, ,

Smartphones are all about the camera nowadays

New phones are arriving nearly every day. Samsung unveiled its latest Galaxy S9 flagship. Google is selling lots of its Pixel 2 handset. Apple continues to push its iPhone X. The Vivo Apex concept phone, out of China, has a pop-up selfie camera. And Nokia has reintroduced its famous 8110 model – the slide-down keyboard model featured in the 1999 movie, “The Matrix.”

Yet there is a slowdown happening. Hard to say whether it’s merely seasonal, or an indication that despite the latest and newest features, it’s getting harder to distinguish a new phone from its predecessors.

According to the 451 report, “Consumer Smartphones: 90 Day Outlook: Smartphone Buying Slows but Apple and Samsung Demand Strong,” released February 2018: “Demand for smartphones is showing a seasonal downtick, with 12.7% of respondents from 451 Research’s Leading Indicator panel saying they plan on buying a smartphone in the next 90 days.” However, “Despite a larger than expected drop from the September survey, next 90 day smartphone demand is at its highest December level in three years.”

451 reports that over the next 90 days,

Apple (58%) leads in planned smartphone buying but is down 11 points. Samsung (15%) is up 2 points, as consumer excitement builds around next-gen Galaxy S9 and S9+ devices, scheduled to be released in March. Google (3%) is showing a slight improvement, buoyed by the October release of its Pixel 2 and 2 XL handsets. Apple’s latest releases are the most in-demand among planned iPhone buyers: iPhone X (37%; down 6 points), iPhone 8 (21%; up 5 points) and iPhone 8 Plus (18%; up 4 points).

Interestingly, Apple’s famous brand loyalty may be tracking. Says 451, “Google leads in customer satisfaction with 61% of owners saying they’re Very Satisfied. Apple is close behind, with 59% of iPhone owners saying they’re Very Satisfied. That said, it’s important to keep in mind that iPhone owners comprise 57% of smartphone owners in this survey vs. 2% who own a Google Pixel smartphone.”

Everyone Loves the Galaxy S9

Cnet was positively gushing over the new Samsung phone, writing,

A bold new camera, cutting-edge processor and a fix to a galling ergonomic pitfall — all in a body that looks nearly identical to last year’s model. That, in a nutshell, is the Samsung Galaxy S9 (with a 5.8-inch screen) and its larger step-up model, the Galaxy S9 Plus, which sports an even bigger 6.2-inch screen.

Cnet calls out two features. First, a camera upgrade that includes variable aperture designed to capture better low-light images – which is where most phones really fall down.

The other? “The second improvement is more of a fix. Samsung moved the fingerprint reader from the side of the rear camera to the center of the phone’s back, fixing what was without a doubt the Galaxy S8’s most maddening design flaw. Last year’s model made you stretch your finger awkwardly to hit the fingerprint target. No more.”

The Verge agrees with that assessment:

… the Galaxy S9 is actually a pretty simple device to explain. In essence, it’s the Galaxy S8, with a couple of tweaks (like moving the fingerprint sensor to a more sensible location), and all the specs jacked up to the absolute max for the most powerful device on the market — at least, on paper.

Pop Goes the Camera

The Vivo concept phone, the Apex, has a little pop-up front-facing camera designed for selfies. Says TechCrunch, this is part of a trend:

With shrinking bezels, gadget makers have to look for new solutions like the iPhone X notch. Others still, like Vivo and Huawei, are look at more elegant solutions than carving out a bit of the screen.

For Huawei, this means using a false key within the keyboard to house a hidden camera. Press the key and it pops up like a trapdoor. We tried it out and though the housing is clever, the placement makes for awkward photos — just make sure you trim those nose hairs before starting your conference call.

Vivo has a similar take to Huawei though the camera is embedded on a sliding tray that pops-up out of the top of the phone.

So, there’s still room for innovation. A little room. Beyond cameras, and some minor ergonomic improvements, it’s getting harder and harder to differentiate one phone from another – and possibly, to convince buyers to shell out for upgrades. At least, that is, until 5G handsets hit the market.

