I love Thunderbird for reading emails, and keeping track of my RSS feeds.

But for some reason RSS tends to become corrupted. I don’t believe it’s necessarily Thunderbird’s fault, although it seems a bit pickier about feeds that are correctly crafted then other RSS readers.

A clue that there is a problem is RSS feeds simply stop receiving any new messages. When looking at the feed it appears that it is no longer subscribed. Deleting the feed and resubscribing fails with a message stating that the feed is already subscribed.

In cases like this the only fix seems to be to manually delete the feed.

In Windows do this by going to: C:\Documents and Settings\UserName\Application Data\Thunderbird\Profiles\wsfdfsgb.default\Mail\Feeds

The part after profiles, in this case wsgjbxgb.default, will be different on each machine. In some cases there might even be two files that both have .default in them. If so, the newest one is usually correct.

On Macintosh, these files are located in /Users/username/Library/Thunderbird/profiles/wsfdfsgb.default/Mail/News & Blogs/

Once in the correct folder, simply delete all files with the name of the site that you’re pulling feeds from. Note that this will also delete any saved articles you might have kept, so be sure to back those up within Thunderbird.

After deleting the files, restart Thunderbird and re-add the feeds. Everything should be working now!

There is a new major malware virus going around right now. This one is “Digital Protection” and infects computers after the user gets one of those pop-ups that says “You have a virus!”

The odd thing about this one is that it’s also taking over the Windows Updater program, so it can’t be used to download new security patches and fixes from Microsoft.

It’s also loading itself multiple times into the Windows registry. Below are step by step instructions on how to remove it. http://www.geekstogo.com/forum/Removal-instructions-Digital-Protection-t274218.html

This is a nasty removal process so if you’re not familiar with editing the Windows registry, I highly suggest you take this somewhere professional.

This one took me a few minutes to identify. There is little information about it on the net let, but the pieces didn’t quite jive right.

First odd thing was an envelope mailed to me. The return address said:

P.O. BOX 300 STATION M
TORONTO ON M6S 4X2

No company information or anything. Upon opening it is a check for $2,408.18 drawn upon the Greensboro Postal Credit Union in North Carolina.

Check has been heavily photoshopped so that people won’t try to use it.

Included is a letter “explaining” how it all works. Essentially they want a mystery shopper to shop various locations. This sounds fairly legit, although I do not recall signing up for any mystery shopper things. The key tip off to me was the part where it says to send a Western Union payment to a fake relative.

The second key tip off is the “pay” for doing this – $200! This is far more then most mystery shopping jobs usually pay.

Also included is a little survey form about the mystery shopper trip.

The phone number for the “Assigned Training Coordinator” 650-993-1549 shows up as a San Francisco number. Who is for the website listed: esurveyspro.com shows a Romanian address.

Registrant:
Outside Software Inc.
Bd Iuliu Maniu, Nr 7
Corp U, Etaj 5, Birou H
Bucharest, 061072 Romania

Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
Domain Name: ESURVEYSPRO.COM
Created on: 15-Apr-06
Expires on: 15-Apr-19
Last Updated on: 28-Jan-10
Administrative Contact: Badea, Florentin florentin@outsidesoftware.ro
Outside Software Inc.
Bd Iuliu Maniu, Nr 7
Corp U, Etaj 5, Birou H
Bucharest, 061072
Romania
+40.213192553 Fax –

Technical Contact:
Badea, Florentin florentin@outsidesoftware.ro
Outside Software Inc.
Bd Iuliu Maniu, Nr 7
Corp U, Etaj 5, Birou H
Bucharest, 061072
Romania +40.213192553 Fax –

Domain servers in listed order: NS1.ESURVEYSPRO.COM NS2.ESURVEYSPRO.COM

Registrant:
Outside Software Inc.
Bd Iuliu Maniu, Nr 7
Corp U, Etaj 5, Birou H
Bucharest, 061072
Romania

Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
Domain Name: ESURVEYSPRO.COM
Created on: 15-Apr-06
Expires on: 15-Apr-19
Last Updated on: 28-Jan-10

Administrative Contact:
Badea, Florentin florentin@outsidesoftware.ro
Outside Software Inc.
Bd Iuliu Maniu, Nr 7
Corp U, Etaj 5, Birou H
Bucharest, 061072
Romania
+40.213192553 Fax –

Technical Contact:
Badea, Florentin florentin@outsidesoftware.ro
Outside Software Inc.
Bd Iuliu Maniu, Nr 7
Corp U, Etaj 5, Birou H
Bucharest, 061072
Romania
+40.213192553 Fax –

Domain servers in listed order:
NS1.ESURVEYSPRO.COM
NS2.ESURVEYSPRO.COM

As a final piece of the puzzle Greensboro Postal Credit Union says (in big red letters):

SCAM ALERT!!
IF YOU RECEIVE A GREENSBORO POSTAL CREDIT UNION CASHIER’S CHECK- – DO NOT CASH THIS CHECK. It Is Counterfeit. If you received this check by US Mail, contact the USPS Postal Inspection Service immediately.

Internet Fraud is on a rise. As more and more people get online, more viruses are created to steal information, and more people see the anonymity of the Internet as a good way to steal, fraud rates will continue to rise.

Common fraudulent acts range from using stolen Paypal accounts to pay for eBay or Craigslist products. Sending people fake checks for significant amounts of money over the selling price and asking for the extra back, or the common “Nigerian 419  Scam,” where you’re contacted (usually via email) for help moving large amounts of money from another country. But they quickly ask you to send a couple of thousand dollars as a “transfer fee” and none of the money is ever seen again.

