Search This Blog

Wednesday, December 21, 2005

SMS Phishing Part 2

Ok, this is Part 2 of the SMS phishing.

I emailed the bank :

Enquiry: I am writing it regarding an SMS I received asking to SMS my Credit
Card to some number (8 digits, not 5 digits) for a lucky draw by XXX.

IF XXX did sent this SMS, I would like to reflect that you should already
have our Credit Card number. It should be in your database. This SMS is
totally unnecessary. IF this SMS is not from XXX, perhaps someone is trying
to get credits cards number by phishing.


(Again XXX is the bank, which I must say was one of the better ones around)

Anyway, they send me a reply saying they received the email and to wait. 2 days and this came back :

We refer to your email of 2 December 2005.

We thank you for your feedback with regards to the SMS that we have sent to
our cardholders. The SMS was to inform our cardholders of our current
promotion to enjoy 5X XXXI$ for shopping or dining. More details about this
promotion can be found at our website at
.
Registration for this promotion can be done at the website or via SMS.

Please be assured that all our cardholders information is kept strictly
confidential by the Bank at all times.

Should you have any further enquiries, simply call us at or email us again. We will be pleased to assist you.

( 2 portion has been edited away above in the <>)

Anyway, I didn’t think they were answering my question… I feel I should stop since they probably either did not know what I was asking or did not have the answer. Anyway, this is what I send back :

Thanks for your respond. At least I know the SMS is indeed from XXX.
However I am just a bit concerned about why do you need our Credit Card
number? Doesn't XXX already have our Credit Card number?

Moreover, the number that was sending the SMS belongs to a company call
localguru.com, which I found out was registered by a person in Hong Kong and
their website is not even working. I am just a bit concerned that XXX is
engaging a firm like this to conduct the marketing.
This is just my feedback.

( Well, that was the end of story from the email, nothing came back and I wasn’t expecting much )

This was a wild gose chase. But the important lesson is that, you can never be too sure. Even big bank would trust and use service by foreign company which doesn’t even have a working website. I am just hoping this is not like another ProtonWeb case. I quite like this bank to be honest and that’s is why I go all out to cover them this time.

HOWEVER, this does not mean Phishing by SMS is impossible. It CAN be done. And the message can looks very real and even if it came from somewhere else not many people will doubt it. How many of you would check out a similar SMS like this one? I hope you raise your hand now.


SMS Phishing Part 1

With the recent mentioning of NKF hiring an external company Protonweb which resulted in scam and undelivered work, it bought up a previous case I had, which I thought was worth mentioning…

Sometime back, I received this SMS :

With Love from XXX: Enjoy 5X XXX$ for shopping or dining! SMS "XXX shopping" or "XXX dining" followed by your card number to 90241111 by 10 Dec 05. T&Cs apply.
( XXX is a bank, which is not so bad overall )

Sound ok to you? Well, it doesn’t to me. I did not feel safe SMS my credit card to anybody. Not even the bank. Wait a minute, this is not even a 78xxx number… its just a normal SIMS number or even a prepaid card number which you can buy anywhere…

So I thought, this is probably a new way of phishing… by SMS. Now, a simple question before I go on. With ONLY the credit card number, what can you do? Most people will tell me : nothing. You dun have names, telephone etc… well, at least not even the date of expiry. OK, I am going to tell you it doesn’t take a lot of guesses to find the DOE. With common sense that bank replaces card 3 months ahead, so you can start check with at least 3 months. And most bank do not issue card exceeding 2 years ( some exception now with 5 years max ). So that’s not a lot of guesses to do. Now with these 2 piece of info, I can buy lots of things such as body part enhancement BS on the internet. J

Back to the SMS. So I decided I want to probe. I called the number instead of SMS back the info. It belongs to a automatic machine which answers. It dos not do much and there are no options. But it did gave me one piece of information. The company is called localguru and is located at http://www.localguru.com/. Now I am suppose to make joke about a company call localguru, but lets skip that and suppose they just happens to like this name. Open my browser and http://www.localguru.com/, waited a few minutes. Blank. Not found. DNS failure. Wonderful.