,

Patch. Sue. Repeat. That’s the plan with Spectre and Meltdown

Spectre and Meltdown are two separate computer security problems. They are often lumped together because they were revealed around the same time – and both exploit vulnerabilities in many modern microprocessors. The website MeltdownAttack, from the Graz University of Technology, explains both Spectre and Meltdown very succinctly – and also links to official security advisories from the industry:

Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system. If your computer has a vulnerable processor and runs an unpatched operating system, it is not safe to work with sensitive information without the chance of leaking the information. This applies both to personal computers as well as cloud infrastructure. Luckily, there are software patches against Meltdown.

Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre. Spectre is harder to exploit than Meltdown, but it is also harder to mitigate. However, it is possible to prevent specific known exploits based on Spectre through software patches.

For now, nearly everyone is dependent on microprocessor makers and operating system vendors to develop, test, and distribute patches to mitigate both flaws. In the future, new microprocessors should be immune to those exploits – but because of the long processor developing new processors, we are unlikely to see computers using such next-generation processors available for several years.

So, expect Spectre and Meltdown to be around for many years to come. Some devices will remain unpatched — because some devices always remain unpatched. Even after new computers become available, it will take years to replace all the old machines.

Wide-Ranging Effects

Just about everything is affected by these flaws. Says the Graz University website:

Which systems are affected by Meltdown? Desktop, Laptop, and Cloud computers may be affected by Meltdown. More technically, every Intel processor which implements out-of-order execution is potentially affected, which is effectively every processor since 1995 (except Intel Itanium and Intel Atom before 2013). We successfully tested Meltdown on Intel processor generations released as early as 2011. Currently, we have only verified Meltdown on Intel processors. At the moment, it is unclear whether AMD processors are also affected by Meltdown. According to ARM, some of their processors are also affected.

 Which systems are affected by Spectre? Almost every system is affected by Spectre: Desktops, Laptops, Cloud Servers, as well as Smartphones. More specifically, all modern processors capable of keeping many instructions in flight are potentially vulnerable. In particular, we have verified Spectre on Intel, AMD, and ARM processors.

Ignore Spectre and Meltdown at your peril.

Patch. Sue. Repeat.

Many techies are involved in trying to handle the Spectre and Meltdown issues. So are attorneys. Intel alone has indicated dozens of lawsuits in its annual report filing with the U.S. Securities asnd Exchange Commission:

As of February 15, 2018, 30 customer class action lawsuits and two securities class action lawsuits have been filed. The customer class action plaintiffs, who purport to represent various classes of end users of our products, generally claim to have been harmed by Intel’s actions and/or omissions in connection with the security vulnerabilities and assert a variety of common law and statutory claims seeking monetary damages and equitable relief.

Given that there are many microprocessor makers involved (it’s not only Intel, remember), expect lots more patches. And lots more lawsuits.

, , ,

Software Defined Perimeter (SDP), not Virtual Private Networks (VPN)

The VPN model of extending security through enterprise firewalls is dead, and the future now belongs to the Software Defined Perimeter (SDP). Firewalls imply that there’s an inside to the enterprise, a place where devices can communicate in a trusted manner. This being so, there must also be an outside where communications aren’t trusted. Residing between the two is that firewall which decides which traffic can egress and which can enter following deep inspection, based on scans and policies.

What about trusted applications requiring direct access to corporate resources from outside the firewall? That’s where Virtual Private Networks came in, by offering a way to push a hole in the firewall. VPNs are a complex mechanism for using encryption and secure tunnels to bridge multiple networks, such as a head-office and regional office network. They can also temporarily allow remote users to become part of the network.

VPNs are well established but perceived as difficult to configure on the endpoints, hard for IT to manage and challenging to scale for large deployments. There are also issues of software compatibility: not everything works through a VPN. Putting it bluntly, almost nobody likes VPNs and there is now a better way to securely connect mobile applications and Industrial Internet of Things (IIoT) devices into the world of datacenter servers and cloud-based applications.

Authenticate Then Connect

The Software Defined Perimeter depends on a rigorous process of identity verification of both client and server using a secure control channel, thereby replacing the VPN. The negotiation for trustworthy identification is based on cryptographic protocols like Transport Layer Security (TLS) which succeeds the old Secure Sockets Layer (SSL).

With identification and trust established by both parties, a secure data channel can be provisioned with specified bandwidth and quality. For example, the data channel might require very low latency and minimal jitter for voice messaging or it might need high bandwidth for streaming video, or alternatively be low-bandwidth and low-cost for data backups.

