Have we here a Facebook Stalker?!

Of great consideration to online privacy are facebook stalkers. If a stalker randomly manages to add a few of your friends and you have your Profile Privacy Settings allowing “Friends of Friends” to see everything then your stalker effectively has access to your profile even without having added you.

I’ve now adjusted my privacy settings more strictly and I’ve used the “See how a friend sees your profile:” tool to get an idea of how it changes things.

我的 “Basic” Information I had available to “Friends of Friends”. This includes “Gender, Birthday, Hometown, Political and Religious Views and Relationship Status” according to Facebook’s description. You might think it fair that friends of your friends have an idea of how you roll.

But can you trust 所有 your friends anti-stalker spidey-senses?

I think NOT.

I previously had it that friends of friends can see my photos and videos but not much else. I’m thinking of changing that now too.

But wait, there’s More!

Further to this, we should be vigilant of “fake” Facebook profiles. Stalkers are usually apt enough to create more than one account with fake names. If you block one they create another and attempt to get a glance at your profile once more. I’ve created a friend group called “Privacy Pls”. This group is limited from being able to see anything other than a very basic page. 這 “basic” view is akin to when you first started using Facebook and didn’t know you could add lots of stuff in there (stuff you later realised you didn’t want anyway).

If someone adds me and I’m not absolutely sure who it is, I add them to my “Privacy Pls” group. Also if someone adds me and I don’t want to offend them by ignoring their invite I’ll rather add them to this group. Perhaps you feel you have a pervy boss for example.

But Wait! There’s More – and this time you can do it TOO!

To do this for yourself, go to your Friends page, 點擊 “Create New List”, and name it something appropriate – “Privacy Pls” in my case. Add the appropriate friends to this list now or add any future “suspect” friends to the group.

下一個, go to the Profile Privacy Settings page. Underneath each section you will find a “Edit Custom Settings” 按鈕. Click the first one and, at the bottom of the dialog that pops up, you will find “Except these people”. Add your “Privacy Pls” group here. Do the same for all the sections you don’t want them to see. When done, use the “friend’s view” tool to confirm what is made available to persons on that list.

And the Friend-of-Friend Stalker?

To prevent your “Friend-of-Friend” Stalker from being able to see your profile, do yourself a favour and think very critically about what you want potential stalkers to be able to see. Now go change those Privacy Settings to “Only Friends”.

For the Photo Crazy

Check up on your Photo Album Privacy 設置. This is set up much the same as your profile settings. Consider carefully who you want to be able to see which photo albums and adjust the permissions appropriately!

Your Personal Contact Information

最後, check up on your Contact Information: 點擊 “Profile” button towards the top left of the Facebook page to get to your profile. Then click on the “Info” tab within your profile. When you mouseover the Contact Information section you will see an “Edit” link pop up on the right. Click this button to start editing your details.

Next to each item you will find a “lock” icon. Click this lock to define further permissions for which friends are able to see the items. You’ve never give your address and phone details to a dodgy stranger you meet on the street. Why do we then go and give it away to everyone on the Internet. I recommend the following:

• Allow “No one” 上:
  • email address
• Allow “Only Friends” 上:
  • IM Screen Names
• Remove completely or allow “No one” 上:
  • mobile phone number
  • landline number
• Limit the following:
• address details – give your area or suburb – but NOT your full address

Hopefully we don’t all have to learn our lessons the hard way.

P.S. (especially to the guys and gals who have asked) I’ve been extremely busy these last couple of weeks. I have a lot of unedited content I’m hoping to make publishable very soon!

I think the Internet is a scary place. 是, me. Some days I find myself horrified to find the lowliest of criminal bastards trying to steal our livelihoods.

是, people, there are criminals out there and they want your money or they want to use you to make money. What’s even more scary is the lengths to which they are willing to go, even risking YOU. Do not pass Go. Do not collect $200.

I received an email saying that I was being offered a job as a “Regional Assistant” 和, though the details weren’t given, the email suggested that it was a legitimate opportunity. I replied asking about where they’d received my details and also about what they would require of me.