Domain localguru.com.
Type A
Class IN
TTL 3600
Answer 209.67.50.203

Domain localguru.com.
Type NS
Class IN
TTL 3600
dns5.register.com.

Domain localguru.com.
Type NS
Class IN
TTL 3600
dns6.register.com.

So I did my DNS search and found the above. And of course followed by a Whois.
Registrant: tmdigital.com
1508 Two Exchange Square 8 Connaught Place Hong Kong, HK HK HK
Domain name: LOCALGURU.COM
Administrative Contact: Mackay, Tony ****@tmdigital.com
1508 Two Exchange Square 8 Connaught Place Hong Kong, HK HK HK
+852 9180 2111
Technical Contact: Mackay, Tony ****@tmdigital.com
1508 Two Exchange Square 8 Connaught Place Hong Kong, HK HK HK
+852 9180 2111
Registration Service Provider: WebsForSale.com,
*****@websforsale.com +852 9180 2111
http://www.websforsale.com
This company may be contacted for domain login/passwords, DNS/Nameserver changes, and general domain support questions. Registrar of Record: TUCOWS, INC. Record last updated on 25-Dec-2004. Record expires on 23-Jan-2006. Record created on 23-Jan-2000.
Domain servers in listed order: DNS5.REGISTER.COM 216.21.234.73

Ok, so a Hong Kong company is running the show behind this. I started to feel the chills. It’s a Hong Kong company that does NOT even have a website that is running this! I decided to email the bank.

This is getting long, I will continue the story in another post …

Monday, December 19, 2005

Nero Scout Found My CPU Cycle

The latest version of Nero 7 has a rather strange feature know as Nero Scout. It seems to be like MS Search, but for media only. If you want to find out more about it, I suggest you search it yourself, since I am about to tell you to remove it anyway here.

So why am I so against it? It this a rootkit? Well, I wont know, but it is a sure hell of a CPU sucker. It has taken up 46% of my CPU while my other application is fighting for their own survival.

You can click on My Computer. And then you see the strange icon there. Right click on it and uncheck enable. Cool, you disabled it.

The cool part is that you absolutely did NOTHING. Yes, open your Task Manager and you can see the 3 NM* services are still running. They are NMFirstStart.exe, NMBgMonitor.exe and NMIndexStoreSvr.exe. So, they had provided either a buggy disable function or they had intented it to be so. Like SONY. :(

Ok, now, all you have to do is :

regsvr32 /u "%COMMONPROGRAMFILES%\Ahead\Lib\MediaLibraryNSE.dll"

Make sure you have admin rights though.

Thursday, December 15, 2005

Operation Snake Cleaner

I am start to proceed to clean up my MSN, ICQ and Yahoo in that order...
Old contact which hasn't chat for a long time and presumed dead or lost contact I will also be cleaning them out...
Its a long overdue task that I suppose I should go about doing it...

Why is this call "Snake Cleaner"?
If you played MGS1 and 2 you will remember the "Snake,... Snake!!!" voice com when you die... Basically, all who did not respond in my IM should be as dead as that now :)

Wednesday, December 14, 2005

I discovered 2 New viruses / trojans / rookits

Just when I thought viruses is a past thing... I came upon 2 new ones that as far as ZoneAlarm is concerned, it was not flaged in its signature. I know ZLP is not hte best antivirus around, but its pretty scary. I made some google search on the info and return null. Its quite likely this is a new one and as to now I believe it has a rootkit like behaviour cos it can hide itself from the process list.

I will need time to look through this one. but being tied down to so many things going on this week, I only hope I have time for this.

Will update more on this 2 buggy if it doesn't take me down first. :)

Tuesday, December 13, 2005

Ubuntu 5.10 is here finally!



I had ordered some CD for Ubuntu V5.10 Breezy. Its finally here. Its one of the best linux I had used so far. Feel free to grab a copy from me anyway.

Guan Ying Zhu Flowers pictures


Here is the picture I promised to show last time. I hope its clear. There is another flower on the lower part of the picture.