On the client side, the trust negotiation and data channel can be tied to a specific mobile application, perhaps an employee’s phone or tablet. The corporate customer account management app needs trusted access to the corporate database server, but no other phone service should be granted access.

SDP is based on the notion of authenticate-before-connect, which reminds me of reverse-charge phone calls of the distant past. A caller would ask the operator to place a reverse charge call to Sally on a specified number from her nephew, Bob. The operator placing the call would chat with Sally over the equivalent of the control channel. Only if the operator believed she was talking to Sally, and providing Sally accepted the charges, would the operator establish the Bob-to-Sally connection, which is the equivalent of the SDP data channel.

Read more in my essay for Network Computing, “Forget VPNs: the future is SDP.”

, ,

Most routine IT operations will soon be handled autonomously

Companies can’t afford downtime. Employees need access to their applications and data 24/7, and so do other business applications, manufacturing and logistics management systems, and security monitoring centers. Anyone who thinks that the brute force effort of their hard-working IT administrators is enough to prevent system downtime just isn’t facing reality.

Traditional systems administrators and their admin tools can’t keep up with the complexity inherent in any modern enterprise. A recent survey of the Oracle Applications Users Group has found that despite significant progress in systems management automation, many customers still report that more than 80% of IT issues are first discovered and reported by users. The number of applications is spiraling up, while data increases at an even more rapid rate.

The boundaries between systems are growing more complex, especially with cloud-based and hybrid-cloud architectures. That reality is why Oracle, after analyzing a survey of its industry-leading customers, recently predicted that by 2020, more than 80% of application infrastructure operations will be managed autonomously.

Autonomously is an important word here. It means not only doing mundane day-to-day tasks including monitoring, tuning, troubleshooting, and applying fixes automatically, but also detecting and rapidly resolving issues. Even when it comes to the most complex problems, machines can simplify the analysis—sifting through the millions of possibilities to present simpler scenarios, to which people then can apply their expertise and judgment of what action to take.

Oracle asked, about the kind of activities that IT system administrators do. That includes on a daily, weekly, and monthly basis—things such as password resets, system reboots, software patches, and the like.

Expect that IT teams will soon reduce by several orders of magnitude the number of situations like those that need manual intervention. If an organization typically has 20,000 human-managed interventions per year, humans will need to touch only 20. The rest will be handled through systems that can apply automation combined with machine learning, which can analyze patterns and react faster than human admins to enable preventive maintenance, performance optimization, and problem resolution.

Read more in my article for Forbes, “Prediction: 80% of Routine IT Operations Will Soon Be Solved Autonomously.”

From beyond the grave, Baron von Bismark has fake money for you

He died in 1898, but that doesn’t stop Baron Otto von Bismark from wanting to scam you from beyond the grave. Sure, he’s calling himself Diplomat Otto Bismark, but that can’t fool me: We know he’s the First Chancellor of the German Empire, seeking his revenge.

Amusing though this email is, it is a scam. After all, why would a United Nations official be sending email from the lee.org domain, and want you to write him at a free address hosted by a German mail service? And you’d think the wily Baron would know if this was an inheritance or lottery winnings, right?

Don’t reply to messages like this – delete them.

From: “Diplomat Otto Bismark” email hidden; JavaScript is required
Subject: Attention: Dear Beneficiary,
Reply-To: email hidden; JavaScript is required

Attention: Dear Beneficiary,

I am Otto Bismark a foreign Diplomat attach to the United Nations Foundation. I am instructed to deliver an International Bank Cheque value USD$11.5 Million United State Dollars to you. This money was coming from Africa/Europe to you as your Contract/Inheritance/Lotto fund that was seize some time ago. After verification, it was discovered that the money was not for any form of Terrorist sponsor. I have sent you email for the past two days but no response.

I have deposited the International Bank Cheque value USD$11.5 Million with a Clearing House .Do contact them with the information below with SUBJECT MY International Bank Cheque.

Accountant Joel Weaver
Phone: +1 510 585 9346
Email: email hidden; JavaScript is required

Sincerely,

Diplomat Otto Bismark
Email: email hidden; JavaScript is required

,

Business partners and vendors might disclose your data

On February 7, 2018, the carrier Swisscom admitted that a security lapse revealed sensitive information about 800,000 customers was exposed. The security failure was at one of Swisscom’s sales partners.

