Tuesday, 16 November 2010

You have been warned

OK, Gentle Readers, it's time to get serious.  You know I mostly write this stuff with my tongue stuffed firmly in my cheek - my name isn't really Isabella Golightly (she was my great-grandmother, honest to ghod), I don't really have a fabric addiction (oh yes I do!) and my husband's name isn't really Mr Golightly (it isn't even the same as my name!), but sometimes, serious stuff needs to be discussed.  And this is one of those times, because I've started the sentence with a preposition, so it must be.

I got an email from somebody pretending to be Helen Bainbridge, who has the lovely blog "Baino's Banter".  It was titled "Check out my photos".  I thought it might be from her, because she'd been blogging about her trip to Italy & France, and she knew I was interested in seeing her photos, so I clicked on the link.  I created a user ID, and then, lo and behold, there was nothing from Baino at all.  What did happen was that people in my email address book started getting emails from me (both in my real, actual name, and my Isabella Golightly persona) inviting them to check out my photos.  

I take a lot of photos.  I love photography.  But I don't email every single person in my address book (work colleagues, Etsy suppliers, friends, relatives, you name it) asking them to have a look at them - I'm extremely discerning about who can see what of mine (really mine, not Isabella Golightly's.  She even has a Flickr page!).  So, I did a bit of digging.  Turns out the mob who sent this email are serial spammers who use this insidious method to get into your computer and your address book.

Who are these people? The site is called "fanbox[dot]com". There are lots of pages on the net warning about how insidious these people are - here's a link to 'Can Talk Tech', which will give you some idea of bad these people are. In addition to their completely illegal invasion of your address book, they also use your user ID's and passwords to 'pretend to be you' on other sites. It's phising, pure and simple.

Here's some of the terms and conditions if you do sign up:

“…You agree that your public profile information, including but not limited to your display name, photograph, interests and greeting may be utilized by the community representatives or community technology to encourage other users to communicate with you or to interact with the Service…”

They can pretend to be you so they can spam you via mobile phone, which you are charged for. I also particularly liked this one:

“…you are appointing SMS.ac to be your agent and authorizing SMS.ac to store, in your profile, your usernames and passwords (provided by you) to other web site services (“Other Sites”) and to act on your behalf to access and interact with such Other Sites…”. 

This implies to me that they put some kind of trojan horse on your computer once you sign up, and it records your passwords & user ID's, then they use that info to log onto other sites & pretend to be you.

They can pretend to be you, and the final straw:

“…you, not SMS.ac, are entirely responsible and liable for all activities conducted through your Account…” 

These guys were known as SMS.ac in a previous life. That they had to change company names says a lot about the way they work. So, if you get an email apparently from a friend asking you to check out their photos, talk to the friend first, and open the link at your peril.

That is all. Normal service will resume shortly.

1 comment:

  1. any invite that requires me to sign up for something gets ignored by me. Unless it's been accompanied by a personal email explaining the whos and whys of it. I did get that from you. I didn't sign up!


Hello, it's nice to see you! Thanks for dropping in to say "Hi"!