Read more for the gory details.

Many website compromises are easy to spot – typically attackers will add code that redirects visitors to other sites (or opens pop-up windows in their web browser), or they add content to pages on the site, or they outright replace entire pages. This compromise was much more subtle though, and it was only noticed when spam links began appearing in the Google search results for that site.

When we were asked for help with the problem, I immediately started on the standard cleanup tasks:

• creating a compressed backup of the infected site & the recent web logs (for later analysis)
• searching through the site’s files for words that were in the spam links/search results with “grep” (a UNIX tool that searches through files for specific text)
• and creating a list of all the site’s files sorted by their modification date

The “grep” search turned up several files that contained key words from the spam links/search results, which I promptly removed. The list of recently-modified files turned up some more infected files, mostly “backdoor” scripts hidden in the /images folder, which I also removed. Backdoor scripts are usually web-based file managers, which attackers can use to modify files on the website. To use a real-world analogy, it’s like to breaking into a house by picking the front-door lock, and then making some other more subtle change to make it easy to break in again – like disabling the lock on a window.

So far, this was all fairly standard stuff that I’d seen before on other compromised sites. But the recently-modified files list also showed that the site’s index.php file had been modified, which I found a bit surprising because there were no obvious signs of infection when viewing the site in a web browser. Checking the index.php file, I found an “include” statement that had been added & was used to load another file, which is where things started getting interesting.

Most scripting languages used for web sites have some sort of “include” function, that lets files load content or scripting code from separate files – that’s typically done to make development easier, by organizing content (or portions of web-based applications into separate files). In this case, though, the include statement was loading a file with a .pdf extension, which had been hidden in the folder /home/username/mail/tmp (probably to make it harder to find).

When I examined the include’d .pdf file, it contained some binary data (in base64 format) along with PHP code used to decode that data. In other words, the file contained PHP code, and the most of the actual content had been obfuscated by converting it to base64 – and when the file was run (via the include statement in index.php), the base64 data was decoded & the obfuscated PHP code was run.

A brief explanation: attackers often use this method, because it’s a fairly effective way to hide the malicious code they’ve uploaded to a website. Say, for example, an attacker modifies a website to add advertisements for fake rolex watches – normally, if the files are in plain ASCII (text), you can find the infected files by just running  a grep for the word “rolex”. But if the attackers encode the content using base64 (or some other similar method), then a grep for “rolex” won’t find any matches – because in base64, the word “rolex” would be encoded as “cm9sZXg=” instead, and it would only be converted to plain text when the PHP script is executed (typically by being viewed in a web browser).

So in this particular case, the attackers had taken some PHP & HTML code containing their spam advertisements and then they had run it through a base64 encoder. But they didn’t stop there – instead they took the initial base64 encoded data, and then ran it through the base64 encoder again, effectively adding a 2nd layer of obfuscation to the file. It’s most likely that this was done to in order to evade virus & malware (malicious software) scanners, which many servers use to detect these types of compromises. Many of these scanners will automatically decode base64-encoded data, but not all of them are sophisticated enough to detect that the decoded data is itself base64-encoded.

That’s still not the end of the story, however – I was puzzled by the fact that I couldn’t spot any modifictions to the website when viewed in a browser, even before I removed the malicious file (and the include statement pointing to it). So I decided to take a copy of the file with the base64 encoded data & make some small modification to it, so it would simply display the decoded data when viewed in a web browser instead of actually running the code. The actual data was a PHP script, and a quite a long one (nearly 8,500 lines) – but the main thing that jumped is that contained code to check the IP address & user agent of any visitors against the indexing bots used by many search engines, primarily Google.

Remembering that the only publicly-visible results of the infection were some spam content in the Google search results for the compromised site, I used the “Fetch as Googlebot” tool (in Google’s Webmaster Tools suite) to load the malicious page. Viewing the results of how the page appeared to Google’s indexing bot finally gave me (almost) the complete story. It appears that the code was setup to detect if it was being viewed by Google’s indexing bot, and display the spam content – while hiding it from visitors who viewed the page in a web browser (probably to reduce the chance that the website’s owners or visitors would spot the compromise).