This is what can happen when a business gives its partners access to critical data. The security chain is only as good as the weakest link – and it can be difficult to ensure that partners are taking sufficient care, even if they pass an onboarding audit. Swisscom says,

In autumn of 2017, unknown parties misappropriated the access rights of a sales partner, gaining unauthorised access to customers’ name, address, telephone number and date of birth.

That’s pretty bad, but what came next was even worse, in my opinion. “Under data protection law this data is classed as ‘non-sensitive’,” said Swisscom. That’s distressing, because that’s exactly the sort of data needed for identity theft. But we digress.

Partners and Trust

Partners can be the way into an organization. Swisscom claims that new restrictions, such as preventing high-volume queries and using two-factor authentication, mean such an event can never occur again, which seems optimistic: “Swisscom also made a number of changes to better protect access to such non-sensitive personal data by third-party companies… These measures mean that there is no chance of such a breach happening again in the future.”

Let’s hope they are correct. But in the meantime, what can organizations do? First, Ensure that all third parties that have access to sensitive data, such as intellectual property, financial information, and customer information, go through a rigorous security audit.

Tricia C. Bailey’s article, “Managing Third-Party Vendor Risk,” makes good recommendations for how to vet vendors – and also how to prepare at your end. For example, do you know what (and where) your sensitive data is? Do vendor contracts spell out your rights and responsibilities for security and data protection – and your vendor’s rights and responsibilities? Do you have a strong internal security policy? If your own house isn’t in order, you can’t expect a vendor to improve your security. After all, you might be the weakest link.

Unaccustomed to performing security audits on partners? Organizations like CA Veracode offer audit-as-a-service, such as with their Vendor Application Security Testing service. There are also vertical industry services: the HITRUST Alliance, for example, offers a standardized security audit process for vendors serving the U.S. healthcare industry with its Third Party Assurance Program.

Check the Back Door

Many vendors and partners require back doors into enterprise data systems. Those back doors, or remote access APIs, can be essential for the vendors’ performing their line-of-business function. Take the Swisscom sales partner: It needs to be able to query Swisscom customers and add/update customer information, in order to effectively serve as as a sales organization.

Yet if the partner is breached, that back door can fall under the control of hackers, using the partner’s systems or credentials. In its 2017 Data Breach Investigations Report, Verizon reported that in regard to Point-of-Sale (POS) systems, “Almost 65% of breaches involved the use of stolen credentials as the hacking variety, while a little over a third employed brute force to compromise POS systems. Following the same trend as last year, 95% of breaches featuring the use of stolen credentials leveraged vendor remote access to hack into their customer’s POS environments.”

A Handshake Isn’t Good Enough

How secure is your business partner, your vendor, your contractor? If you don’t know, then you don’t know. If something goes wrong at your partners’ end, never forget that it may be your IP, your financials, and your customers’ data that is exposed. After all, whether or not you can recover damages from the partner in a lawsuit, your organization is the one that will pay the long-term price in the marketplace.

Are you dead or Alive?

Here’s a scam attempt noteworthy only for its inadvertent humor. Needless to say, any email like this is trying to defraud you. Don’t respond to such messages; simply delete them without asking why an allegedly South African email is coming from a Russian address. Or anything like that.

From: “FROM THE DESK OF MR. AKIN MUSA” email hidden; JavaScript is required
Subject: Are you dead or Alive?
Reply-To: email hidden; JavaScript is required

FROM THE DESK OF MR. AKIN MUSA
INTERNATIONAL MONETARY FUND AGENCY
INTERNATIONAL OPERATION DEPT
PRETORIA- SOUTH AFRICA.

RE-OUTSTANDING PAYMENT

This is to inform you of your long overdue Payment outstanding our Banking records. I saw your name in the Central Computer among list of unpaid inheritance claims individuals and have to update your information through this email contact for immediate confirmation. Your name appeared among the beneficiaries who will receive a part-payment of US$20.500, 000 million (Twenty million and five hundred thousand United State dollars) and it has been approved already for payment months ago. However we received an email from one Mr. Morris Thompson who told us that he is your next of kin and that you died in a car accident last four months back.