Monday, December 12, 2005

Compaq / HP Services -2/10

On a scale of 1 to 10, they get -2 from me. Why? IF you own a HP / Compaq or if you are thinking of buying one, I suggest you read and at least learn from my experience.


Back in the days of Inkjet printers, I had already been evangelizing against HP simply because they are not capable of printing true black (often ends up greenish and waste lots of ink). Well, I thought HP had came a long way and now with Compaq, its probably better. Compaq WAS better on their own. Trust me. Anyway, this is a story about a Compaq notebook, which unfortunately is now under HP domination.


It was quite a while back. The notebook was past its first 8 months and then the problem happens. The Centrino simply could not kick in. About 50% of the time the Bluetooth and the Intel Wireless card will just fail. I managed to live with it for a while, but had to disable the card in order to work sometimes as it interfere with other devices such as my PCMCIA Wifi. About 10 months down, finally send it for repair at HP. For security reasons, I wiped the HDD using Drive Scrubber. I did not know how well the send-in went because I am not the one who did it. But anyway, within 3 days it was back. No,w this is the shocking part. THEY ACTUALLY DID NOT FIXED THE BLUETOOTH AND THE WIFI CARD. They claim they can fix the HDD (What a tcch support department?) and they simply replace a new HDD for me. The Wifi card and BT, they just say tested and it works. WTF? I seriously wondered what they meant by tested? Bootup and it didn't say error? Anyway, nobody felt like going through RMA again soon, so we left it as it is. The BT and Wifi got worse. In fact, I think after the repair they totally wreaked it. now at least 80% of the time it did not work.


OK, its about the end of the warranty. At least I thought it is since its 1 year from the purchase date. It ended on a Sunday, so I thought maybe they will be kind enough to fix it on Monday anyway, but I decided to give it a try anyway. I was at the HP Service Center this time myself. There were full of people with broken Laser, printer, notebook etc. I had a bad feeling coming. When my turn finally came after 30 mins wait, I turned on the laptop and the F*CKING wifi actually worked. Anyway I told him the problem and usually it like happens after using it for a while and maybe even 5-6 hours. First thing he said, oh sorry, if its 5-6 hours we can test it. I tell myself, WTF? Even when i bought a cheap piece of RAM from Kingston and when I had problem, they actually ran test overnight for 3 days to confirm it and gave me a new piece (serve them right for not trusting me, but at least they did took the effort to fix it) and this is HP, telling me they cannot. Anyway, I told them the problem is the Centrino addon card and asked him to check the warranty. Actually I know I was late, perhaps I don't mind paying a bit. Guess what? He said it had expired in 19 Nov. I G*D D*MN got it on 12 Dec 2004 and WTF happened to the days in between. Apparently, HP warranty is not based on purchase date but perhaps their internal ship out date or manufacturing date. This is outright cheating. I dint explode yet. He then told me to leaving it for a check will cost me. IF the board is to be replace, it wont be just the Centrino cos they cannot just replace that only, they have to replace the whole F*CKING motherboard which will cost well above $600. This kinda remind me of the IBM case where the M/B cost $2800 where I bought the notebook for $2400, but thats another story.


So, whats the point? I told him forget it. I will probably buy a Dell. Hei, not that Dell is bad or what, but everybody else thought so. I personally don't cos I had very good experience with them. HP has managed to waste my whole morning and I suppose in order not to totally waste it, I should log this into my blog as an invaluable experience which I pray no one else repeats. HP managed to score -2 on the scale of 10 because :


  1. They cheated on their warranty. It was about 1 month less.

  2. They are (or at least intend to if I let them) overcharging for the hardware. I only need the Centrino addon board but they insist if replace, must replace whole M/B. P.S. Dont think I never deal with Intel. That board can be purchase seperately at $70 and actually I had gotten a whole batch of it last time for something else, but thats another story.

  3. Their tech department is totally incompetent and irresponsible. In the first place, they were suppose to fix the problem back then, they didn't. They fixed a problem which they came up with. Now they won't either cos they cannot test it for 5-6 hours. And they probably never knew how to low level format a harddisk anyway, so I suppose I probably couldn't trust them either.