The first step in reporting fraud is to gather your evidence. Good portions of such reports go unanswered and forgotten because of the lack of evidence. Providing ample and accurate proof will greatly increase the chances of action being taken by Law Enforcement. When reporting fraud and scams, use this template to provide your evidence. Keep in mind that some online forms may not have room for all this info, but it’s good to compile it before submitting.

Name: Address:

Phone Number:

Email:

Other Contact info: (IM ID, Forum Name)

Scammer’s Name:

Address:

Phone Number:

Email:

Other Contact info: (AIM or Yahoo IM ID, Forum Names, AKA names. Also include any other email addresses, phone numbers or physical addresses known. Essentially any way used to contact you should be cataloged here.

Nature of Fraud/Scam:  Give a brief description, i.e. Was contacted by person to

Estimated Value Lost: Use a range for actual goods, or the sell price of the goods. Otherwise use the actual cash value.

Timeline Description: This is the important section. Provide a day-by-day, hour-by-hour account of the transaction and what went wrong. Cut and Paste Chat Logs, Screenshots (if possible,) and all emails. Be sure to present everything in chronological order as it happened.

Links to evidence: Provide links to forum posts, screenshots of emails and IM logs, etc.

There are several places you can report fraud to depending on where in the world you are.

Online Fraud Complaint Forms:

In the United States:

The Internet Crime Complaint Center: <a href=”http://www.ic3.gov”>http://www.ic3.gov</a>

National Fraud Information Center <a href=”http://www.fraud.org/info/contactnfic.htm”>http://www.fraud.org/info/contactnfic.htm</a>

In Canada:

Royal Canadian Mounted Police:

<a href=”https://www.recol.ca/intro.aspx?lang=en”>https://www.recol.ca/intro.aspx?lang=en</a>

Other Countries: Please look in comments below, or post if you know your countries web page.

Once you’ve filled out the online forms, it’s a good idea to directly contact any of the below Law Enforcement Agencies. All of these agencies (except maybe City and County Police Departments) have an electronic crime agency who will take your information. In some cases you may be referred to another person, or group. Expect to get a bit of run around but do not take it personally. Remember to be polite and patient when explaining the nature of the fraud.

Local FBI Office: http://www.fbi.gov/contact/fo/fo.htm

Local Attorney General: http://www.naag.org/

Local U.S. Secret Service Electronics Crime Division: http://www.treas.gov/usss/field_offices.shtml

Local State Police: http://www.statetroopersdirectory.com/

Local County Police Department: Varies, search Google for your County Name, Police Department and Electronic Crimes Division

Local City Police Department: Use the same search term above

If someone scammed you out side of your country, the Federal Trade Commission has a special site for these complaints. https://www.econsumer.gov/pls/econsumer/wimsnery2$com.main?p_lang_seq=1

A lot of scams involve Paypal due to the ease of setting up accounts or stealing the information from others. Their claims page is located at: https://www.paypal.com/us/cgi-bin/webscr?cmd=_comres_flow&trans_id=

Phone: 1-888-221-1161×8232 ; or 402-935-2050

If a company or business scammed you there are a couple of good places to report them to.

Better Business Bureau

FTC Complaint Center

Also be sure to report them to your and their Attorney General’s Office.

The United Postal Service is especially tough on scammers and fraud via Mail. If you sent a Money Order via mail, or goods and didn’t get anything in return they want to hear from you. Their online form is located at: http://postalinspectors.uspis.gov/forms/MailFraudComplaint.aspx

The Postal Service is very tough on fraud and scamming. To help them out it’s always a good idea to use Delivery Confirmation when sending large amounts of money, checks, or even expensive goods.

UPS has an online claim section too, https://www.ups.com/myups/login?returnto=https%3a//wwwapps.ups.com/webClaims/create%3floc%3den_US%26report_type%3d1&reasonCode=-1&appid=CLAIMS

Reporting fraud and scams is time consuming, but every bit helps. If you’re short on time at least submit reports to the first two links. Remember, the scammers aren’t going to stop if they get away with it. All it’s going to take is one or two to get caught as warnings to the rest.

There are more than a few ways to access a firewall.  I will be giving a brief tutorial for one of the more common methods. Called “poking a hole”, or professionally called an SSH back door.  Please, please be careful with this, any script kiddy with 30 lines of code can exploit an SSH server.

This is a great post by IBM detailing it pretty well. If you have any question feel free to leave a comment and I will assist you.

1. SSH from ginger to blackbox.example.com with the -R flag. I’ll assume that you’re the root user on ginger and that tech will need the root user ID to help you with the system. With the -R flag, you’ll forward instructions of port 2222 on blackbox to port 22 on ginger. This is how you set up an SSH tunnel. Note that only SSH traffic can come into ginger: You’re not putting ginger out on the Internet naked.You can do this with the following syntax: ~# ssh -R 2222:localhost:22 thedude@blackbox.example.com

   Once you are into blackbox, you just need to stay logged in. I usually enter a command like:

   thedude@blackbox:~$ while [ 1 ]; do date; sleep 300; done

   to keep the machine busy. And minimize the window.

2. Now instruct your friends at tech to SSH as thedude into blackbox without using any special SSH flags. You’ll have to give them your password: root@tech:~# ssh thedude@blackbox.example.com .
3. Once tech is on the blackbox, they can SSH to ginger using the following command: thedude@blackbox:~$: ssh -p 2222 root@localhost
4. Tech will then be prompted for a password. They should enter the root password of ginger.

Thanks IBM.