Tag Archives: scam

Free stuff: If it sounds too good to be true…

People like free stuff. I do. You do. We all do. We go to conferences, we get free stuff. Sometimes we get high-value free stuff, sometimes it’s just cheap or useless free stuff. Either way, we strive to get our hands on it. It’s human nature to want something for nothing. Human nature can be meddled with. It can be coerced into playing a game. Make the offer of free stuff so good and people will part with personal information in the vain hope they receiving something for nothing. And make it the current “must have” or “in demand” gadget and you’re on to a surefire winner.

As an aside
I recall a time around 20 or so years ago. I was in a customer service position and I was about to tell a bunch of customers that the dinner they were expecting was going to be delayed. Knowing that I would receive “some grief” if I just told them their food was going to be another half an hour, so I figured out a different angle. I approached the table and announced “I have good news and bad news. The good news is…I have a free round of drinks for you…” – pause for effect – “…and the bad news is there’s a 30 minute delay on your food”. By offering free stuff first, I was able to make the bad news more palatable [sorry!] and in this instance, raise a little laugh. People like free stuff and they’ll put up with quite a bit if the free stuff is worth having.

Free stuff, just follow and retweet
Just before Christmas 2012 I spotted @wp_discovery appear on Twitter. Officially it joined Twitter on the 7th of December 2012. It went through a couple of name changes before settling on @wp_discovery, but that’s neither here nor there. They also muddled their location from Finland to the UK – a vague attempt to gather some authenticity I imagine.

I added them to a list in order to keep an eye on the tweets. It was a competition-style tweet stream, simply follow and retweet to be in with a chance of winning either Nokia Lumia devices or Microsoft Surface units. In the words of The Real Hustle: “if it sounds to good to be true, it probably is”. That was my first thought and was the reason I chose not to follow them or retweet their material. Hindsight is a wonderful thing, it appears my cold pricklies were correct.

What has been written so far?
I don’t plan to discuss the full story behind @wp_discovery, other bloggers have done excellent work in that space so there’s little point in repeating that information here.

Gary has done a great job keeping a log of the goings on relating to @wp_discovery’s actions.

Alvin has also written a great article: Editorial Lies Damned Lies and the Promise of Free Gadgets.

John has written a good straight to the point piece: Raising Awareness: The Great @wp_discovery Giveaway

Stop Malvertising have also written an excellent piece: http://stopmalvertising.com/spam-scams/warning-the-great-wp_discovery-giveaway.html

In a nutshell
There’s not a shred of evidence that anybody who follows and retweets the @wp_discovery account has actually won anything.

The @wp_discovery account had been asked to provide lists of winners but has so far been citing “privacy” as the reason for not issuing said list.

Photographs tweeted from the @wp_discover account have also been seen used elsewhere – @wp_discovery claim they are listing the devices on eBay and that they can use the photos as they see fit.

They also latched on to a Windows Phone game and tried to use that to promote their Twitter feed.

Questions were asked about where the devices came from, answers were given…they were journalists and had lots of review kit to give away. A few folks hinted that review kit was on loan and rarely could be considered a gift. However, the following public didn’t really care, they wanted their chance to blag a free Nokia Lumia or a Microsoft Surface or a Microsoft Xbox+Kinect: people were blinded by the fact they had a chance to win nearly $1000 worth of prize.

This carried on for a few days…until it became clear that there were no prize winners and the draw mechanism was “time based”…entrants stood no chance.

A Different Angle
However, I do want to think about what has happened here from a slightly different angle.