He has also submitted his account information to the office department for transfer of the fund to him as your inheritor. We are now verifying by contacting your email address as we have in our Bank records before we can make the transfer into his account and for us to conclude confirmation if you are dead or not. Please, confirm response immediately before our action release of the outstanding payment against your name listed out. Upon this, I request you send your full personal information as soon as possible to enable this department finalize the transfer of the fund release to your nominated foreign Bank Account. This department needs the following information from you urgently.

1. Full Names……………………
2. Telephone and Fax Number……….
3. Contact Address……………….
4. Age………………………….
5. Occupation……………………
6. Sex………………………….
7. Id Card

CONFIDENTIALITY NOTICE: This E-Mail is intended only for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. Once again, I apologize to you on behalf of International Monetary fund Agency towards this contact and proper confirmation required urgently from you if alive. Make sure you reply to my alternative mail address (email hidden; JavaScript is required)

 Thanks,

Yours Sincerely

MR. Akin Musa
International Monetary Fund Agency
E-mail: email hidden; JavaScript is required

,

Pornography is a huge security risk – especially in the workplace

Savvy businesses have policies that prevent on-site viewing of pornography, in part to avoid creating a hostile work environment — and to avoid sexual harassment lawsuits. For security professionals, porn sites are also a dangerous source of malware.

That’s why human-resources policies should be backed up with technological measures. Those include blocking porn sites at the firewall, and for using on-device means to stop browsers from accessing such sites.

Even that may not be enough, says Kaspersky Labs, in its report, “Naked online: cyberthreats facing users of adult websites and applications.” Why? Because naughty content and videos have gone mainstream, says the report:

Today, porn can be found not only on specialist websites, but also in social media networks and on social platforms like Twitter. Meanwhile, the ‘classic’ porn websites are turning into content-sharing platforms, creating loyal communities willing to share their videos with others in order to get ‘likes’ and ‘shares’.

This problem is not new, but it’s increasingly dangerous, thanks to the criminal elements on the Dark Web, which are advertising tools for weaponizing porn content. Says Kaspersky, “While observing underground and semi-underground market places on the dark web, looking for information on the types of legal and illegal goods sold there, we found that among the drugs, weapons, malware and more, credentials to porn websites were often offered for sale.”

So, what’s the danger? There are concerns about attacks on both desktop/notebook and mobile users. In the latter case, says Kaspersky,

  • In 2017, at least 1.2 million users encountered malware with adult content at least once. That is 25.4% of all users who encountered any type of Android malware.
  • Mobile malware is making extensive use of porn to attract users: Kaspersky Lab researchers identified 23 families of mobile malware that use porn content to hide their real functionality.
  • Malicious clickers, rooting malware, and banking Trojans are the types of malware that are most often found inside porn apps for Android.

That’s the type of malware that’s dangerous on a home network. It’s potential ruinous if it provides a foothold onto an enterprise network not protected by intrusion detection/prevention systems or other anti-malware tech. The Kaspersky report goes into a lot of detail, and you should read it.

For another take on the magnitude of the problem: The Nielsen Company reported that more than 21 million Americans accessed adult websites on work computers – that is, 29% of working adults. Bosses are in on it too. In 2013, Time Magazine said that a survey of 200 U.S.-based data security analysts reveals that 40 percent removed malware from a senior executive’s computer, phone, or tablet after the executive visited a porn website.

What Can You Do?

Getting rid of pornography isn’t easy, but it’s not rocket science either. Start with a strong policy. Work with your legal team to make sure the policy is both legal and comprehensive. Get employee feedback on the policy, to help generate buy-in from executives and the rank-and-file.

Once the policy is finalized, communicate it clearly. Train employees on what to do, what not to do… and the employment ramifications for violating the policy. Explain that this policy is not just about harassment, but also about information security.

Block, block, block. Block at the firewall, block at proxy servers, block on company-owned devices. Block on social media. Make sure that antivirus is up to date. Review log files.

Finally, take this seriously. This isn’t a case of giggling (or eye-rolling) about boys-being-boys, or harmless diversions comparable to work-time shopping on eBay. Porn isn’t only offensive in the workplace, but it’s also a gateway to the Dark Web, criminals, and hackers. Going after porn isn’t only about being Victorian about naughty content. It’s about protecting your business from hackers.

, ,

You are not the user of the software you are designing or approving

You are not the user. If you are the CEO, CTO, chief network architect, software developer – you aren’t the user of the software or systems that you are building, or at least, you aren’t the primary user. What you are looking for isn’t what your customer or employee is looking for. And the vocabulary you use isn’t the vocabulary your customer is using, and may not be what your partners say either.

