Well Fargo gone phishing

So I got this crafty email today:

wellsf

Seams legit right?  I mean, except for the fact that it went to one of my junk email addresses.. So I inspect the link before I click (like all good boys should) and sure enough the first link was a valid wellsfargo link but the 2nd took me to knickerbockerpartners.com

So cautiously I proceed to see what they are trying to do..

welsf2

so I give them my sworn enemy’s ssn since she hasn’t learned the importance of protecting herself from id theft yet. 

wesl2

Now they want the pin number..

what happens after this.  It redirects back to the real site. 

wels3

In the time it took to make this post, the site appears to be inactive.  Phoey, I wanted to try a sql injection scheme aginst them to see if anyone actually fell for the bait.. possibly cut off their access too.  oh well.  maybe nexttime. 

Exclusive Mortality?

Malachi 2
7For the priest’s lips should guard and keep pure the knowledge [of My law], and the people should seek (inquire for and require) instruction at his mouth; for he is the messenger of the Lord of hosts.

10Have we not all one Father? Has not one God created us? Why then do we deal faithlessly and treacherously each against his brother, profaning the covenant of [God with] our fathers?

I had always heard stories about Rev Jose Rene Angel at the San Isidro Catholic Church but never really met the guy before. My church in Edinburg went out to my home church in San Isidro once to put on an outdoor event and I remember the drive way being lined up with cars of those watching from afar.  Good thing we took the projection, i should have brought a fm transmitter too.  Come to find out later, these were visitors from the Catholic Church who felt they were not allowed to come down and visit but still wanted to see what was going on.  Small town for you.  I shrugged it off at first but it always seamed to bother me.  The other day on a popular social site, I came across a photo from a former classmate.  The text of the photo read “Visiting Protestant Places is a Mortal Sin”  I think the only words that could come to mind were “wow”  The next day another image came up, this time taken during the day…

Visiting Protestant Places Is a Mortal Sin
Photo: Jennifer Margo Livingston

After letting this bug me all day, I began questioning the validity of this statement.  A RFC (request for comment) was made to the Catholic Diocese of Brownsville.  They responded but only to indicate that they were still waiting on an official response.

So I resorted to the next best thing:

Wikipedia defines a Mortal Sin by Roman Catholic moral theology  which must meet all of the following conditions at the same time:

  1. Its subject must be a grave (or serious) matter.
  2. It must be committed with full knowledge, both of the sin and of the gravity of the offense (no one is considered ignorant of the principles of the moral law, which are inborn as part of human knowledge, but these principles can be misunderstood in a particular context).
  3. It must be committed with deliberate and complete consent, enough for it to have been a personal decision to commit the sin.

Continue reading Exclusive Mortality?

Happy Birthday Risa!

Photo Nov 29, 9 42 47 AM

Twelve years ago today, a new blessing entered my life.  I didn’t know it at the time but she would end up changing my life forever that day and still continues to. 

As trying at this past week has been, it’s refreshing to look back and see blessings we have in our lives.  The fact that we can still hold those that we love and tell them face to face just how much we are about them.  Don’t ever let those opportunities go.  Take advantage of every chance you get to let people know just what they mean to you.

Risa, you’re a blessing from God.  You always have a smile and you always have a warm hug to great me with.  I still remember the day you were born.  You had my heart that very day.  You’ve let me be a part of your family and share with you.  For that I am very thankful.  May today be a special day for you.  Know that you are loved and cherished. 

Happy Birthday Risa!

IRS is spamming now?

This is one of the better schemes out there so far. 

I’ve gotten about four of these this week,

1st subject, Your Tax Payment ID: 0103349937 is failed.

2nd subject, Second Notice Your Tax Payment ID: 0103349937 is failed.

3rd subject, Final Notice Your Tax Payment ID: 0103349937 is failed.

So they are persistent little buggers.  Perhaps this IS legit? 

The message continues…

Your Federal Tax Payment ID: 01037599881 has been rejected.
Please, check the information and refer to Code R21 to get details about your company payment in transaction contacts section:
http://eftps.gov/R21 +45. m iii. Miles G. DOROUGH, born 1806, died 26 May 1880. 16248793119031252065 Return Reason Code R21 – The identification number used in the Company Identification Field is not valid.
In other way forward information to your accountant adviser.
EFTPS:
The Electronic Federal Tax Payment System

Census of Shelby County, AL. 14162332706787694837
WARNING!
You are using an Official United States Government System, which may be used only for authorized purposes. Unauthorized modification of any information stored on this system may result in criminal prosecution. The Government may monitor and audit the usage of this system, and all persons are hereby notified that the use of this system constitutes consent to such monitoring and auditing. Unauthorized attempts to upload information and/or change information on this web site are strictly prohibited and are subject to prosecution under the Computer Fraud and Abuse Act of 1986 and Title 18 U.S.C. Sec. 1001 and 1030.

The link above however actually links to, http://76.76.50.104/~dynamicd/ktn8eo/f8qocx.html which then redirects to http://eftpsid0353547.com/contacts/s3 

That domain is owned by..

