Social Engineering Skype Trusted Contact Inquiry

Yesterday night, I was almost a victim of social engineering based on trusted connections with a contact on Skype.
The question came, “is this you on picc??..” Then a URL constructed to have Facebook in the address.
I should have been suspicious of this because my friend from whom this apparently came does his punctuation and rarely uses strange words, but my basic feeling of trust overrode the logic to my thinking.
I clicked on the link and rather than it going to a page it downloaded a file with the .exe extension, which really got me suspicious – How could he have asked if I was on a picc or picture and then send an executable file rather than a picture or a webpage?
Persuasion of the friendly kind
The genius of social engineering here is that I was first persuaded by reason of the fact that this message came from a trusted contact asking a question that would rouse ones curiosity regardless of if you were on Facebook or not.
He had apparently received this code through his Yahoo email from a trusted contact and inadvertently ran the code but not realised that he had infected his system despite the warning he received from his Antivirus utility. It is possible that the utility might just have said opening a file of that type is unsafe rather than that it was malicious.
The clean-up
We all have the tendency to override such warnings and almost always have to pay dearly for it. His Antivirus utility did not detect the problem after a full scan, however, I also asked him to download Destroy which is a free utility that inoculates web browsers and searches for malware.
The utility detected Bredolab.fb which is a kind of credential logger, it was removed and we can safely assume the system is clean. However, I happen to be one of two people whose Skype profile was online on my friend’s system who received this stuff and like me, we reacted before we questioned the real provenance.
The significance of the second link is that, when I did not fall for the redirect URL on the first inquiry it used the TinyURL link shrinker to give the same reference but deceptively named like a picture (JPG) on Facebook, but I was not taking that bait twice.
The graphic of the situation appears below.
Skype Malware

A recall I obtain

No faffing about
I did not waste my time in deciding to go on holiday immediately after learning that the project I was on was suspended literally without warning or notice; things were just up in the air.
It meant bringing my holiday forward a good 6 weeks in the height of summer heat as I had planned that Gran Canaria would be the place to return to.
The general idea was whilst the companies sorted out the considerations and goals of the project we had the freewill to seek other opportunities or wait out the possibility of recall for the month of August.
Courtesies with recalls
This morning I got notice that we were being recalled to the project but I missed the basic courtesy of expressed regret at the way matters were handled, those in permanent employment would simply have been reassigned to other duties, and people like me in self-employment were just left high and dry.
Surely, there should be a sense of gentlemanliness in the conduct of business and it appears certain conditions will be written into the recall to ensure we are not met with this kind of situation again.
The Englishman in me was a bit miffed but again glad that I did not have to visit the job market so soon seeking new opportunities.
Expectations and abilities
We expect the details to be fine-tuned and finalise over the next couple of weeks and hopefully we can return to doing what we know best to do; take on challenging projects, offer working solutions and deliver excellent results.
One question remains for me though, should I retain my Wednesdays off or stretch myself for the 40-hour week – it has been over 5 months after chemotherapy, I feel good and strong though still not as fit as I once was – it might just be smart to take things easy, doing my best over 4 days is probably better than petering out over 5 days.
Meanwhile, a week of holidays still remains with a trip to the island of Tenerife tomorrow, the alarm is going off at 04:45 hours, surely, I should still be in bed then.

Nigeria: Facebook Watch on Goodluck Jonathan I

A Facebook phenomenon
President Goodluck Jonathan has been on Facebook for all of 15 days and the numbers are staggering from basic observation.
Since then, at the time of this write-up he has acquired 113,910 fans which in Facebook terminology is listed as “Likes”, in other words, that many people like his Facebook page.
He has in each day posted a comment which represents what is on his mind at the time of his writing, some of his statements have been characteristic of identifying problems and issues that concern Nigerians and others have been in reaction to the feedback that he has been getting from his new found audience and followership.
The numbers on the times
For the 16 statements posted, all those have now garnered a total of 36,663 likes and 32,415 comments – this has no doubt become unwieldy, the President himself along with all his other duties cannot afford to become a Facebook addict, I would think like I suggested in my NigeriansTalk review of his Facebook advent he has a number of readers who filter through these comments.
Another thing to note is that the President appears to be an early riser in that at least one statement was posted at 06:06 hours and he retires quite late, maybe there is some therapeutic or soporific quality to Facebook that allows him to post between 22:30 hours and 01:20 hours though a majority of the posts have been around the midnight hour.
Reactions from the President
Obviously, this Facebook phenomenon would help us appreciate what the President has on his mind, but most critically, without having to wade through the comments, the real effect of this Facebook forum would be in what the President does in response to all the views expressed either in reaction or as information that he has not been able to gather from other sources.
In that respect, I think the Facebook forum is working, at first, he created a Facebook page as he promised at convocation 6 week before, he directed the Nigerian Ambassador to the US to review the status of an abandoned Nigerian property in California, he has asked personnel from his office to contact someone with an idea to help solve the power crisis, it influenced his decision to rescind the ban of Nigerian participation in football, he has defined the strictures of our federalism in terms of what he can do with regards to the states on living wages.
Facebook Watch on Goodluck Jonathan
In the words of the comment left by Bayomi Williams on the blog I posted about Goodluck Jonathan on Facebook, the conclusion is best elicited as – “While a lot might be naive to think the President will read each massage or are too excited about the virtual proximity to power to leave only praises … it has virtually left most feeling as if they have a friend they can trust.
I would regularly post a Nigeria: Facebook Watch on Goodluck Jonathan observing trends, ideas, reactions and views of the President but reading the comments is a full-time job not for me or the President, how the President responds is what matters in the end.

