Category Archives: Security

My latest moan and groan!

A few days ago I had cause to register a new Internet domain name for a project I’m working on.

On this occasion it was a “.net” domain.

Unfortunately for some reason I wasn’t given the option of taking the “Identity protection” option at the time of purchase, and I’ve not previously had too much in the way of issues by not taking it, so didn’t really think much of it.

This time however, proved to be different.

The WHOIS records for the domain concerned contained full name, address, and telephone number contact details.

Within hours of registration I was starting to receive spam e-mails like this one:

Anyone with a degree of knowledge will know that search engine registration is free, and threats like this one that if you don’t (implied: purchase their service) your website will not be indexed by search engines is misleading at best, and outright deception at worst.

What was slightly more sinister this time was the fact that so far this morning I have received no less than five unsolicited phonecalls from foreign sounding ladies & gentlemen, and in one case a silent call directly to my mobile.  The calls I actually answered all wanted to talk to me about website development, or search engine registration.

This takes publicly available personal contact details, and exploits it in an entirely new way.  They MUST get enough takers to make this worth doing, but it alarms me to think that people would fall for this.

I’ve subsequently enabled ID protection on the domains I can, and have requests outstanding to complete on others.

I am using a fairly advanced spam filter on e-mails, which is “learning” about these new unsolicited e-mails every time they come in, and I use Truecaller on my mobile, and Sky Talk Shield on the home phone number.

I wonder how many more will bug me?

 

How not to do Security!

So I’ve been having some problems over the last couple of days. And by the looks of the Google search results, I’m not alone.

Our Chinese Spammer friends have found a new and really bloody annoying way of getting in our faces.

For anyone with an iCloud account (including just about anyone with an iPhone, iMac, iPad, etc) they are sending bogus event invitations to your iCloud e-mail address. These are mass sent events, and all you can do is respond with “accept”, “maybe”, or “decline”.

Screencap!

These events will pop up in your calendar, and depending on your reminder settings will disruptively pop up on your Phone or iPad.  Unfortunately ALL of these responses will send a trigger back to the sender, so he/she knows that the e-mail address is active, which anyone with a grain of common sense will know is the last thing you want to do, because they will then send a load more junk to the e-mail address if they know it’s active.

The only temporary bodge “fix” seems to be to create a new calendar called “Spam”, move the spam events in to it, and then delete the calendar.  I’ve not managed to get that to work as yet on any of my iDevices.

This is a poor show by Apple;  There seems to be no way you can restrict the receipt of event invitations to people in your contacts list, or to report an e-mail address for sending spam.

So thanks for this Apple.  Sort it out, please!!

Here’s hoping for an “update” soon that will give some better options!