At the moment, there are a couple of interesting (and fairly well-crafted) scams going around. I’ve seen/received all of these in the last week or so.
It says something along the lines of “I know what you’ve been up to – when you were on that porn site (it’s noticeably non-specific on details) I loaded a screen-grabber to your machine, so we could record your ‘activities’“. Some of them also have something like “We know your password for the site was [whatever]” – the password is usually an old one that they’ve taken from a record including your email address, and gambles on people using the same password across multiple sites. (In fairness, most people do exactly this) And then it asks for a ransom “or your shame will be available for all to see” It’s pretty basic, but is apparently enough to scare a certain sub-set of people (AKA gullible idiots) who so far have forked out around $250,000 to the scammers.
Second – and there are two types of this currently bonging around – are the HMRC scams.
These basically draw on the whole paranoia about HMRC losing payments, or trying to take the business owner to court.
I’ve had umpteen emails about “Your payment hasn’t gone through” along with attached links or forms to fill in – always a pretty damn good clue that it’s a scam. And again, they’re all ridiculously non-specific, don’t mention a company name/details, or what the payment is supposedly for – another warning sign
The second type, which is a bit nastier, is the phone message – I’ve had a couple now, with a message saying “We’re issuing a warrant in order to discuss this matter with you“, and sounding a lot more official. Still no details though, or anything about what they’re wanting to discuss. (I know, in theory GDPR would also stop them from discussing, but that’s a side point for now) However, they show the phone number – in my experience, calls from HMRC and the like come through a switchboard, and usually show as “Unknown Number” – and a quick search on that number provides more than enough evidence that it’s a scam.
Of course, there are plenty of other scam emails out there – it’s just that these are the ones I’ve noticed specifically this week, and particularly after having received a couple of the “HMRC” calls yesterday and today, so I thought I’d write a bit about them.
This week I was in London during the week, attending the 2018 Lead Developer conference. I’ve been before, both in 2016 and 2017 (so I’ve only missed the first one, back in 2015) and this year was as good as the previous ones. It’s gone from size to size, and this year had 1,100 delegates – which also meant that it’s outgrown the QEII centre, so this time we were at the theatre in the Barbican centre instead.
I had decided this year that I couldn’t be arsed with frantic travelling, so instead went down to London on Tuesday afternoon, checked into a hotel in Islington (so I had plenty of opportunity to keep up with walking and so on as well) and stayed for two nights. On the Tuesday I also darkened the doors of Mac and Wild, where I had a truly ridiculous (and rather excellent) off-menu burger. Following the first day of the conference I also walked to Mere (again – and I hadn’t remembered I’d done much the same thing last year until I re-read the post from then) and back.
On the Thursday, once the conference was done, I walked up to where I’d parked the car, and had dinner in Wahaca up there before driving home. This had been planned, as it meant I left London just at the time that England started their kickyball match in the World Cup, which meant that the roads were comparatively much quieter than usual, and that the drive home was pretty easy.
Along the way, I’ve also been able to complete a full working week, allbeit crammed into three days rather than five. It’s been pretty tough, but at least it’s all done now.
After this weekend, things calm down a lot – and I honestly can’t wait.
A long, long time ago, someone on Twitter repeatedly introduced me to the chemically geeky “Things I Won’t Work With” blog, which basically did what it said on the tin. Chemical compounds and experiments that were… on the energetic side, shall we say? The way it was written made me laugh, and I loved seeing the sporadic updates.
Then it disappeared, and I pretty much forgot about it.
Only it turns out to have been (still sporadically) updated, but on a different site – something I found out this week. I’d been on The Twitter to mention to that original someone about a newly reprinted copy of “Ignition!” (which , from memory, had been one of the inspirations for “Things I Won’t Work With”) and then other Twitterers reminded me of the name of the blog.
“Ignition! An Informal History of Liquid Rocket Propellants” is fascinating. Originally written in the early 70s, it hadn’t been reprinted in decades – (but there’s obviously been some demand for it, as the publishers weren’t going to go to the effort if there weren’t) but it was on my ‘want to read’ list if I ever found a copy. When I saw earlier this year that it was being re-printed, and available as an eBook as well, I pre-ordered immediately, and it arrived this week.
The book itself has an irreverent style to it, which is fine – and even understandable, considering that the author was part of a very select group involved in all this stuff. I’m not a full-on chemistry geek, so some of it is a bit mind-boggling, but it’s been a great read. I’m really glad I managed to get it in the end.
One of the things about being a techie is that I own a fair number of web domains. Some I’ve got for things like ongoing projects, business names I like, and a bundle of other stupid shit. A lot are in the “when I get a chance” state of being – the ideas remain, and haven’t been done by anyone else, but for now they’re kind of drifting.
However, one of the other things I do is have a couple of domains that are purely for use when buying stuff. They’re set to forward everything to my home email account, so it means I can set up anything @ the domain and it’ll do what I want. While it sounds a little bit mental, there’s a very good reason for all this.
For the purposes of explanation, let’s say I own a stupid domain, like myemail.com
So – when I buy something from a new company, I register with them using [company_name]@myemail.com . Any mail there will come to me – it’s a legitimate email address, just not one I’ll ever send an email from. (I can if I need to, but that’s a different point) Everyone’s happy.
The key, though, is that if [company] starts spamming me, I can block that specific address, rather than having to do any kind of weird and fragile message rules etc. It’s easy – I just add [company_name]@myemail.com to the ‘bin everything’ list, and there we go, it’s gone.