Nigeria: Goodluck Jonathan on Facebook

Goodluck Jonathan on Facebook
The news that President Goodluck Jonathan of Nigeria had created a Facebook page eventually got to me through Google Buzz where comments had been made to the effect that the power infrastructure issue should be easy to solve.
Apparently, the President had zeroed in on a comment and arranged for his aides to contact some “visionary” who appeared to have a sort of solution to the power problem.
Power is a tough nut
Whilst some comments on Google Buzz were less than charitable about this crowd-sourcing approach to problem resolution, I felt for the first time we had a leader who was seeking advice, ready to listen and responding positively to suggestions.
More importantly, the power infrastructure problem is really a difficult one for too many reasons to recount here as I threw the idea that if it were easy to solve the least competent leader would have done it and the most political leader would have built on it – The fact is radical ideas are needed on that matter and it would do well that we restrain our criticism and cynicism for an opportunity to listen first and keep our peace for a while.
A new leadership approach
Meanwhile, Goodluck Jonathan as he has plainly identified himself on Facebook has the profession of a politician rather than a zoologist, I suppose, that is what he had become now has 100,335 people who like him since he joined just 11 days ago on the 28th of June 2010.
His first status post was - Today, in fulfillment of the promise I made at the 26th convocation of the University of Port Harcourt on Saturday, 15 May 2010, I have created a facebook fan page to interact with Nigerians. As I said on that day, there is an unchallengeable power of good in the Nigerian nation and her youth and through this medium I want Nigerians to give me the privilege of relating with them without the trappings of office. GEJ
This is a laudable goal, in the main that he first kept the promise and in recognising that the trappings of office might prevent him from getting a feel of the people he leads.
More humility than hubris
For his profile, he writes - My life has always been about service. I am focused on serving my Creator, family and my country to the best of my ability and with your help I aim to be better at doing that.
This probably is something Nigerians can relate to as a very religious country; it does appear to say a lot in terms of his priorities which puts his faith and immediate responsibilities first and then the country for the greater good.
He recognises that his abilities are not omnipotent or omniscient as many African leaders tend to demonstrate by never allowing others in power thinking they only have the wherewithal to rule like emperors whilst failing to mentor suitable successors to their “thrones”, with our help, President Jonathan hopes to improve on what he is doing – for once, a sense of humility rather than hubris is expressed by leadership.
A voice in the wilderness
I cannot help but think after reading many of the postings by the president than they all sound quite professorial almost to the extent that it is impossible to identity the substance of his statements. The voice is too collective sometimes relayed in platitudes that border on the rhetorical, where the 1st person is used there is almost a conflict between the assertive and the acquiescent – it makes you wonder if you are being lead or you are half-persuaded to follow.
I would think that the president does read many of the comments but he would definitely have to engage a Facebook management team that weeds out the chaff and highlights the wheat.
Yes sir, yes sir, 3 bags full sir
The comments are presaged with unnecessary and flowery obsequiousness each one seeming to try to out-praise the other with all the religious padding that detracts from getting straight to the point – verbosity is our undoing in many cases being succinct, concise or precise is too good for our expression.
With an average of over 1,500 comments per status, this a Facebook page I neither want to like or leave a comment on, for this one page the responsible thing would be to switch off all notifications or streamline your settings to take notifications from lists of friends whilst excluding the traffic generated at the President’s page.
There are ways in which this looks like taking suggestions from a crowd at a political rally, the noise, the heckling, the robust supporters who will listen to no one but their patron and much worse – this is for a particular followership and audience that needs to extend their Facebook footprint to include politicians, celebrities and passing fads or trends.
The new talk shop
As a forum for ordinary Nigerians to engage with their president, this a welcome development; as an opportunity to glean new ideas for issues that Nigeria faces, this widens the resource and talent pool beyond the fossils that crowd the political space in Nigeria – it would become the new Nigerian talking shop but for the wise, this is best observed from afar.
You probably need to be a member of Facebook to visit
As the first wired President of Nigeria on a popular social network, all one can say is Goodluck Jonathan – welcome to Facebook.