Two trivial examples:

  1. I recently had my hair cut, and the stylist asked me, “Do you need any product?” Well, I don’t use product. I use shampoo. “Product” is stylist-speak, not customer-speak.
  2. For lunch one day, I stopped at a fast-food chain. Yes, yes, I know, not the healthiest. When my meal was ready, I heard over the speaker, “Order 143, your order is up.” Hmm. Up? In customer-speak, it should have been, “Your order is ready.”

In the essay, “You Are Not the User: The False-Consensus Effect,” Raluca Budiu observes:

While many people who earn a living from developing software will write tons of programs to make their own life easier, much, if not most, of their output will in fact be intended for other people — people who are not working in a cubicle nearby, or not even in the same building. These “users” are usually very different than those who write the code, even in the rare case where they are developers: they have different backgrounds, different experiences with user interfaces, different mindsets, different mental models, and different goals. They are not us.

Badiu defines the false-consensus effect as, “The false-consensus effect refers to people’s tendency to assume that others share their beliefs and will behave similarly in a given context.” And that is more than designing cool software. Good design, and avoiding a false consensus, requires real-life situations with real-life customers or end users.

The way I navigate a grocery store is not the way that the store’s designer, or store’s manager, navigates it. It’s certainly not the way that the store’s manager navigates it. Or its chief risk officer. That’s why grocery stores spend a fortune observing users and testing different layouts to not only maximize sales and profitability, but also maximize the user’s satisfaction. A good design often requires a balance between the needs of the designer and the needs of the users.

My wife was recently frustrated when navigating an insurance company’s website. It was clearly not designed for her use case. Frankly, it’s hard to imagine anyone being satisfied with that website. And how about the process of logging into a WiFi network in a hotel, airport, or coffee shop? Could it be more difficult?

Focus on the User Experience

The Nielsen Norman Group, experts in usability, have offered a list of “10 Usability Heuristics of User Interface Design.” While Jakob Nielsen is focused on the software user experience, these are rules that we should follow in many other situations. Consider this point:

Match between system and the real world: The system should speak the users’ language, with words, phrases and concepts familiar to the user, rather than system-oriented terms. Follow real-world conventions, making information appear in a natural and logical order.

Yes, and how about

Help users recognize, diagnose, and recover from errors: Error messages should be expressed in plain language (no codes), precisely indicate the problem, and constructively suggest a solution.

That’s so familiar. How many of us have been frustrated by dialog boxes, not knowing exactly what will happen if we press “Cancel” or “Okay”?

Design Thinking

The article “Design Thinking” from Sarah Gibbons talks about what we should do when designing systems. That means getting them in front of real people:

Prototype: Build real, tactile representations for a subset of your ideas. The goal of this phase is to understand what components of your ideas work, and which do not. In this phase you begin to weigh the impact vs. feasibility of your ideas through feedback on your prototypes.

Test: Return to your users for feedback. Ask yourself ‘Does this solution meet users’ needs?’ and ‘Has it improved how they feel, think, or do their tasks?’

Put your prototype in front of real customers and verify that it achieves your goals. Has the users’ perspective during onboarding improved? Does the new landing page increase time or money spent on your site? As you are executing your vision, continue to test along the way.

Never forget, you are not the user.

,

Congratulations, Carole Zeichick!

Being scammed in French – mais non!

This just in, via Facebook Messenger, from an account called “Clemond Fernand.” It’s a scam. Don’t reply to messages like this – block the account instead.

Bonjour,

Je réponds a tous ceux qui sont dans la mélasse comme moi niveau dossier de surendettement, voilà vous allez voir des propositions allé chantes sur des prêts entre particulier a taux de 2 à 4 %, sur une période de 15 ans,entre 2000 et 1.000.000 euros.

Je vous le dit attention très grosses arnaques, bien entendue ils vous dore la pilule en disant qu’ils peuvent vous aidez a tout projet immo, projet personnel, remboursement bancaire, etc etc; j’ai pris contact avec tous ses vendeurs de rêves et tous ont une seule demande après avoir expliquer le pourquoi de votre demande, c’est de payer des frais d’assurance ou frais de dossier.

