Saturday, December 19, 2015

Common Phishing Scams Circulating the Internet

Phishing emails have been around on the internet for some time, and can be very deceptive in their methods. Usually these are in the form of various fraudulent emails. The goal of these emails is to get you to click on a link at the minimum, others try to get you to enter your private paypal and banking info.

Many times these emails are obviously a phishing scam, and other times they can be very subtle and not appear at first to be a phishing attempt.

Emails from people in Africa wanting to give you millions of dollars are obviously a scam, most people dismiss these outright, but unfortunately these emails operate on the principal that a sucker is born every minute, even if 999 people out of every 1000 dismiss these emails, it only takes that 1 gullible person for the scam to work. Since emails can be mass emailed to tens of thousands and even hundreds of thousands of people in only seconds, there only needs to be a few gullible suckers for the scheme to payoff for the criminals. Large lists of people's emails are openly traded on the internet black markets and this is where the criminals get the email addresses from

Other emails are more subtle, crafty computer criminals have been known to create seemingly legitimate emails often listing a news story related to the industry the targeted person works in, and having a link for the targeted person to click on to see the "full" story. This scheme was successfully used by the now imprisoned cybercriminal Max Butler, who crafted a fake story related to the financial industry and then emailed the story to employees of Citibank, when the Citibank employees clicked on the link in the email, malware was installed on the Citibank computer network allowing for cybercrime to be committed against Citibank. Max Butler even registered a fake webdomain for the purpose of this scheme, FINANCIALEDGENEWS.COM.

Max Butler is now serving a 13 year federal prison sentence for computer and financial crimes. Here he is pictured in his standard issue prison uniform.

A person should never click on any link in a questionable email. Even if the email looks even slightly legitimate. Do not click on links in emails from people you do not know. Often when the link is clicked, malware will be installed on the users computer.

Most often this malware will do one of several things, or even all of these things:

  1. scan the victims computer for files containing passwords or financial info such as bank accounts and credit card numbers.
  2. Install keylogger software on your computer that will record everything you type, specifically logins and passwords for online banking and Paypal.
  3. Install botnet software on your computer, a botnet is a surreptitious software network that resides on victims computers and allows the cybercriminals to send commands to the victims computers across the internet for various schemes, often involving mass spam emails, and also so the cybercriminals can use the victims computer to launch attacks on other networks and disguise the true source of the attack, and also for distributed denial of service (DDS) attacks on websites designed to overwhelm a website with massive page hits, slowing the website down and even making it completely unavailable.
I have started a collection of some of the common phishing emails that are circulating the internet that I have received in the past.

I received a few emails claiming that I have WhatsApp messages waiting for me. Dubious since I have never used WhatsApp at anytime. WhatsApp is a popular instant messaging client for smartphones that allows people to send messages to other users of WhatsApp. While not exceedingly popular in the USA, WhatsApp is very popular in other parts of the world such as India and Brazil. If you are like many Americans and do not use WhatsApp, never at anytime click on the links of these emails. Here is a screenshot of one of these emails I received.

Some things that show this is obviously a fraudulent phishing email, note the email address of the sender, that is not an email address that the real WhatsApp would use, the real WhatsApp would use as part of the sender email address. So that is a prime indicator that this email is Fraudulent.

Also the button titled AUTOPLAY does not link to the domain, the link in this email is to LINUX1.NET/lake.php, a person can see this by hovering the mouse pointer over the autoplay button, without clicking the button. A real whatsapp message would never use such a link with that domain name.

This email tries to take advantage of a persons curiosity, "Oh, someone sent me a message, Who?", Most likely what happens when a person clicks the link is that Malware is installed on their computer, or, also, a fake login page is displayed asking the victim for their WhatsApp login and password, or even both!

Next is the Viagra - Cialis scam email, this one is actually crafty as it uses a canadian sender email address domain, its well known that prescription drugs are much lower price in Canada. However Viagra and Cialis would never sell at the prices listed in this email, even in Canada, also legally drug producers are not allowed to solicit sales of drugs on the internet without the boilerplate health warnings required by law. Viagra typically sells for $20 to $50 dollars a pill, never at the prices here. Click on the link and malware will be installed, or a fake webpage will gather your credit card information, and it may even be possible the victim would actually get pills in the mail, but they would certainly be fake pills.

Skype emails? Really? I was not aware that Skype lets you send an email, only instant messages and voice/video calls. Note the fake domains in this email that are not

RUSSIAN Women? This is obviously a scam, also I have heard nothing but bad things about the Russian Bride Industry. Note the questionable sender email address domain name.

Facebook actually had a system before where people could have a email address, however it never was popular and Facebook no longer promotes it. Note the domain on the sender email address is not, marking this as an obvious fraud email. Also my Facebook page does not use my hotmail email address, another indicator of fraud.

Everyone would love to have a $100 credit to Amazon! But this email is a complete fraud, the sender email does not have the domain of, and also the link does not link to an link, so this is a complete fraud.

Note that these phishing emails all have a common purpose, to get you to click a link in the email.


Sunday, January 6, 2013

Responsiveness Issues To Be Aware Of

There has been alot of hype in the web development media about so-called 'Responsive' web sites, and how they can be used to have a one-size-fits-all website that displays nicely in regular desktop computer web browsers and also in mobile device browsers on smart phones and tablets. Using CSS styling a 'Responsive' website is designed to collapse gracefully in smaller browsers of mobile devices. These websites display nicely in both regular web browsers and also in mobile browsers. However, there are still issues with 'Responsiveness' that web developers should be aware of.

