Saturday, July 4, 2015

SingPass scam returns

I read about enhanced security feature introduced for SingPass users by using a 2-factor authentication (2FA) system from Yahoo Sg (Tighten Up: New Security Measures For SingPass To Launch On 5 July).
For those interested, the OneKey token can be applied here (http://www.onekey.sg/).
At the end of the above article from Yahoo was a related news, The SingPass Scam Returns: Singaporeans, Be Wary!.
It reported that an email from SingPass Government [notification@singpass-services.gov.sg] send to “notify” users of the need for security info verification. That was phishing mail.
But I am puzzled.
In an email, the sender email states “notification@singpass-services.gov.sg”? How is that possible if the email was sent via other server? If the server is indeed registered under gov.sg, then it’s easy to catch the perpetrator because domain name registered under gov.sg or .sg is easy to be traced back to the registrant.
Unless the whole string SingPass Government [notification@singpass-services.gov.sg] was just the “display name” of the sender instead of the “email address” which is usually denoted as an angled-bracket.
What is more puzzling is that, instead of emailing government agency, why must we mail to Crimson Logic (e.g. singpass-helpdesk@crimsonlogic.com) instead? For a layperson like me, that doesn’t make sense. I would be suspicious of Crimson Logic if I am not familiar with that company or brand (which I am still unfamiliar).
Instead of showing laypersons about how to detect fraud by checking on the security certificates on their browsers, why not just enlighten them about authenticating the sender’s address? That would be the easiest, no?
For the above example, the address SingPass Government [notification@singpass-services.gov.sg] <fraudster@fraudster.com> would suggest that the email was send from fraudster.com instead of singpass-services.gov.sg.
An example of email with display name and email address (below)
email string
If there is any doubt about the authenticity of edm.email-mk-tg.com, we can search for the registrant information via whois. Example of whois return (below).
whois
The domain name edm,email-mk-tg.com seemed to be associated with Canon SG but the information provided is limited. For that reason, I would be extra cautious of the link/association of email from this site to Canon Inc.
Posted by at No comments:

Tuesday, February 10, 2015

Samsung Note 1 pronounced dead after going to iHospital at LG5 Holiday Plaza Johor Bahru

I went to Holiday Plaza for a meal and on the way back, I spotted several outlets catering for phone repair. I chose randomly and ended with iHospital (Apple Repair & Upgrades).

Address
iHospital - Apple Repair & Upgrades
LG5, Holiday Plaza,
Jalan Dato Sulaiman
Johor Bahru
Tel: 012-6188066

The problem with my phone was that the SIM compartment was not working (that was my guess). It couldn't detect my SIM and I had tried slotting and re-slotting the SIM card to no avail. So, I told the staff at iHospital about the problem and they said that they will have to diagnose and get back to me. I was reluctant to leave my phone with them for more than several hours but after persuasion, I relented. I was given a temporary phone while waiting for my phone to be fixed.

The staff sent the phone out for repair. It seemed that they could be outsourcing the repair job and I have no idea which shop was repairing my phone.

Later, on the way back to meet the staff, there were good news and bad one. Bad news is that the mainboard got roasted while they attempted to fix my phone problem. Good news is that they changed a new mainboard for me. However, when I tried slotting my SIM card, the phone couldn't read it. Something was wrong. I remembered that corrupted IMEI might cause this problem (especially if mainboard was fried). By keying in *#06# on the phone, I got "null". IMEI was indeed gone! The staff did not inform me of that problem and I had to return to tell him this.

 Alas, "I can't do anything about it", was the reply. I insisted that they replace my phone. They said it was not possible and the only phone that they could give was the temporary phone that they had loaned me earlier, which was just a fraction of the cost of my Samsung Note.

 Well, I felt helpless. It was partly my fault for going to cheaper repair shop (rather than Samsung Service Center) and also for not reading a review about the shop prior to patronizing one. Also, I should have been aware that the repair shops there were outsourcing repair job rather than relying on their in-house repair (my guess). I should have changed my mind when they took my phone elsewhere for repair!

