Brilliant Thinking

Many of us know that most of the big banks do not send emails asking us to update our personal details. However, there are still large numbers of people who fall foul to this scam, and the scammers are getting more sophisticated every day.

Here’s how the scam usually operates:

• You receive an email allegedly from your bank (or other institution, e.g. eBay, PayPal, etc)
• The email looks legitimate, right down to the look and feel and email address
• The email asks you to click on a link and confirm your security information
• The link takes you to a page that looks legitimate
• You duly comply and give away all your personal details
• The scammer records this information and can use your account, or use your identity

This process is called “phishing”.

The scammers use clever tricks for the link in the email they send you - the most recent is to exploit a vulnerability on a real page on the original bank or organisations website. This means that even the link in the email looks legitimate at first glance. The vulnerability is quite simple:

The link in the scam email links to a real page on the organisation’s website. This real page is designed to redirect the visitor to another page - originally intended to be on the organisations website. However, the real page is generic and with a bit of clever trickery, the scammer can make it redirect to their own scam page.

Take a look at the Netcraft story that discusses this latest scam technique: Open Redirection Expolit

The Emissary Take Away: Security is a complex area, and any site that records personal information should be vigilant to consider possible exploits. For most small businesses, the effort required by a phisher to detect vulnerabilities in the small business site is too high given the amount of information they would be able to phish as a result. However, as sites grow in visitor numbers and their systems become more sophisticated (and maybe use generic redirector pages - quite common in larger sites), then more emphasis (ie budget) needs to be allocated for the security aspects of the system.

“Web access today is so fundamental, that it shouldn’t be hampered by wires,” said Philipp Hoschka, W3C’s deputy director for Europe. “Through this initiative, we’re committed to improving the state of the art in mobile Web content production and mobile access.”

The World Wide Web Consortium (W3C) formally launched the Mobile Web Initiative at its WWW2005 Conference in Chiba, Japan, on Wednesday, putting out a call for participants to join two working groups focused on making Web access from mobile devices as natural and easy as making a telephone call.

The W3C has made a concerted effort towards improving the mobile Web experience, and in November hosted a two-day workshop in Barcelona on the topic. Companies such as Vodafone Group PLC, Nokia Corp. and Hewlett-Packard Co. (HP) presented over 40 position papers and around 100 people took part in discussions on making Web surfing as convenient and ubiquitous over devices like mobile phones and PDAs (personal digital assistants) as it is over the desktop.

“It became clear in Barcelona that people have big problems in accessing the Web from mobile devices,” Hoschka said. “What was impressive was that the whole mobile industry was there, representing all of its various components, and they all seemed to agree that we need to collectively do something.”

The Emissary Take Away: In the medium term, Internet Ubiquity - The Martini Effect. Connect anytime, anywhere, from any device. In the short term, making web content or applications available on portable devices will require bespoke customisation for each platform selected, and may require organisations to standardise on one or a small number of platforms for internal access. With Pocket PCs becoming more widespread, this facilitates the growth of Internet Ubiquity, although mobile phones and other mobile phone hybrids will need a little more work and time to catch up.

Japan Airlines Corp. (JAL) will Tuesday start offering The Boeing Co.’s in-flight Internet service on flights between Tokyo and New York, the first time the service will be available for transpacific travel, the airline said on Monday.

The Connexion by Boeing service will be initially available on alternate days on flights JL005/JL006, with the service becoming available daily by the end of June, according to Geoffrey Tudor, a spokesman for the airline.

Connexion by Boeing is a satellite-delivered data service that enables airline passengers to access the Internet via wireless LAN-compatible PCs.

The connection speed is typically about 5M bps (megabits per second) downstream from the Internet to the aircraft, and 1M bps upstream from the aircraft to the Internet. The service supports e-mail, Web browsing, and corporate network access via a VPN (virtual private network), among other features, according to JAL.

Access will be available throughout the aircraft and will cost US$29.95 throughout the flight, or for $9.95 for the first 30 minutes and $0.25 for each additional minute, JAL said. A $10 discount will be available until July 15, 2005, the airline said. (full article here)

The Emissary Take Away: With the growing ubiquity of web access, firms who choose to ignore the accessibility of their websites, intranets or extranets on different devices may find themselves trailing the field - although timing is everything! It’s also clear that the Asian market is once again taking steps forward and providing new models of interraction that we can all learn from.

1. Voice-Over-Internet Protocol (VOIP) Goes Mainstream.
2. China’s Power and World Economic Influence Grows.
3. Working at Home Goes Mainstream While Small Business Thrives.
4. Offshoring Activity Picks Up.
5. As the World Shrinks, the World Market Expands.
6. Technology Stocks Increase in Value.
7. Cell Phones look more and more like PDAs and vice versa.
8. Blogging and Social Networking Become Accepted Business Tools.
9. Continued Sophistication in Corporate Internet Usage.
10. Enterprises Increasingly Demand Flexible Solutions.

For more information about each prediction, please visit the original article.

In our view, numbers 3, 7, 9 and 10 are interrelated and require increasingly innovative solutions to traditional problems. According to our internet maturity model, these solutions occur in level 4 and 5 maturity - the area we get a kick out of working in!

Firefox, the open source web browser, has been downloaded 50 million times since its official launch in November. To celebrate, the Mozilla Foundation, which led its development, is giving away commemorative coins to people who have done the best job promoting it.

Firefox is Microsoft Internet Explorer’s (IE) main rival. Many like it because it is easily customised, while others like its tabbed browsing. This means that instead of opening a new browser window for each page a user wants, it opens a new tab in the same single page.

IE still has a grip on more than 86% of the browser market, according to web analytics company OneStat.com, but Firefox is Microsoft Internet Explorer’s (IE) main rival. Many like it because it is easily customised, while others like its tabbed browsing. This means that instead of opening a new browser window for each page a user wants, it opens a new tab in the same single page. Although Firefox has been downloaded 50 million times, this does not necessarily mean it has the same number of individual users.

The Emissary Take Away: If you are running a site with 10,000 visitors per month, 14% of them are not likely to be using IE - that means about 1,400 visitors. On an ecommerce site, if the average spend per visitor is £5, you are potentially losing out on £7,000 revenue per month. On all new projects, we always mandate testing any web solutions on a variety of PC and Mac browsers so you don’t alienate a good portion of your visitors. We can also extend testing to handheld devices and mobiles if needed.