no longer the product of idle, alienated, out-of-work minds, but of folk working for professional spammers and scammers. Another Kaspersky expert, Alexander Gostiyev, is quoted by AFP as saying the creators of MyDoom were not aiming to disrupt Internet traffic but to use infected computers to distribute unsolicited junk mail. The attack “was very well planned and prepared, perhaps for several months, and at least 1,000 computers were infected in advance,” Gostiyev said. “The virus could be of use above all to criminal groups seeking to distribute spam,” he added.

Spam, however, may be the least of it. There’s not much money to be made from spam, whereas there is from theft. Stawin, for example, records keystrokes when infected victims access their bank accounts, and sends the results to a Russian email address. British police are investigating the possibility that a wave of extortion attempts against gambling sites may come from Russia or Eastern Europe, according to Reuters. These attacks are related to the Superbowl: Those who don’t pay up are brought down by massive traffic, called a Distributed Denial of Service attack, or DDOS. A site dedicated to online betting has recorded at least 20 sports betting sites appeared to have been brought down over the weekend. With all the work that went into something like MyDoom, I can’t believe it’s only spam the creators are after.

Of course, this could all be a feint.

Agence France Presse quotes Kaspersky as saying “there is a still a 20-percent chance that this was an attempt to mislead. Virus programmers from other countries could have registered an email address in Russia” as a ruse. And it’s not entirely clear what Kaspersky means by ‘location sensing software’. This could mean more or less anything, and, as some folk have pointed out, the fact that Kaspersky is based in Russia makes it likely they will receive copies of the virus from Russian email addresses.

And it still leaves us with the fact that the virus was in part tooled to launch an attack on the website SCO, a company that has riled the Open Source community by claiming copyright over parts of the Linux operating system. The virus was designed to launch an attack on their website starting February 1: The website is presently down, apparently overwhelmed by traffic.

One final thing: There seems to be some confusion between the first and second MyDoom virus: Variations often follow when folk get inspired by the success of a virus, but that doesn’t mean the same guy, or guys, wrote both viruses. The presence of a note in English inside the second version of the virus, — sync-1.01; andy; I’m just doing my job, nothing personal, sorry — appears to have confused some folk. The source, and purpose, of the first MyDoom remains a mystery.