I didn't appreciate their dishonesty in not telling me about the problem with my phone's IMEI. Also, when they tried to repair my phone, they did not inform me that if the repair caused any irreparable damage, the shop will not be held responsible (disclaimer). Worst, they did not return me the roasted mainboard in order to validate their story that the mainboard was indeed fried (what if the shop replaced a pirated mainboard with my genuine Samsung board? At least allow the customer to have the original fried mainboard to allay their fear of being conned).

 All in all, I'm not going to patronize this shop again. I won't even recommend it to my friends. This review is my personal experience. However, this review don't preclude the possibility that they could do a better job (than what I had). As potential customer, you should judge for yourself.

 Just to share.


 There are several reviews about iHospital (knowing now is too late for me)

Sourced http://forums.hardwarezone.com.sg/malaysia-269/johor-bahru-share-caring-2048450-88.html

Sourced https://foursquare.com/v/ihospital/4ff1401be4b09c09cb3fe982

 There are also good reviews from their facebook page (Apple Repair & Upgrade) with more than 200 likes. I guess not all their repair works suck.
Posted by at No comments:
Labels: ,

Saturday, January 31, 2015

"Get A Part Time Job With Facebook - 101", facebookjobsonline

The ads seemed to suggest that Facebook, Inc. is hiring part-timers to work at home to earn money.
-
"Facebook has now released a "Work From Home Program" that will allow people to work from the comfort of their own homes." - facebookjobsonline.com.
-
When I clicked on "Work from home program" I was directed to this site (screenshot).
Facebookjobonline "Work from Home Program" that did not describe what is the job assignment and how it works. This page only wanted me to key in my particular.
 Once I keyed in my particulars (bogus ones), another page appeared with "Congratulation". There was a timer counting down from 4 min (my back is tingling because anything that is bad always push people to decide under pressure).
-
Close examination of the site allowed me to conclude that the site is selling a unwanted product to people. 
 -
In the above case, the temptation is for earning big. Where will the money be coming from? I think the fund is generated from the initial cost of joining. Imaging that 100,000 people joined (paying USD 5 multiplied by 100,000 equals USD 500k). Those who joined earlier will get more, and those who joined later wants to get what the earlier ones are getting. More testimony and proof from the earlier members and more temptation for others to join and hence, more subscription. As the number grows, more fund to distribute to the earlier and subsequent ones, whereas the latest members get to wait for a while for more new members to join. More testimonies with printed checks serve to tempt more people to join. I'm not sure if this is a pyramid scam or not, but it is to me.

To get started, members have to pay to get "kit" (I didn't proceed because I wouldn't want to lose money). All the while, the website did not explaining how the part-time job works (i.e. sales or service). It seemed to have something to do with "automated money making website" (alert siren sounding).

Great discount, instead of paying SGD 750, I only needed to pay SGD 5 for the "kit" (I didn't go ahead with the payment).


As always, the early birds will get a bigger pie, whereas the later ones will lose their money. The owner of course would be the one getting the most of the "pooled money". Also, the early birds will be the gullible ones who will get their faces posted with a smile showing how much they have earned (free publicity to the master mind), and hence bring in more subscribers.
-
Once the "pooled money" gets depleted due to (1) lack of new members (or the hype died down), or (2) increasing "overhead" to sustain the pyramid members, the whole "organization" will collapse. All these members will disperse quietly (especially since some just lost SGD 5.00). Those who lost more due to "upgrades", they can't really do anything about it because there is no information about the company. Facebook, Inc. is not part of all this!
-
Always, the earlier ones who got into scams will be the "winners", while the master minds are the winner of winners.
-
Notes
  • Facebook is not hiring.
  • Whois search for Facebookjobsonline returns the following.
The registrant is anonymous. If you compared to Facebook.com, the registrant is by Facebook, Inc. I can only assume that Facebookjobsonline is not affiliated with Facebook, Inc.

Facebook.com is registered by Facebook, Inc.

Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)