  • The @wp_discovery account amassed a decent number of followers very quickly. In around ten days they gathered about 10,000 followers. Twitter should have noticed that and raised an alarm bell.
  • Once the account was noted as being a fake, initially on the 26th of December, but more so on the 29th, they lost a few hundred followers. Despite frequent retweets of warning messages, folks continued to follow them. That said, as of today 1st January 2013, the follower count has started to dip again. However their material is still be retweeted by many new followers. This leads me to believe that there’s a reasonable amount of “follower loss” vs “follower gain” – at the moment the losses are marginally more than the gains. Twitter should have noticed this pattern and a red flag should have been raised.
  • Many hundreds of the disgruntled followers and since unfollowed the @wp_discovery account, “reported as spam” and blocked it. Twitter should have noticed this and raised an alarm bell.
  • The @wp_discovery account has actively blocked any user who openly questioned their approach. Twitter should have noticed this and raised an alarm bell.

Looking at Twitter’s Rules, under Spam, there are a number of clauses that @wp_discovery may have fallen foul of:

  1. If a large number of people are blocking you; I would expect a large number of users blocked @wp_discovery; it would be interesting to understand Twitter’s definition of a large number though.
  2. The number of spam complaints that have been filed against you; Ditto for spam complaints
  3. If you post duplicate content over multiple accounts or multiple duplicate updates on one account; there were significant duplicate updates which should have caught Twitter’s attention.
  4. If you have attempted to “sell” followers, particularly through tactics considered aggressive following or follower churn;
  5. Using or promoting third-party sites that claim to get you more followers (such as follower trains, sites promising “more followers fast,” or any other site that offers to automatically add followers to your account); a third party Windows Phone alias was used to attract followers and drive traffic to the third party’s Windows Phone game.
  6. If you create false or misleading Points of Interest; @wp_discovery created a flurry of retweets around the notion that there were high-value prizes up for grabs

Looking at the “Content Boundaries and Use of Twitter”, it is possible that some of these boundaries have been breached too.

  • Impersonation: At one stage, their Twitter profile suggested they may have some soft of affiliation with Nokia.
  • Privacy: They followed Jenna Kate Kelly for a period of about two minutes, they then sent Jenna lurid direct messages. They denied sending her these messages, despite a number of witnesses and screenshots proving it!
  • Violence and Threats: What could be interpreted as threatening tweets were issued from the @wp_discovery account.
  • Copyright: The Microsoft “Windows 8” logo has been used as the @wp_discovery avatar. I know from personal experience that we, as app developers, are not permitted to use logos that are “too similar” to the Microsoft logo in Windows 8 apps that are submitted to the Windows Store.

And they clean up when a legal issue appears
As I was writing this, 1/1/13 at 22:15, I noticed @wp_discovery had begun to delete their tweets. They then posted a single tweet:

1

Which was then replaced with this one:

2

The bit.ly link leads to here: http://areon-development.de/?p=191. I’m not going repeat material that is already in Gary’s post on this matter. Suffice to say, @wp_discovery tried to use a Windows Phone game written by Areon Development in order to attract more followers. Areon Development clearly didn’t appreciate the association and pursued matters that led to @wp_discovery holding up their hands and walking away. That’s certainly the public statement that has been issued, I don’t think we’ll ever know the full ins and outs of it all.

What’s next?
Before they deleted their tweets, they did tweet this:

3

Now, I’m not suggesting that the @mplacetoday account is possibly their “next project”, but I would have to question why an account that was created on the 31st of December 2012 would warrant the attention of @wp_discovery? If somebody tells me otherwise, I’ll gladly remove this section from this blog post.

Moral of the story
It’s simple: if something seems too good to be true, it probably is.

Any Twitter stream or web-site that offers Nokia Lumia 920 phones, Microsoft Surfaces, Xboxes and Kinects has to have some form of reputation. They should also have some terms and conditions governing how you may enter their competition and how they’ll go about effecting the draw. There will probably be issues relating to where they will ship the prize to (e.g. some countries may not be eligible). Importantly, there will be a publicity or privacy clause – most competitions will expect you to be publicly ecstatic about your win, but they will give you the option of privacy should you wish it. @wp_discover had none of these in place…apart from assuming all supposed winners wanted 100% privacy.