Social Engineering UPS delivery

Showing fishy emails
I have decided that each time I see receive an email that threatens to expose me to scamming by reason of the genius of its construction, I will post the email and annotate it to expose the suspect activity, without getting too technical.
Looking through my inbox that receives close to 80 emails a day from so many email accounts there was one that appeared to arrive at my business account from UPS, the courier company.
From the header, I noticed there was no subject – No business with any sort of organised system should ever send a customer an email with a subject, on a personal basis, it is rude, in a business setting it is unprofessional.
Appearances and realities
The email appeared to come from UPS Support with a name of the sender, it looked official enough with a email address too.
If you get an email from any organisation and the email domain does not reflect the organisation or business name, the sender is an impostor. Many lottery wins and collect emails do not use company email domains are they can be classed as scams no matter how too good to be true the content might be. Yahoo, Hotmail, MSN addresses should be ignored.
Where is my name in this email, they should know who they are delivering to, this is a delivery company for crying out loud. It looks like a fishing exercise.
PDF or broke
This email had an attachment with the name invoice. Be careful with attachments, the safest ones to open are ones with the PDF extension, anything else treat as suspicious, probably a virus or a keylogger ready to steal your passwords to email or bank accounts. It would be safe to just delete those emails.
Nowadays, invoices must be emailed in PDF format, they are never too large to be undeliverable because of email service restrictions. ZIP files are like Trojan horses, open them and you can end up running a program that ruins your system or worse. EXE files, just NEVER open them. If they are TXT files, sometimes it is best to save the attachment first then observe that they are really the format they say they are before you open them.
You must always have an up-to-date virus scanner on your system that scans emails too. AVG offers a free edition but the professional editions are inexpensive too.
Drawing you by the bait
Now to the social engineering part of this email; I have been informed that “Unfortunate we failed to deliv” then the rest of the text is obscured by an opaque grey box.
Out of frustration or curiosity you will be tempted to find out what this was all about and find yourself opening the suspect attachment and you have been had – hook, line and sinker.
I think it is a work of evil genius because many would end up opening the attachment, I did not; there were two separate messages in this email.
The first was the text about a delivery and one I was not expecting, the second was an invoice for something I cannot say I paid for.
No effect without cause
The invoice if I paid for anything should have come from the company I bought stuff from and not from UPS except if I had engaged the services of UPS which I did not.
So, on balance of probability, this is a scam, if UPS were unable to deliver a product, it would have arrived at my address and a note left in my postbox not an email sent to me.
The more this email looks authentic the more I am suspicious of its origins. In the worst case scenario, I have replied to this email asking for it to be sent in legible text, with a PDF invoice and a letter sent by post explaining why they could not deliver the service. If your name is not in the email you received, do not sign off with your name.
Don’t give them more
They do not need my name or address in the reply, they should already have it – do not volunteer excess information to suspect situations.
People are looking to have you, ensure you are not had by innocuous emails masquerading as authentic customer support email. Benign as this might seem, it screams scamming to the rafters at best, I cannot think of what the worst of their intentions might be.
The graphic of that email appears below.

UPS Email Scam

Up in the air

Meetings for surprises
Nothing could have prepared me for the day I encountered today, with one being the proverbial grass on which elephants seem to have fought to the finish.
There were uncertainties and definitely no guarantees but assumptions were made, plans laid out and the idea that a future existed was the picture until as late as this morning.
I had planned to get to work by 10:00AM but arrived a bit later, meanwhile, even yesterday on my day off I was getting engrossed in typical office politics about ownership, responsibilities and deflections – they never tire in finding someone to dump the shit on.
A meeting was planned for 11:00AM and I arrived just in time to be pulled into an unplanned meeting where I thought we would be discussing strategy – maybe I forgot it was also July the first, the beginning of the new month and as it happens, I just happen not to have a contract anymore.
The squabbles that affect us all
That explained why the office looked emptier than usual, everyone else had already been informed to stay at home pending the time the bigwigs sort out if the contract can continue and who would be needed to man the contract.
It has probably come down to money, hard-bargaining and all that but as a self-employed consultant, consultant is hardly the word to use, one feels like a day labourer at best in these circumstances because just a fortnight ago we were to be in employment up until November.
There are prospects as I have been informed, a possible cooling down for the month of July and a return to activities in August, but no one really knows – it is all up in the air.
Up in the air
To think that just two days ago I watched Up In The Air starring Goerge Clooney on DVD about travel and the laying off of staff being outsourced to smooth talkers who were engaged to do the tough-talking for timid Human Resources departments, I could just imagine the feelings everyone had when told they were being let off.
A feeling of emptiness with that little voice of hope trying to scream in your head that you should just be calm, be cool, be collected and be considering of your future as a new opportunity for new challenges, those are your possibilities.
I had my timesheets signed, sent in my invoices, got on the wrong bus and made for home, and then it occurred to me that I could call on some ex-colleagues and so there I am.
With stories to tell from when I left, fell ill, got well again, had work and now on a loose end, it really is all up in the air.