Domain name: eftpsid0353547.com
Name servers:
    ns1.nameself.com
    ns2.nameself.com
Registrar: Regtime Ltd.
Creation date: 2010-10-15
Expiration date: 2011-10-15
Status: blocked
Registrant:
    Anton Robin
    Email:
    Organization: Anton Soft
    Address: Kolitina 16-4
    City: Moscow
    State: Moscow
    ZIP: 193009
    Country: RU
    Phone: +7.4956788435 
Administrative Contact:
    Anton Robin
    Email:
    Organization: Anton Soft
    Address: Kolitina 16-4
    City: Moscow
    State: Moscow
    ZIP: 193009
    Country: RU
    Phone: +7.4956788435 
Technical Contact:
    Anton Robin
    Email:
    Organization: Anton Soft
    Address: Kolitina 16-4
    City: Moscow
    State: Moscow
    ZIP: 193009
    Country: RU
    Phone: +7.4956788435 
Billing Contact:
    Anton Robin
    Email:
    Organization: Anton Soft
    Address: Kolitina 16-4
    City: Moscow
    State: Moscow
    ZIP: 193009
    Country: RU
    Phone: +7.4956788435

 

Lesson of the day: as legitimate as an email may seam to be, even if they DO use proper grammar, don’t click on links in email directly.  instead visit the home page of the source themselves.  Sure enough on the http://eftps.gov/R21 website, there is a notice,

Remember! EFTPS values your privacy and security and will never attempt to contact you via e-mail. If you ever receive an e-mail that claims to be from EFTPS or from a sender you do not recognize that mentions a payment made through EFTPS, forward the e-mail to phishing@irs.gov or call the Treasury Inspector General for Tax Administration at 1.800.366.4484.

Living vicariously through other kids

_MG_8251You know it’s band season when you get out of your car at work to hear off in the distance a metronome and band director giving orders over an electronic megaphone. 

At first I was thinking to myself, man it’s only been one night and i already have those sounds stuck in my head.  Last night was parents night at McHi along with the 1st band boosters meeting.  For some reason through no cohesion of our own, the McHi Band website was assigned to Patti and I.  Last night we got to officially launch it to the parents.  Over the course of the summer I began constructing the framework for the site, settling on a design and workflow method.  The last few weeks however have been keeping the nightly CVS’s very busy.  Even up to last night i was up until 2am working on a portion of the site after i decided to nuke the photo gallery and replace it with the one i should have started with in the first place.  I did however get to upload photos from the performance last night.  The band did this really neat thing where the parents get to stand in with their kids on the field and work through a few marching drills together with their parents.  It was really fun to watch. 

My childhood band experience was fun, even though it was short-lived.  The school decided to ax the football program my sophomore year.  In middle school i was in the middle of everything as much as i could.  They were great memories.  It still brings chills to me sitting in the stadium watching Hannah and the band perform these awesome shows.  I regret sometimes not having the opportunities that they have.  Getting to help water the kids, do this website, and participate in other band booster activities helps me make up for it though.  What’s best is that it’s for the kids.  People are always coming up to patti and i thanking us for the things we do with the boosters, but it’s all for the kids not for the glory of ourselves.  it’s amazing how much can get done when no body cares about who gets the credit.

So it’s back to php and ajax scripting with the sound of tick, tick, tick at 110 bpm.

To friend or not to friend?

I got a friend request the other day from a name i didn’t recognize.

image

Is this someone i actually know or just someone who knows i don’t share personal information with strangers and if i friend them, then they will get the chance to find more information.  “Fidelia Gribble” was the name.  Ok.. so Facebook does this cool thing where it shows your mutual friends with someone else.  If this is really someone i know, surely someone else i know has them a friend too.  In this case i had NO mutual friends which is really odd.  And when i initially got the request this person only had 8 friends.  Someone that dull obviously I would have had better recollection of.  And finally, i decided to google (v.) the name.  The only result came from one of those pay-to-find-people services. 

Sorry Fedelia, your getting the ignore button.

Common Sense: Your privacy settings only work if you let the system use them.  If you add any person who comes your way as your friend just for the sake of increasing your friend count, your just asking for any of those “friends” to have more information about you than you normally would IRL. 

mac –vs- pc

Home Side By Side Test

So in the new office, they are about 50% Mac, 50% PC.  Being a part of the A&M University, it’s not likely i can convince them to go 100% PC so if you can’t beat them, figure them out.  I got my first Mac last friday and spent the weekend trying to figure this thing out.  So far i’ve learned about the Dock, Time Warp, Finder, Apple Mail, and safari.  I also got to learn about installing the OS.  Then i didn’t know the previous owners password so i found out about Single User Mode (thanks Jonny), come to find out if you boot in Single User Mode you get a linux prompt!  Hey.. i know linux.  So back to a familiar command prompt and a few lines later, we had the user name discovered and the password changed. 

I ran protools on it (because they say it works better on a mac) it does. 

The wifi autodetect is pretty slick. 

But..

the exchange integration only works with 2007,

I imported two videos side by side.  (pictured above) One of a PC and one on a Mac, the mac took longer because it wanted to build tons of thumbnails.  I don’t want thumbnails, i let my editing program do that. 

The updates took a while.  The appear to be coming from akamai and i was about to do a blanket block of akamai at the office only come to find out all of this traffic to akamai was mac updates.

So.. i’m putting in an order for mac server.  See how well these things can be tamed.  I’m curious.