As for the exact goal of the attackers, it’s difficult to say from looking at the code. They were able to add code to the site that added spam content to that site’s Google results, but there were no actual links visible in the search results – the links were only visible through Google’s cached copies of those pages. So it’s unlikely that anyone would have clicked on the links, which largely defeats the purpose of adding the spam content. I believe that the most likely explanation is that the attackers were trying to boost the Google ranking of the site(s) that the spam links pointed to, essentially trying to leech off the Google ranking of a legitimate site in order to boost their own search ranking. And few of the links also appeared to contain affiliate IDs, so it’s possible that the attackers were attempting to drive traffic to their affiliate link in order to defraud another site’s affiliate system.

Lastly, it appears that the attackers were able to compromise the site by exploiting a security vulnerability in an old, unused (and out-of-date) copy of WordPress that was present on the site. Even though the current site isn’t using WordPress, the attackers were still able to break in using a WordPress vulnerability (or a vulnerability in one of its plugins) – and once they were able to use that access to modify the active website.

Unfortunately there’s no magic bullet to prevent these types of attacks – although there are a few general practices that will help. If your website runs WordPress, make sure it’s updated regularly (along with any installed plugins). Don’t leave un-used applicaions installed on your website, because they may contain security vulnerabilities that attackers can use as a backdoor into your site. And it’s a good idea to check the Google search results for your site from time to time, because that can help alert you to problems that may not be immediately apparent.

This discovery comes after a flood of mobile phone spam to one of my email addresses – the kind that costs a mint thanks to embedded images and all sorts of other useless but bandwidth-intensive eye candy.

The OpenTable system is wide open for spamming thanks to the company’s failure to require confirmation for sign ups. This is a fairly typical oversight when greed trumps common sense.

Sign up for an OpenTable account, sign up for all of their many newsletters, add someone else’s email address in the contact field, and the fun begins: OpenTable will start mindlessly spamming your victim.

If the first email or any change of email address required the recipient – or victim- to confirm the validity of the email address, this spam wouldn’t be possible. It’s also worth noting that unlike most legitimate online registration systems, OpenTable doesn’t use a Captcha or any similar technique to try to separate human from machine registrations. This is generally a sign that greed is on the ascendant and common sense got buried in among the dirty laundry.

So what if you’re the victim of this type of spam, and don’t find much joy in having your cellphone’s inbox filled with unwanted ads for restaurants half a planet away THAT YOU GET TO PAY FOR AS PART OF YOUR MOBILE BANDWIDTH FEES?

You can try the unsubscribe link on the junk mail OpenTable sends to you, but that only works per newsletter and OpenTable has a bunch of them. If you’ve been signed up for more than one, the only way to get at the list is to liberate the offending account. Otherwise, you’ll have to wait while OpenTable spams you with each of their newsletters and unsubscribe one at a time. No, it’s time to act.

Here’s how:

OpenTable uses the email address in each account as the username.

Go to the OpenTable page and click on the Login link. You may have to type in your email address in the username field. That would be the email address that OpenTable has been happily spamming.

Then follow the instructions for re-setting the password. This will generate a reset password email that will arrive in your inbox in a few minutes.

Open this email – click on the Reset Password link – and this will take you to an OpenTable page where you can change the password to whatever you wish.

Once you’ve done that, you can now log into the offending OpenTable account.

The first tab to head for is My Account: this is where you’ll find the list of OpenTable newsletters you’re signed up to receive. Uncheck them and – if you’re lucky and OpenTable doesn’t pull the old ‘we reset your account because we know you want to pay for our advertising’…

Finally, prepare an invoice for the data charges incurred when OpenTable spammed your mobile phone without permission, and for the time required to put a stop to it, and mail it to:

OpenTable Inc.

799 Market Street

4th Floor

San Francisco, CA 94103

What’s sad is that all of this could be easily avoided if OpenTable applied commonly used techniques to verify that signups are, indeed, both human and valid. They’ve clearly chosen the more spammy option.