They duped thousands of followers into thinking they stood a chance of winning a high-value prize. They were claim to have 5 phones and 2 Surfaces in their draws. Even as the follower count increased, 5 chances out of 9,000 or 10,000 has fairly good odds. At one point, near the end of their flurry of activity last month, they were suggesting anybody who asked could have a phone, any phone, just ask! I know that some “you’re a winner” direct messages were sent out, however as Gary explained in his post, @wp_discovery weaseled out of shipping prizes using a variety of tricks.

The upshot of it all was this: no real winners, merely folks who thought they had won something – @wp_discovery, most likely, wanted you to provide them with more personal information than would normally be required in any prize draw anywhere in the world.

You can protect yourself from similar [Twitter] scams in the future by doing as much research as you can. Use tools to help you, here are a few suggestions:

  • Use http://www.whendidyoujointwitter.com/ to help you work out how long a Twitter user has been on Twitter. If they joined recently, you have reason to investigate further.
  • Do they link to a web-site in their Twitter bio? It’s very easy to create a Twitter account and “go”. Creating a full web-site with contact details, legalese, etc. is another matter all together.
  • Use Twitter Search to see what everybody else is saying about a Twitter user – if most of the @wp_discovery followers did this, they’d never have followed them in the first place.
  • Use Bing, Google or your favourite search engine – although the results will include more than just Twitter and may include sites that aggregate Twitter content making it hard to “see the wood for the trees”
  • Use linguistic analysis – look at the grammar usage, use of contractions (“it is” and “it’s”). If they link to third-party sites, compare the writing style. Consider small things like the orientation of smilies “:-)” vs “(-:”. There are lots of small clues to be found in careful analysis of the language constructs and word selections!
  • Use screenshots to help gather information. There are lots of [free] tools that can grab your screen automatically – these are great if you need to capture follows, unfollows or tweets that may have been deleted, etc. I’ve used TimeSnapper in the past – there’s a free version available.

There are plenty of other tools that you can use, feel free to share any that you find useful in the comments below.

Thanks for reading!

Sky downgrade their “Mid” package from 40GB to 10GB per month – FAIL

How to lose customers in 15 months

We’ve been Sky subscribers since February 2008. We moved to Sky because the reception from Freeview was (and still is) frankly appalling – it was great for many months during 2007…then had a bad period after summer 2007…then was great over Christmas 2007…then it was plain useless in January 2008. Naturally I tried a few options: a new aerial, checked the transmitter information and tried a different receiver unit. Nothing worked well enough to rely on. Sky seemed to be the solution to our problems. However it wasn’t without sacrifice, or so I thought…

The sacrifice: I was paying Zen Internet £29.99 per month for their 0.5MB broadband package – yes, that was perhaps a tad expensive, however it just worked, perfectly. After doing my sums, it looked like I could get Sky TV for £16 per month, plus £5 for their “Mid” broadband package (offering a 40GB per month cap). Add in a couple of “mixes” for a £1 a pop and I was up at £23 per month. The apparent win: TV and Internet for a £6.99 per month saving. What could go wrong?

Indeed, what could go wrong? Broadband speeds had increased to from 0.5MB up to 2MB+, a win! And all those Sky TV channels too, a huge win! And more episodes of Star Trek than I’ll ever have time to watch, huge win, for me at least! However, the winning was short-lived. The broadband connection has suffered from a lot of downtime – that green Skype icon went grey all too often. I had no such problems with Zen Internet. The TV subscription wasn’t without its problems too, as we’ll see later in this rant.

Well, in November 2009 Sky wrote to me advising that the price of their Broadband Mid package was to double. The cost was £5, it was going up to £10. I hadn’t even been with them a full nine months and they hit me with a price rise of 100%. Utterly scandalous. However, in the grand scheme of things, and this is something that Sky presumably knew, £10 is still reasonably good value for a 40GB monthly package. I did complain to Mark Anderson (Mark.Anderson@bskyb.com) – granted I did get an e-mail back from some sort of ‘escalated help desk’, but it rather lamely asked me for my postal address.