Before 'Responsiveness', and still today, many organizations make a separate website specifically dedicated to be viewed in mobile browsers. Often this is done by creating a sub-domain on their main web domain with the letter 'm' or the word 'mobile', such as or For several reasons, this method is superior to 'Responsiveness'. To demonstrate, later  in this post I will build a simple responsive website, show how it works, and then point out some of the issues to be aware of.

First, one has to remember there are different tiers of web access, I have listed some here with short descriptions:

1 - Desktop Computer with Broadband Internet Connection "Normal Web"
2 - Mobile Device with Wifi Internet Connection "Mobile Web with Wifi"
3 - Mobile Device with Cellular Network Internet Connection "Mobile Web with Cellular"

Since the majority of persons these days have broadband internet connectivity at home with their desktop or laptop computers, the use of high definition, large size images and video have flourished on the internet, and sites such as YouTube and others are now quite popular since most people have enough bandwidth to view the content without problem. Also, mobile devices using WiFi have enough capacity to see this content also without problem.

The issues start to occur with "Mobile Web with Cellular", where a person is using the cellular phone network their mobile device is a part of  to connect to the internet. Unlike broadband internet, the bandwidth of this connectivity is limited and dependent on the type of cell phone service plan the person has with their mobile device. Some users do not have plans at all, but use prepaid service, such as AT&T Prepaid mobile service. These types of service limit the amount of content a user may see with their mobile device, for example, 1 GB of content per month, or with prepaid, 1 GB of content for $25. These devices can view regular websites, but the large size of images and other content of a regular website will quickly 'use-up' the available amount of content these users have available to them. Hence a 'Responsive' website with high-definition images is not a good option for these users. 'Responsive' sites use the same content on a mobile browser as they do in a regular browser on a desktop computer. It is much better to have a dedicated mobile site with highly optimized images.

Lets demonstrate with a simple static website using a nice high-definition image of a wave. I will create a file called 'index.html' in Visual Studio and place within it a favorite high-definition image I have with a fixed width of 800 pixels. The source code of this file will be the following:

You can view this file in your favorite web browser by visiting the following link: Static Example

As you can see in the CSS code, this image has a fixed width of 800 pixels, since it is a fairly large image of 119 kb it displays well at larger sizes. Resize your browser to a smaller size and see what happens, the image stays the SAME size and scroll bars form on the the browser so you can see the entire image. Kind of like the following:

Now with some simple changes to the CSS code, we can make this webpage 'Responsive' so that the image automatically changes size depending on the size of the browser. We do this by changing the width of the image in the CSS code to 100%. Its that simple. Here is what the code looks like after the change in a new file:

Click the next link to see the results in action, try re-sizing your browser to a small size, and note that the image re-sizes also, instead of scroll bars forming, this is a very simple example of responsiveness:

Responsive Example

"This is great!" you say, "I can have one website and it will look good on mobile devices as well as desktop computers". Here is an example of the results:

But Wait!! What is the problem here? Egad!! The image actually displays at different sizes, but its actual size on the server never changes!!! It still stays a whopping 119 kilobytes no matter what size you make it in the browser!!! This is needless and also wastes the user's precious cellular network internet connectivity limits. With large images being viewed on a mobile device connected to the internet through the cellular network, all of the following happens:

  1. - The page takes longer to load into the browser, frustrating mobile device users
  2. - The mobile device uses more power to process the image
  3. - using more power, the users mobile device battery will run out of power sooner
  4. - larger images fill up the users bandwidth limit quicker and they spend less time on your website.

Using an app like Adobe Photoshop, a highly optimized smaller image can be made, of only 20 kb, over 80% smaller than the larger image, and the image looks fine at a small size. Click on the following link to see an example of a highly optimized smaller image ideal for mobile devices:

Optimized Mobile Image

The image should look like the following in your browser, note that it still looks nice at a smaller size good for a mobile device, but this image is over 80% smaller in kilobytes than the image in the responsive page!

"Wait!" you say, "Just make all my website images mobile optimized and I will be fine.". Sorry, you cannot "get there" from here. When you try to display a highly optimized image at larger sizes, it becomes grainy and blurry, or what is called "pixelated", looking overall like crap. Click on the following link to see what our highly optimized mobile image looks like when made to be 800 pixels wide, the same size as the image used in the 'Static' page near the start of this post:

Mobile Optimized Image Larger Size

As you can see in this screenshot, the image has become pixelated and does not look good:

If you have a website with many graphic images on it, and you are not able to optimize the images to a smaller size, you should avoid having a 'Responsive' website for all of the reasons shown herein. The best solution is to have 2 websites, one dedicated to normal desktop computer and laptop web browsers, and a separate one dedicated to mobile devices.

At some point in the future, years from now, cellular network bandwidth will increase and rival that of today's WiFi and desktop connectivity, but until that day, it is best to have a site specifically dedicated to mobile devices.

Just in the example here on this blog post, by using a highly optimized image specifically for a mobile device, the webpage became over 80% more efficient for a mobile device!

The mobile website for ABION Technology is currently in work and will be finished soon.

ABION Technology