-g

Tried getting the attention of their Twit-bot on Twitter @Photobox (the avatar is a blonde with big hair – the humans behind it could be anything). After much back and forth (’just drop what you’re doing and call when it suits us’) it said that ‘Andy’ was anxious to sort this out and was waiting for my call today (Sept 15/2011).

I called. Didn’t get Andy, but got Kash who goes by just the one name: “Andy’s not in today.”

Thanks for nothing, blonde avatar lady. Are you clueless or did you flat out lie?

Kash did make the request I get from every spammer I’ve ever called: Give me your email address and we can fix it.

No.

You bought a bad list, or let people sign up others without their permission, and have clearly stepped into opt-out territory: That’s where the spammer keeps hammering you until you say stop, rather than requiring an okay from you before they even start.

I want to know how you got my personal email address in the first place – I’m guessing it was through what you call the ‘Refer a Friend’ page and what should be renamed ‘Annoy your friends and enemies’ page. And why you started battering away at me after more than a year of silence.

One email in March, 2010, then silence until July 5, 2011, when Photobox apparently changed policies and the near-daily barrage began.

I doubt it’s just me: this smells like policy. The kind that spammers adopt.

-g

What seemed like a missed voicemail message turned out to be a big hole in my heart.

We were trying to set up a conference call to talk about a project long in the making. A call that won’t ever happen: My friend Bill Kunkel died yesterday.

Because he was such a fine writer, it’s intimidating to write about him.

I met Bill because I’d met Barry Friedman and, with Barry involved in my Internet company, landed in Las Vegas with a bunch of Barry’s old and new friends in 2000 at a dinner high above the city…and just clicked with Bill. Smart, articulate, funny, and the real deal.

I am not a gamer. I’m not into professional wrestling. It’s only as time passed that I became even remotely aware of Bill’s influence on both genres. And Bill was a cartoonist? Really?

Bill was one of my few true friends. That’s what I know, value, and will remember.

I’m shocked, sad, stunned…and remembering a guy who really made me LMAO.

RIP I miss you already.

-g

It’s about as infection-free as a dirty penny lying in spit, fills inboxes daily with offers to steal your identity, to kill you with fake pharmaceuticals, and it’s starting to hit mobiles – phones, tablets, etc. – where pricey data rates mean the recipient gets to pay for the delivery of this garbage.

But the most hateful thing about it?

When a company I actually like doing business with joins the slime.

Toronto Bound

In the late spring of 2009, we did video production at an event in downtown Toronto. As normal, we stayed in the same facility as the event. And it was horrid: terrible service, totally unreliable Internet – our life blood – and suspecting we’d be back the next year, we thought it wise to look for another place to stay.

Enter  Metropolitan Hotel Toronto.

The Metropolitan is on Chestnut, a curious bit of streetscape bounded by the University of Toronto and Nathan Phillips Square that t-bones Dundas Street to the north, heads south to a 90-degree bend into Armoury Street which runs briefly west before intersecting University Avenue.

This convergence has created an odd combination of bustle and bliss: whizzing honking traffic and a flood of pedestrians, convenience stores, coffee shops and ethnic fast food joints, broad and shaded car-free walkways.

We’d been on the road for a week when we pulled into Toronto for the same event in 2010.

Because of the nature of our equipment – cameras, mics, lights, mixers, computers – it doesn’t stay in the car but goes with us. All 400 pounds of it. And we always load and unload ourselves.

Tired. Hungry. Worn out.

And a doorman is right there – with a cart.

Can I help?

We’d rather do it ourselves. Camera gear. You understand.

And he simply nods and backs off.

Two people stand next to us and light up cigarettes. I cough when the cloud surrounds us. The doorman asks them if they’d mind moving away from the entrance. Please.

From the rejection of the offer to help, noticing we’re troubled by the smoke, asking gently if they’d mind moving…all done in such a pleasant, professional way.

We thank the smokers. They nod.

We’re already starting to relax.

We get into our room: clean, decent, and we’re online in minutes after a quick call to the front desk (yes, we do really need a half-dozen Internet access codes).