Sent: Tue 02/12/2008 21:49

Dear Mr Anderson

Thank you for your letter of November 2008 advising me of a £5 or 100% rise in the cost of Sky Broadband.

I realise that £5 is very competitive and that was one of the two reasons we switched to your TV and Broadband services.

However, in the 10 months that we’ve been customers, the cost of the TV service has risen and now the cost of the broadband provision is rising.

Further, I record a lot of Star Trek on the Sky+ unit, however it won’t let me use the COPY option to move the episodes to DVD – because 80GB of personal space is not nearly enough. With no means of recording the episodes for watching later, it really means I personally don’t have much use for the Sky+ box…I don’t have time to watch what I’ve recorded and I can’t move the recorded content to DVD overnight…there is no point in recording anything.

If memory serves me, it’s a 12 month contract that I’m signed up for. Sending out a 100% price hike notification at this stage in the contract is just plain crazy.

Please be advised that I will be re-considering my options at the end of January 2009…you would be surprised how many friends and colleagues are telling me how good FreeSat is…Humax do wonderful HDD recorders too…

…and I’ve been chatting to other Sky “Mid” users, they haven’t received their 100% price hike notification yet…I do hope that you’ve not been selective about who is being subjected to the price hike?

Rgs
–Craig

To make matters worse, during November 2008 there was the great copy protection fiasco, which severely limited my use of the Sky+ service. I was not at all happy about that, so much so, The Guardian picked up on it and quoted a large chunk of that blog entry.

Last week, at the end of June 2009, Sky’s Mark Anderson wrote to me again. This time he was advising of ANOTHER price hike. In a nutshell, my Sky TV subscription was about to rise, making a total of £30 per month. Again, a scandalous mid-contract price rise. Of secondary concern, the font size used in Sky letters is very small – I can still read it with ease, however I’m sure that some subscribers might struggle. The letter itself makes no mention what changes to expect, but refers to an “enclosed leaflet”. Clever. Very clever. And utterly scandalous.

The leaflet that accompanied the letter was titled: “Sky Broadband now even better”, “All for the same low price”. Here’s a snapshot of what it looked like:

Looks like it’s just a re-branding, nothing to worry about…

…until you look closer. The 40GB monthly cap Sky Mid package is being re-branded to Everyday…with a monthly cap of 10GB.

It has something to do with “bring the usage allowance in line with what the majority of customers actually use”…HELLO? Granted Sky rather wisely included a paragraph stating that we could cancel the broadband portion of the contract without charge (well, thanks for that, from the company who raise their prices mid-contract). I am an individual, I do not like be grouped into a pot and treated like the “majority of customers”. I chose the 40GB package for a reason: it was ideal for my needs. Sky, you have moved the goal posts, changed the size of the nets and made the pitch four times wider at your end. Have I told you that this is scandalous? Utterly scandalous.

[UPDATE 07/07/2007 – after checking out the speed test here: http://www.skyuser.co.uk/speedtester/, it turns out I’m not even getting the average speeds for my package. Yet “more for less”.]

Given my distance from the BT exchange, it’s unlikely I’ll ever see more than 2700Kbps (via http://www.broadbandspeedchecker.co.uk/) download and 160Kbps upload speeds. Therefore, the other so-called upgrades do not appeal or apply to me.

So now I am paying 30% more than I was 15 months ago FOR LESS. A lot less as it happens: where did Sky channel 795 go? I’m trying to learn Spanish and may well have chosen to pay the extra £1 per month just for a single channel…however it has vanished from the channel line up. Scandalous, utterly scandalous. “Paying more for less”, that should be Sky’s tag line: I’m not the first person to say this, but Mark, I’m sorry to say this: you’re charlatans. [Update 06/07/2009 – Channel 795 has reappeared. However, let’s not forget this thing called Sky Anytime – it takes up 80GB of my 160GB of space, it records channels that I cannot get with my subscription: more “getting less”]

“Sky Believe in better” – I will be switching broadband provider as soon as possible and will be reconsidering our TV options too – that is something you can put money on, you had better believe it. FreeSat and Freeview may cost me upfront, but at least they don’t demand money downstream. I’ll be ‘phoning 08705 515 515 to request my MAC key next week.