Being the skeptic I am, I thought I could spot scammers a mile away. How fortunate that I can still laugh at the idea.

A few hours later, they replied indicating that I’d soon receive further instructions. They’d “probably” been referred to me by a friend and they had a pile of referrals and so couldn’t specify which friend had recommended me. I waited patiently and left it to the back of my mind. “They’ve probably found a good candidate already and I’ve lost out”, I thought. “How nice that a friend might refer me. Obviously I’m Awesome.” (and daft :-/)

So later on, I receive my email with my “further instructions”. This is where I finally realised that I was dealing with scammers:

Hi. We’d like to start a trial task. Our customer will make a bank transfer to you this week. Please go to our site <site omitted> to submit the banking details where the transfer will go to. Once we’ve established a good transaction history, you will receive between 2-3 transfers per week (amounts of about R10 000 each except the first trial transfers).
Please confirm that you can start. We don’t send any transfers to your account until we receive confirmation from you.
On Monday you will receive notification, detailed information and instructions regarding the transfers. Thank you and have a lovely weekend.

Say what??? I checked out the web site in question and, without a doubt, this is a money laundering scheme done by professionals. They know what they’re doing and they probably launder millions every month. What’s more is that, inevitably, they will screw you over and get the cops to arrest YOU. These criminals can leave evidence behind implicating you even if all you’ve done is diligently moved money from one place to another… and kept a small percentage for yourself. 😛

Money laundering is where illegitimate money (stolen, probably) is transferred via third parties to appear more legitimate. You’re an accessory to the crime and, even worse, you’re even likely to be the victim of it. Recognise when an opportunity is too good to be true. I was fooled for a short while. Next up, given that a victim might give out a lot of personal details, the scammers might steal your identity and start to implicate you in fraudulent activities without you ever having done a thing.

If you happen to have already given any details such as the above where they wanted my banking details, contact your bank and inform them of the situation. They will give you the best possible advice on what to do next. If you’ve already responded to the mail but haven’t yet already given them the information they want, don’t reply any further. I’d also suggest calling your local police for further advice.

Why is it that we’re so gullible?

I even considered for a whole second that my colleague had cross-checked the following SPAM before posting it on our IRL noticeboard. Please note that the following text originally had really bad-for-your-eyes fonts and colours. 😉

Urgent Warning from
Cell C, 沃達康 & MTN!

[business card of a “Legal Representative” of the Special Investigating Unit]

Dear All,
If you receive a phone call on your mobile from any person, saying that, he or she is
a company engineer, or saying that they’re checking your mobile line, and you have
to press # 90 或 #09 or any other number.
End this call immediately without pressing any numbers.
There is a fraud company using a device that once you press #90 或 #09 they can
access your ‘SIM’ card and make calls at your expense.
Forward this message to as many friends as you can, to stop it.
All mobile users pay attention if you receive a phone call and your mobile phone
displays (XALAN) on the screen don’t answer the call, END THE CALL IMMEDIATELY,
if you answer the call, your phone will be infected by a virus..
This virus will erase all IMEI and IMSI information from both your phone and your SIM
card, which will make your phone unable to connect with the telephone network. You
will have to buy a new phone. This information has been confirmed by both Motorola
and Nokia.
PLEASE FORWARD THIS PIECE OF INFORMATION TO
ALL YOUR FRIENDS HAVING A MOBILE.

The first things that got me thinking was the text denoting authority at the top of the page. 現在, bear in mind this is on a noticeboard – not my inbox where my anti-spam senses are at their peak.

Who could possibly have the authority to say they’re sending out a notification on behalf of each of South Africa’s tri-opoly of GSM providers? Okay, so its some “Special” Legal team that sounds government-type. They’re legit – it turns 出 – but they probably don’t have enough time to take my call asking if this is all true. Absolutely everything on the Internet must be true, especially anything I say. 😛

So anyway, now that we’re over the silliness, let’s break this hoax down:

Official Documentation

Bar a business card, which is hardly standard in any industry, there is no official contact information. I’d expect at least a letterhead or a misguided trailing disclaimer.