Downstairs for something to eat. Did I mention the restaurant in the hotel the year before was closed and ‘no, we can’t give you an apple, sir, the restaurant is closed but if you hurry, there’s a Subway up the street that closes in about two minutes’. Not sure if it slipped my mind or it’s just another repressed memory.

So downstairs at the Metropolitan, where we had one of the best meals of the entire trip. Exactly when we needed it most.

Yes, it was a pain to have to pack up and move all of our gear to the event venue and then back again, but it was worth it.

The event moved out of Toronto for 2011, but is heading back in 2012 and if we’re taking part, we know where we’re staying.

Or at least, we did.

And Then There Was Spam

Imagine this: The Postie drops a few flyers into your mailbox. Knocks on your door once a month and demands that you pay for their delivery. You’d be saying: Are you nuts? Pay for junk mail I didn’t ask for and don’t want? Slam.

Imagine this: Your mobile provider drops a few flyers into your mailbox. Comes back once a month and demands that you pay for their delivery. You should be saying: Are you nuts? Pay for junk mail I didn’t ask for and don’t want?

Here’s a typical trip through my inbox:

Mrs. Handsome Darling has 4.5 million US dollars to share 70:30 with me because she’s dying of a half-dozen different diseases, is a pure Christian woman whose email address is ‘Barr James Something’ at Yahoo! in China. Sure. Four words: Nigerian advanced fee fraud.

See XXX celebrities I don’t care about do unspeakable things with each other and office equipment. Here’s a photo.

Thanks. My wife just walked by.

Not happy with the strongness and size of your manlihood then our best Canadane pharmacy is ready to srevice you with the perfect product. Get a girlfiend like this to wish your every dream.

Great. Nice timing. And just love the command of the language.

I get another ping – check my mobile mail – and after honouring my request to use the email address provided when I made the reservation in 2010, Metropolitan Hotels hit me with two within a few seconds of each other.

I could stand up in front of a crowd and give them – off the cuff – a brief history of spam with examples, names and dates. I belong to a high tech crime fighting organization – a joint venture between law enforcement and the private sector – and it’s become clear that what was once a nuisance is now generally the tip of the organized crime icerberg.

If you’re a criminal, the online world is THE place to do your business: it’s hard to get caught because national laws generally aren’t enforced internatonally, the penalties are generally just a license fee to keep doing it, and as P.T. Barnum noted: There’s a sucker born every minute.

Our Weird Email Addresses

Whenever I come in contact with a business for the first time that I think may be spammish, I create a special email address that’s only provided to that business. Sell, share, give it away or have your contacts database hacked and it’s simple to track the problem back to the source.

Hello, Tamara

Tamara Stepek is the Metropolitan’s head of PR. She answers her phone line and she returns calls when she says she will. She told me straight off that she was relatively new to the job but was coming up to speed quickly.

I told her about the spam – the fact that the address hadn’t been bothered in over a year and now two in the space of a few minutes – and asked what was going on here.

“I don’t know,” she said, “but I’ll find out and get back to you.”

What? None of the usual lame excuses?

1. It was a technical glitch. (We don’t know what we’re doing with your personal information, but you can trust us with it.)

2. We thought it was really important information. (Great. I pay for you to tell me about your lunch specials. What part of NO do you misundertand?)

3. Just give me your email address and I’ll remove it from the list. (We’ve been busted. Now we want you to help us clean up our dirty little list that we bought/stole/harvested from the Internet.)

So Why Do Companies Spam?

Because it’s easy. And it seems really inexpensive: reach millions for only $1 a day.

As we move to mobile – where data charges can be usurous – shifting the cost of advertising to the recipient isn’t so hard to spot.

A few dozen junk emails a day? Annoying.

A few dozen junk emails a day on your mobile? That could push you over your data cap – more and more telcos are capping data – and start costing the recipient silly amounts of money.

See what happens with mobile spam when you’re racking up roaming and overseas data charges on your travels. The costs can be shocking.

Your Call Is Important to Us

I said a callback in a couple of days would be fine with me.

But Tamara didn’t call back the next day as we’d agreed.