Ils vous demandent: pièce d’identité, reconnaissance de dette, bulletin de salaire, relevé d’identité bancaire.

Attention quand vous demandez un tableau d’amortissement sous forme excel, il vous disent pas la peine c’est suivant ce qui est stipulé sur la reconnaissance de dettes.

Si ils vous demandent des frais, tirez vous vite se sont tous des voleurs; car en France il y a une nomenclature qui dit : ” Aucun versement que se soit ne peut être effectué pour un ou plusieurs prêt entre particulier.”

J’ai demandé a mon banquier se que cela voulait dire pour être moins con, il m’a dit: ” que tous les frais qu’ils vous sont demandé sont directement prélevé sur la somme prêtée.”

Donc ne tombez jamais dans le panneau. email hidden; JavaScript is required

M. Clemond claims to be someone important. “Former Gouverneur de la Banque centrale européenne at Le roi Babilone, grand maître de la spirictuelité.” That means, “Former Governor of the European Central Bank at King Babilone, Grand Master of Spirituality.” Riiiight.

I think Google Translate had some trouble with the text.

Hello,

I answer to all those who are in the molasses like me level of overindebtedness, here you will see proposals gone sing on loans between particular rate of 2 to 4%, over a period of 15 years, between 2000 and 1.000. 000 euros.

I tell you very serious scams, of course you will love the pill saying that they can help you any real estate project, personal project, bank reimbursement, etc etc; I made contact with all his dream sellers and all have one request after explaining the why of your request is to pay insurance fees or fees.

They ask you: ID, debt acknowledgment, pay slip, bank statement.

Be careful when you ask for an amortization table in excel form, it do not bother you, it is according to what is stipulated on the recognition of debts.

If they charge you a fee, shoot you quickly are all thieves; because in France there is a nomenclature that says: “No payment whatsoever can be made for one or more loan between individual.”

I asked my banker what it meant to be less stupid, he told me: “that all the fees they are asked of you are directly levied on the sum lent.”

So never fall in the sign. email hidden; JavaScript is required

Oklahoma is not okay for spam scammers

It’s like this scammer isn’t even trying. Dr. George is disappointed in me for setting up and missing an appointment. Fortunately he went to bat and convinced someone to pay some fees to save my $5.5 million ATM card. If I reply soon and repay the fees, the cash is mine! (I wonder why scammers like to mention that ATM cards were shipped via DHL. Does it make the scam seem more credible than, say, FedEx?)

No more credible than saying that my unknown benefactor is “a USA based in USA.” And who is Jeff Parker, aka “diplomatbobo”?

Needless to say, it’s a scam. Whether the email looks credible, or is as poorly written as this one, nobody is offering to send you an ATM card worth millions of dollars. Don’t reply to scams; just delete them.

From: Dr Jeff Parker email hidden; JavaScript is required
To: undisclosed-recipients:;
Subject: Your ATM Card Is Now In Oklahoma, USA
Reply-To: email hidden; JavaScript is required

BRITISH HIGH COMMISSION
Metro Plaza,
275 Old Queen St,
Westminster,
London.
United Kingdom
Tel : +44 845 486 0403

Attention : Beneficiary,

I’m so disappointed at the fact that you could give this respectable office a schedule and then end up failing to meet up. Well, some other victims have paid the fee on your behalf alongside his own too so the two cards containing USD$5.500.000.00 was sent to him, he is a USA based in USA. I had no choice but to plead with him to pay on your behalf and then receive it for you because if i leave it here, the NFIU will order me to confiscate it since you have already exceeded the deadline announced by the NFIU.

Luckily for you, he accepted and paid it on your behalf so it was sent to him via DHL overnight express delivery together with his too. He confirmed that he got the cards today.

I told him that you will contact him for your card and as soon as you pay him back the money he spent on your behalf he should send the ATM CARD to you. You may as well confirm from him that his own is working perfectly. Hence, he will not hesitate to send it back to us if you do not lay claim to it in due time. Once you claim your card and start withdrawal, do not hesitate to feed me back .His name is Mr. Jay Stout Vines based in Oklahoma, USA and his e-mail: email hidden; JavaScript is required, his phone number: +1 580-302-5845, mail him to claim your card if you wish.

Yours in Service,

Dr. George Amber
CONSULAR,
BRITISH HIGH COMMISSION
Tel : +44 845 486 0403