Presentation and Language

There are actually 2 notices here regarding separate threats however it isn’t obvious without reading the text in full. This is because the paragraphing and grammar are very poor. Government institutions don’t normally issue poorly-worded or paragraphed documentation. 還, why not issue a separate notification regarding each threat separately?

和 Lime Green??? bleh

There are no links to further resources

Any warning of this sort would undoubtedly offer further information or advertise the online presence of the institution. 還, perhaps they’d like for you to give feedback on the situation or maybe they’d like us to report on further suspicious activity. But no. 無. Just a specific representative’s business card. What if the guy dies, finds a better job, 或 leaves the country?

“There is a fraud company … “

This means that they haven’t any clue who it is. This is a broad and passive statement. Question whenever someone says “they” 或 “people who”. Who is this “fraud company”? Where is “there”? And why doesn’t this crack government legal team (who have to use chain mail to spread warnings) let us know through their uber-powerful chain mail network?

“Forward this message to as many friends as you can”

我的, oh my. This line has probably been in every chain letter / social engineering virus (my special definition) since sliced bread.

“This information has been confirmed by both Motorola and Nokia.”

They’re trying to prevent you from thinking for yourself and try to verify their claims independently. They’re saying “You’re stupid to check. We already checked for you. :-ð”. 當然, in reality, they’re just trying to take advantage of our gullible nature.

“#90 or #09” 和 “XALAN”

There isn’t any way for you to verify this. 再次, question everything. Google’s first page of results is riddled with the words “Cell phone warning hoax”. duh.

If you get a message like the above from your friends, reply and tell them to stop sending spam… and maybe give them a link to this page so they know why. 🙂

So I gots me s’more spam to mah mobile. o.O

Thankfully, it turns out that there is some proper recourse. Thanks to Stefano for pointing me in the right direction. (original post 這裡)

WASPA (or Wireless Application Service Providers’ Association) is the “Industry Body” for Wireless Service Providers in SA. They have a complaints page where you get to submit all the juicy details about how a WASPA (or WASP) has breached the WASPA Code of Conduct.

Perhaps the provider in question gets featured on the complaint reports page – where everyone will see how much they’ve been fined along with a full report of the complaint. This includes WASPA’s investigation and a summary of the communications with the Service Provider concerning the matter. 更重要, its all publicly accessible.

I just wish people actually KNEW about this thing though. I certainly didn’t know that a WASP isn’t just the name of a (usually) flying insect? Yeah – turns out some wasps don’t have wings and are mistaken 為 ants… go figure.

Back to the topic at hand: Spread the word! And lodge your complaints!

我沒有得到太多 垃圾郵件 我的手機. 我收到的隨機短信就有關場合 “特別” 提供等等. 有人也曾經sms'd “代表我” 這些中的一個 深夜 E-電視 特價廣告. 每個月我收到了一個誘人的消息，通知我一下，我錯過了什麼. 雖然我不知道, 有沒有不發送列表，我可以在MTN添加自己, 沃達康, 或細胞-C?

可以在任何手機提供商列表中的所有已發送的短信，你的通過短信群發系統，在上個月的公司, 例如? 我可以告訴我的手機供應商，可以在無需發送短信花費我R7.50字的SPAM “停止”? [編輯… 原來，這是短信 假想的 以最低可能的速率進行充電. 謝謝, 滾草]

最後, 我聽說過這些服務，你付出永遠接收內容. 永遠處在於其他們假設你希望他們給你每天充電R5送你的東西服務. 我妹妹有一個問題，她從未有過的通話費. 這是因為她的R20的每週津貼會被其中的一個，第二天吞下整 “服務” 這給她發了一個愚蠢的圖片，扣除R10. 用她的電腦約5℃使用，她可以下載了相同或相似的圖片 谷歌的 圖片搜索 和我有 大小和裁剪 它沒有明顯的失真或走樣完全適合她的手機屏幕. 同時, 他們聲稱的版權是LAME內容. 我敢打賭，他們偷的照片從網上自己反正.

到底這是比較容易讓她得到一個新的預付費號碼. 我只是希望他們不還是會發送更多內容誰就其回收後得到她的老字號. 😮