Sky: Paying more for less.

The Fake Sarah Silverman Show @sarahsilverman @fake_sarah_silv @imKM

The Internet is awash with security issues, none more so than the social networking sites that so many users place considerable amounts of trust and belief. Today, users can sign up on such sites as Facebook and Twitter (to name two that I use) without any form of secondary credential check, i.e. you can sign up and be whoever you want to be. Evidence of this kind of impersonation can be found in my earlier blog entry where I discussed the “celebrities” who appear to be on Facebook.

From social networking to micro-blogging, the impersonation continues. During October the Twitter community was delighted to see Stephen Fry appear in the “Twitterverse”. Our delight continued when Stephen chose to follow a vast horde of us. John Cleese enjoyed similar celebrity status. However, Stephen and John were accepted into the Twitterverse without a second thought regarding their authenticity. It didn’t take long to spot that Stephen and John were standing on the “I am who I say I am” side of the fence. Their writing style is most eloquent and is rather recognisable.

Enter Sarah Silverman…on Twitter:

I read the Twitter stream reasonably carefully, checking a few things along the way. The stream mentioned London as a destination – true – the real Sarah Silverman did a gig at the Hammersmith Apollo last Sunday. A few other things checked out. What caught my eye was the fact that she was riled by the fact that she had lost a follower…so I suggested a web-site that might help her in the future. At that point the fake @sarahsilverman started to follow me, I was 1 of 23 folks she was following. And I remained 1 of 24 folks she was following whilst her followers grew from a handful to over 600 – this is most odd and served as a clue to something fishy.

The clue trail…
There’s not much to report about the profile picture or the user-name. Over the course the period 23/10/2008 to 26/10/2008, @sarahsilverman used at least two profile pictures – these were probably sourced from a variety of on-line photo repositories. If there were any clues to be found in the profile picture, I didn’t spot them.

Next up, the Biography and web-site details:

This is where it gets amusing. Silverman’s TwitterJacker made every effort to make the biography as real as possible. She (or he, more about why I say this shortly) even provided a link back to the real Sarah Silverman’s “Unofficial” web-site: http://sarahsilvermanonline.com/. Ironic, but still nothing hugely obvious there – anybody could obtain this information and set it up as it was here. However, even before I started following @sarahsilverman, I had my doubts about the authenticity of the textual content and writing style. I took the liberty of questioning the authenticity of celebrities in general. This prompted a rapid change in the biography text, previously it didn’t contain the text “and omfg i’m not going to say if i’m real or not”. OK, not really clues, however the use of “i’m” is a small clue. As is the use of “not” twice – the second “not” should really be replaced with “otherwise”.

I took the bait “Leaving for a bit. again! ~ as said ~ you should follow @imKM … see… isn’t that weird.” Prior to that bait finding its way on to the fake @sarahsilverman’s Twitter stream, a request for follow @imKM had arrived via a direct message: “…twitter friend ~ imKM?” What I found interesting about this approach was @imKM’s background image. I can’t be sure, but it does look like Sarah Silverman is in the background of this photograph:

I don’t know, perhaps @imKM happened to be using the cash point ahead of the real Sarah Silverman and decided to grab a photograph? Who knows for sure? Whatever the truth, when I mentioned this to the fake @sarahsilverman in a direct message, she responded “Yes, people say Photoshop but, he corrected me. It is actually faded with “LiveQuartz”. neat huh. say. are you not following my best… “

Connected to the background image challenge, during 25/10/2008, as the truth started to unfold, this tweet was a further clue to feathers being ruffled:

@imKM needs to stop using my photoshoped image. [http://www.youtube.com/videosbykm] he set it as his background.