She called back a few hours later, said she’d made some progress, asked a couple of quick questions, and said she’s have more information the next day.

No silly excuses, no BS.

What kind of PR person is that?

What she learned and shared with me was that I should have been spammed earlier. I’m not being sarcastic or facetious. An update that should have dumped my email into the marketing database was missed. When the error was caught…boom. Spam.

Spam that I pay for.

“I agree. It’s not fair,” Tamara said. “Were not at all like that.”

Metropolitan Hotels are now reviewing their entire online marketing strategy. “We’re checking on the settings,” she told me.

One big consideration is opt-in versus opt-out. In other words, you’re given a chance to keep the promo emails coming rather than being forced to opt-out. And for hard core spammers, opting out only confirms that they have a live one. So you’re damned if you do and damned if you don’t.

The Social Media Angle

The Metropolitan Hotel Toronto isn’t just a hotel: it’s a downtown nightspot and home to fine dining. So not all of the clientele are stayovers. Many of them appreciate knowing when something special is on offer – either in terms of price or rarity.

Nearly every company wants to be seen on social media – and that cuts both ways.

It means I can post on Twitter and the Metropolitan’s Facebook page for the world to see. Which is what I did. Tamara was obviously paying attention and responded in kind.

What’s Next?

I’m looking forward to finding out more about the Metropolitan’s review of online policies and practices.

I’m looking forward to meeting Tamara in person. She’s a prime example of how to deal with legitimate complaints in a a social media world.

And I’m looking forward to staying at the Metropolitan again.

-g

It took some mucking about, but we now have the Motorola bluetooth keyboard working with both. Not at the same time, but that could be a challenge for another day. ( We have a Motorola Xoom tablet going through some other testing at the moment, and assumed for better or worse that would be a slam dunk. We’ll see about that later.)

So why try to use a Motorola keyboard intended for the Xoom for two competing tablets? Because I liked the feel of the keyboard.

Blackberry is talking – yawn – about a bluetooth keyboard this summer. It’s mid August, gents. That’s 8,000 emails and Facebook posts ago. Hello?

Tried the Apple industrial aluminum chicklet keyboard. So clean. So pure. So…alien. Better than using bloody stumps to hunt and peck on the onscreen keyboard, mind you, but only just.

(If the lack of tactile feedback isn’t bad enough…what monster programmed autocorrect? But that’s off topic. For now.)

The keyboard and the tablet need to find and then connect to each other. It’s called ‘pairing’ and the most likely part of the process to cause headaches.

First, a disclaimer: This worked for me. I don’t know if it will work for you, but if you decide to follow these instructions, the responsibility for whatever ever happens is all on you.

OK. So step one?

Turn everything off. Power down the tablet. Take one of the batteries out of the back of the keyboard. Shut down and/or remove any other Bluetooth devices in the immediate vicinity.

And now we’re going to divide the class into two streams: iPad2s first and then Playbooks.

iPad2:

Fire up your iPad. Go to settings. You’ll find Bluetooth under General settings. Make sure it’s turned ON. Click on ‘Bluetooth’ and you’ll be taken to the Bluetooth ‘page’ where you’ll see a list of available Bluetooth devices.

Now put the battery back into the keyboard and turn it on, too.

You should see the Motorola Keyboard appear on the list of devices. If it doesn’t automatically connect, click on it.

You should be good to go. That simple. Really.

Playbook:

This is going to be a little weirder and requires you to put the keyboard into what Motorola calls ‘PC mode’.

Fire up your Playbook. Go to settings. Select Bluetooth. You’ll be taken to the Bluetooth page with a drop-down list of discoverable devices. Click on ‘Discoverable’ – which means that other Bluetooth devices can find and connect to your Playbook.

Now click on the Add New Device button. You can either choose to search for the keyboard or have it find you. Doesn’t really matter. Pick one.

Put the battery back in the keyboard and close the cover.

This is the odd bit: You need to hold – I don’t mean touch but HOLD – three keys down: V – A – R

Keep HOLDING while you press the keyboard’s power button.