What I’ve found recently though is another interesting one – I can easily tell when [company] has been hacked, or lost its mailing list somewhere.
This week, I’ve been getting some *very* clever phishing emails (the ones about ‘just log in, give us your details, and we’ll sort this out’) to one particular address. They’re good enough that if they had come direct to my home email, I might’ve clicked on one by mistake. (I haven’t, but I could have) They’re *that* good. But I can see that they’ve come to [company]@myemail.com , so a) I know they’re shit mails, and b) I know that [company]’s mailing list is being used.
I’ve let [company] know, although there’s not much they can do about it now. But at least maybe they can notify their customers that their details have been leaked/stolen.
All told though, it’s another interesting reason to have that particular domain, and to use it in this way to keep my own information as safe as possible.
At the moment, I’m waiting for some new tech stuff to arrive, that will (hopefully) enable me to do more writing while I’m out and about.
All my current easily-portable tech is either too big (laptop-sized) or has a shitty on-screen keyboard, which is OK for small amounts of typing (email etc.) but bloody hateful when it comes to writing larger amounts of text.
Weirdly, two are keyboard/typing alternatives, and the other is a new device that I’m pretty excited about, and hopeful for.
The first of the keyboards is the WayBlade – what looks like a really nice keyboard, and I’d like to finally get my hands on it. However, as I ordered it three fucking years ago, I’m not holding my breath for it to finally arrive.
The second one is a typing device, rather than a keyboard. It’s the Tap, a wearable device that appears to use chording as a typing method. It’ll take a bit of learning, but I had a device back in the 80s (the Microwriter AgendA) that also used a chording keyboard, so it shouldn’t be too unfamiliar.
Both of those will be useful to have (assuming they actually arrive) regardless – well, it’d be nice to have one or the other, but knowing my luck, both will turn up within a couple of days of each other. But whichever one works best will stay, and be useful with the phone at least.
The final device though is a bit different. Way back when I wrote about writing tools before, I waxed lyrical about the old Psion devices, the 3a/mx, the Revo and the Siena, that were tiny devices with brilliant keyboards – and how it was surprising that there weren’t any similar things around currently.
And now, there’s a new device coming, the Gemini. They’ve obviously worked from the same kind of viewpoint I had, including partnering with the people who designed the Psion devices. They look really promising, and I hope it’ll be as good as it appears to be.
So hopefully, going on the evidence of preview reviews and so on, the Gemini might just turn out to be a decent replacement for most of the stuff I currently use the phone for. It’ll be interesting to find out, anyway.
Yesterday, I got a text message from O2, telling me that they were going to be closing their TuGo app (an app that allows phone calls to be made/received through my wifi connection, when the mobile phone signal is bobbins) at the end of November. It gave some options for enabling better alternatives, including their ‘4G & WiFi Calling’ through a range of phones, so it will no longer need a separate app.
That’s all well and good – and TuGo has always been a bag of shite anyway. So I started to go through the process, as ‘detailed’ by O2 of how to get it all set up on my phone.
Except that once I’d enabled it on my phone (or tried to) it told me I needed to do it via the O2 website, to activate it on my account. Bit of a pain in the arse, but OK, let’s get it done.
The page detailed in the message doesn’t actually contain the information necessary. I can see a link explaining how great the 4G and Wifi Calling is, but nothing to activate it.
So, I start up a LiveChat with one of their Tech Gurus, who tell me that it’s still showing I’ve got Tu connected to my account, and that needs to be removed before I can do anything. No worries though, they’ll sort it out. Give it about half an hour, reboot the phone, it’ll be done.
Except it wasn’t.
So I got back in touch with O2, this time by phone instead of LiveChat. Oh dear, oh dear.
I (eventually) got through to another of their Tech Gurus, who again says that Tu is still connected to my account, and that I have to uninstall the TuGo app on my phone in order to get rid of the connection. No idea why the previous tech person said they could do it, that’s not possible, it can only be done from your phone, sir.
So I uninstall the app, in the usual way. Oh no, sir, you haven’t uninstalled it. You’ll need to go back to the app store, reinstall the app so you can uninstall it. (Eh? What?) Yes, you’ll need to reinstall the app – you didn’t uninstall it, “you just deleted the little picture on your phone”. That’s a direct quote. From a Tech “Guru”. Who doesn’t appear to even know the word “icon”.
So. Let’s see how this goes. Phone call goes to speakerphone, so I can go through the process while the “Guru” is still on the call, and telling me what I need to do. I reinstall the app – and in order to get in to it, I have to rebuild the connection and association with my number – because uninstalling the app has got rid of all that information . Which is exactly as it should be.
I rebuild the connection, then go into the app’s Settings and Delete the Account. The Guru says “Oh there we go, I can see you’ve now uninstalled the app”. No, I haven’t, I’ve deleted the account. The app is still installed, I can see it. “No, it’s uninstalled”
All the way through the call, that “Guru” couldn’t tell the difference between “Delete the Account/Connection” and “Uninstall the App”.
It’s resulted in two further interactions with layers of O2 management, telling them the problems, fixing the issues, and generally getting it more sorted.
And all the way through this, all it would have taken was for that “My Device” webpage saying “You’ve still got an active connection to TuGo – you need to remove that before we can progress. Here’s how.” That would’ve fixed everything, and I wouldn’t have needed to speak to O2 at all, let alone a total of four times.
Sometimes I just despair of people, and companies.