Still at 24/10/2008, I had confirmed that both the fake @sarahsilverman and @imKM were using Apple Mac’s for their tweets. Both Twitter streams exhibited over-use of the tilde character “~”. Via a direct message, I challenged the fake @sarahsilverman about the use of the tilde – oddly I am unable to lay my hands on that direct message, I can’t see it in my sent items stream. However, the fake @sarahsilverman replied: “or a creative thing”. It’s a small thing to notice, however two people who instant message each other a lot will pick up on each other’s habits. Or, a single person using two Twitter accounts will make the mistake of following the same habits.

On Sunday 26/10/2008, it became evident through a self-confession that @sarahsilverman wasn’t the real Sarah Silverman. Prior to the self-confession, a few blogs picked up on it, here and here. The @sarahsilverman feed vanished and was replaced with @fake_sarah_silv. The first post truthful post announced:

“My name is Sarah Ascher, friend of @imKM; not @imKM. I am sorry. This started as a joke, I guess people can’t take it.”

For a few minutes the @fake_sarah_silv continued to use the same Twitter background. This was probably an oversight as he or she was too busy undoing the web of deceit that had unfolded so rapidly:

Very soon after the confession tweet, @fake_sarah_silv finally changed the background image:

Of course, at the time of writing, it hasn’t been confirmed that Sarah Ascher even exists. As many Twitter users predicted, @fake_sarah_silv and @imKM could be the same person. Whatever the case, it was a shameful cry to drive traffic to @imKM’s content. KM himself (we must assume that it is a he!) eventually wrote a lengthy piece attempting to distance himself from the whole quagmire. Amusingly, @imKM was rather quick to quash any thoughts that he had a crush on the real Sarah Silverman! I must admit, the crush thing was first on my thoughts once the @imKM follow request appeared – that and the fact it appeared to be Sarah Silverman in @imKM’s background image.

Anyway, not surprisingly, it seems @imKM was somewhat disturbed by some of the tweets he was receiving:

I hope your parents have a good lawyer little boy.

heaven forbid your take responsibility for your actions

I don’t imagine that this will go away in a hurry, there’s probably a few more days of fall out to be had whilst bloggers and Twitterer’s around the globe pick up on it. In the meantime, @sarahsilverman is at 23:22 in the UK on 23/10/2008 is strangely still available. If the real Sarah Silverman reads this (hey, it’s possible surely?) perhaps it’s time you grabbed your presence on Twitter before somebody else does this all over again? Other micro-blogging sites are available.

Your take-away…
@imKM was attempting to drive web traffic to his blog and video site by relying on the hard work and goodwill of other folks. Whether you like the real Sarah Silverman or not, it had an effect: 600 followers for the fake @sarahsilverman within a short space of time. @imKM received a few extra followers, however now his reputation has taken a serious beating. Small mistakes, and failing to follow accepted Internet etiquette and Twitterquette led to the downfall being as rapid as it was. If @imKM was patient and exercised some care, he could have kept this charade running for weeks or months.

The moral of this blog post is still the same as it was when I wrote about impersonation last year. There are many places on the Internet where it is necessary to verify who you are and in some way prove that you are who you say you are (authenticity), however very few places actually implement them – even some of the big banks struggle to do this properly.

It’s difficult to offer any guaranteed advice that can help you spot fakes, hopefully this post provided a few things to look out for. In social networking and indeed, in micro-blogging situations, it’s always worth checking out the friends/followers of the person you are about to connect with. Take a look at the people that person connects with, do they look like the kind of people who would connect with each other?

Oh, 23:25 in the UK on 26/10/2008 and http://twitter.com/fake_sarah_silv does not exist!

Finally, it was lovely to write this blog post as if I was on first name terms with Stephen and John. I am, of course, not and I will convey my apologies to Mr Fry and Mr Cleese when I next meet them.

Images grabbed using TechSmith‘s SnagIt – an essential tool for developers and bloggers alike. With thanks to Betsy Weber

Technorati Tags: , , , , , , , ,