So now I probably have to live with it or transfer the risk to someone else. Last resort, I will turn to Intel and see if they warranty their card. If there is any update on this, you will see it here. But I seriously urge you to think twice, three times even about buying Compaq or HP. IMHO, they totally sucks now.


To HP : Please don't bother to contact me. I had totally lost confident and trust in your company. Nothing you say or do can change my mind.


Friday, December 09, 2005

Guan Ying Zhu Flowered

Yes, this kind of bamboo rarely flower I heard and this is the 2nd time it happened. The first time was last year. AND I won myself a $1.5k DVD Recorder. Hopefully if the luck thing works, it comes to a $3k this time cos we got 2 flowers this time. Hooray.

Pictures coming up soon.

Visual Studio and SQL 2K5 launched

I was at the Microsoft launch here in Singapore. To be honest, I was a bit disappointed. I heard in the USA, they kinda at least gave away usable Standard version of VS2k5. Here, we are the Professional version, but its a like 90 trial. Well, guess sometimes, I just had to stick with the Express for a while.

There are some photos I would like to post here too, but much later cos I am kinda stuck in no man's land now without a card reader nor a BT / IR connection from my phone to the laptop.

But in conclusion. VS2k5 is cool. SQL2k5 is cool, but kinda expensive. Rich people, what are you waiting for? Lets make MS even richer :P

Monday, December 05, 2005

Who Am I?

This is a short story :

There is this hungry man I met on the road by the river.
If I catch him a fish, I am a donator.
If I teach him to fish, I am an educator.
If I sell him a fishing rod to fish, I am a provider.
If I wait for him to catch a fish and comments on how he fishes and the quality of his fish, I am an auditor.
BUT
If I can sit down with this hungry man, and basically brag to him about fish and fishing, where he can get fishing rod and what fishes are food and simple not do anyting else,
I am a CONSULTANT.

Well, sorry, but this joke was too good to pass. Hei, at least no lawyer is involved yet.

Wedding Dinner turns into Nightmare at Holiday Inn Atrium

I missed one of my best friend's wedding some time back. Due to more than one reasonor another. But when I got in touch again, I was not able to even finish my blessing and I was told one of the most horrifying nightmare wedding dinner I heard so far.

Its a waste to keep in quiet. To be couples, I present to you this nightmare which I pray you will avoid at all cost.

Here goes :

My experience with them is so bad that my dream wedding has turned into a nightmare!

1) guests were spilled with beer even before the dinner started
2) the plates and spoons were dirty
3) it was supposed to be free-flow beer, and plenty of wine and liquor to go around... halfway thru dinner, all 'run out' liao? had prepared 18 botts of liquor, end up having to bring back 15 botts....
4) Asked for extra towels for the room twice, never received them even after 3 hours....
5) as the wedding couple, that's us, were mingling with the guests, we were 'asked' to move out of the way for the waiters to bring the dirty dishes out. I tot we were supposed to be the 'highlight' of the day? how can they ask us to 'move out of the way'????
6) guests complained that when their wine arrived, in the beginning of dinner, the wineglasses had lipstick marks on them!
7) after champagne pouring and before toasting, some of the empty champagne glasses on the 'fountain' were banged into, fell and broke!
8) after the event over, tried to call the F&B guy on handphone, never answer and never call back even the next day
9) checking out that time, still can't get hold of the F&B guy, just get presented by the total bill..... overall... PLS DUN USE HOLIDAY INN ATRIUM. My experience was just soooo bad that i have to warn other ppl out there...

OK, hope you dun lost sleep or worse call off your wedding becos of me. :)
Personally, if I have mine, no Dinner. You can count on these words. It would be a light buffet in the sunday afternoon where everyone just bring food and just eat and chit chat. More like the American get-together style. I hate big crowds and lots of beer etc cos basically I am not the beer guy. I only like wine and they are expensive :P.

Amazon Gift Cards!

Thanks for viewing!

Copyright © 2008 nemesisv.blogspot.com, All rights reserved.