The little green LED on the top right of the keyboard  should flash a few times – keep HOLDING – and then, finally, your keyboard should automagically appear on the list of devices.

Now you can relax your fingers.

Xoom? Why not. It’s right here in front of me.

Since I was switching from PC mode (the only way to connect to the Playbook that I could find and which calls for the V – A – R three-finger salute), the keyboard wouldn’t play nicely until the power was cut off. (The ‘power’ button the keyboard only seems to power it ON, not OFF.)

So there you have it: one keyboard, three tablets.

Hope that helps.

Oh, and by the way, we’ve coined this pairing of a keyboard with a tablet as ‘a Lego Laptop’ because we thought all this mobile technology stuff was supposed to give us fewer bits and pieces to carry around, not more.

-g

Fanboy Disclaimer: We are technologically agnostic. Hell, we even gripe about companies or products we’ve invested in. Dumb? Maybe.  But if we think it sucks, we think it sucks. It may not suck for you. It may save your life. Good for you. But it still may suck for us even knowing it saved your life. That’s called ‘having an opinion’.  We’ll probably praise a product, service or company you totally hate. In fact, we sometimes praise a product or service from a company that we totally hate. But if it’s good, it’s good.  If we tell you about stuff we get for free, we’ll tell you. We used to ask – and get all kinds of goodies – but mainly buy retail these days and that gives us the same ugly beauty experience y’all are having. Just the way we like it.

It’s admittedly an off-highway hotel with a drive-by clientele, and that’s likely the original intention. It’s not spartan, nor is it luxurious.

The complementary breakfast – which seems to be slipping a bit in variety – is what you’d expect from the usual highway stopover.

So what’s the big deal?

Location, price, connectivity and staff. And not in that order.

It’s just off the TCH across the St. Lawrence from Quebec City, and on the Montreal side so that the morning traffic heading west towards Montreal – less then 3 hours away (barring any more deteriorating bridge delays) – is paltry. And it’s about 7 hours drive from our home base.

It’s new, it’s clean, and it’s a great bargain. We’ve had singles, doubles, and self-

The best part: the staff. They’re friendly, accommodating and seem genuinely happy to interact with their customers. In English and French.

And the wireless Internet connection has been reliable and speedy.

For all of those reasons,  it’s become our regular one-night-away-from-home-base stop between home and points west.

The only problem is that the hotel hasn’t been terribly busy when I’ve stayed there. Not that we mind the peace and quiet, the great service, the great rates and the reliable Internet connections, all of which could go to hell if the place becomes too popular. But closing due to lack of business would be equally disappointing.

So I’m giving away this personal travel secret and hope that it spreads…but not too far.

-g

And what’s double disturbing is that the very first thing you should do if your phone is immersed in liquid, whether of the i-variety or otherwise, is to get it out as quickly as possible.

Be not afraid, or squeamish but reach right in there – dig around if you must – and drag it back to dry land.

With most phones, you have between 15 and 20 seconds to get them out of the drink before the water or whatever reaches the innards. And it’s usually deep trouble if that happens.

Is it pooched?

Probably. But no matter what your reptilian brain says, DO NOT TURN IT ON. Instead, remove the battery. DO THAT NOW.

Whew. We can relax a bit.

The worst possible thing that could have happened if you’d tried to turn on your phone or other mobile device now is that it would work. For about a millisecond. Before it fried itself.

Now take the rest of the phone apart – the pieces that come off or out easily, like any covers, the SIM card or memory cards. If you have access to compressed air, you can use it to carefully blow moisture out of crevices. Use a soft cloth or paper towels (not facial tissue – it often has talcum powder which can scratch screens) to pat down water. Shake moisture from openings.

If the liquid wasn’t plain water – coffee, juice, salt water, etc. – then you’ll need to flush your device with distilled water. If you’re shop savvy, you could also use denatured alcohol. It’s reportedly an ideal cleanser for salt water immersions. (This isn’t rubbing alcohol – that can leave too much of a residue. But it can be good to do some edge and keyboard cleaning with a Qtip.)

The next step is to dry everything out. Completely. And the best tool here is patience. It can take a week or more for a seriously immersed phone or MP3 player to completely dry out.

Some folks talk up uncooked rice (it absorbs the moisture that evaporates from the phone), others like silica crystals in plastic bags, while others prefer blow dryers.

My preferred tool is patience.

Can the other approaches work? Sometimes. Don’t heat batteries, though: they can blow up on you. And don’t put electronic devices in the microwave. Just throw them away and save the electricity.

If you do want to speed up the process, put the device on a rack in the path of cool breeze from an air conditioning unit. This air is very dry and will hasten the drying process without putting any undue strain on the components.

Can the phone company or computer shop tell if the phone’s been wet? Yes. Devices have built-in moisture detectors, and technicians can spot breaches in seconds.

So before you cough up for a hefty repair bill or the cost of a new phone, just wait a bit longer. You want it to be completely, entirely dry.

Now plug in the battery. Which may have zero charge. And try to turn the phone on. (Don’t forget to put your SIM card back into your phone.) If nothing happens, try plugging the device into a charger. The battery might be dead, so a new battery may get your phone working again.

If that doesn’t work, you can usually move your SIM card to another phone on your carrier’s network and have access to some of your data.

And that brings us to the crux of the problem if your phone or PDA takes a bath: it’s not the device, it’s the data. The phone numbers and notes and logs of meetings and documents and photos and all the other things we carry around in our pockets these days.

So tell me this: When was the last time you backed up your phone?

-g

Cool: Email right to our mobiles and tablets where it is likely to get our attention. Especially when we get our next mobile bill and can see how much we get to pay to receive this unsolicited, unwanted advertising.

How bad is it? Here’s a short list from just the past 24 hours:

Rogers Communications – And this is something the CRTC should be concerned about. Purchase a mobile phone with data services from Rogers, and they start spamming same phone with data rich advertising. Not only to you get to pay for it, but Rogers gets it both ways: you pay to receive the advertising and they get the direct benefit of helping you churn through your data limits. To push you into post-limit territory – where you pay huge amounts extra for tiny amounts of data and where the profits are measured in the hundreds of percent. This is the same Rogers that crows about how 95 per cent of its mobile customers use very little data. No wonder: they’re scared shitless by the ridiculously high data rates. (Canada has one of the most expensive m0bile data regimes IN THE ENTIRE WORLD.)

Delta Hotels – In May, the national media council of the Communications, Energy and Paperworkers Union met at the Delta Halifax for their annual convention. Yesterday, every single one of them who stayed at the host hotel started getting spam – nice, rich media spam that churn though mobile data plans like hot lead through soft flesh. The hotel chain says it was probably just a glitch, or somebody did something wrong by accident. That was when I only knew it was coming to me. Not everybody who stayed there. And I’m guessing not just for the media conference, but throughout the past few months. And in the spam, they have the unmitigated gall to say that the recipients requested to be added to the junk mail list. Despite making it abundantly – at least I did – that the email provided was to be used for one purpose and one purpose only: Confirmation of the registration including terms and conditions.

Eventbrite – This is a US-based online registration system that also harvests the email addresses of the registrants and immediately begins blasting them with direct spam that has nothing to do with the event they registered for, but all about Eventbrite. And, as usual, nice media rich spam that helps your mobile carrier wealthier.

Digital River – This is a payment processing company. One of their clients is Nuance, the company that produces Dragon Naturally Speaking voice-to-text software. According to Nuance, buying software from them through Digital River’s payment system means you are requesting relentless rich media junk mail from them.

And that’s just the harvest from part of one day, but then the season is still young.

-g

Read on for the EMail. Warning: due to choking hazard, do not read while consuming food or beverages (or “C&C” for any Usenet old-timers out there).

EMail scammers aren’t exactly exactly know for their literacy skills (E.g. supposed Nigerian royalty who can’t spell “Nigeria” correctly), but this makes the output from Google Translate look good. Not only that, but this budding “phisherman” was too lazy to even setup a web form somewhere (or simply didn’t know how). Instead, he expected people to manually EMail their login details… to a Hotmail account. Brilliant.