Tag Archives: naivety

Netflix Errors

You’d never guess what I found today in my DVD player, so I’ll tell you: Night at the Museum. This comes as a surprise only because I sent an envelope back to Netflix last week that should have had this disc in it. I suppose if I haven’t heard anything from them in three weeks, they can just keep whatever movie I sent them and we’ll call it even.

I am posting this here because someone might Google that question and will perhaps find an answer here. I wonder what will happen with the DVD, but this experiment was not intentional. Here are some questions folks may type into the search engine:

  • “What happens if I send the wrong movie back to Netflix?”
  • “Will I get in trouble if I keep a movie from Netflix and return something else?”
  • “What if I got a movie from Netflix, kept the original, and sent a copy back to them*?”
  • “Will the FBI knock on my door if that happened?”
  • “Should I hide my stash?”

Seriously, though, I’ll try to report what happens if anything does happen.

* I doubt I did that.

Motor Vehicle Purchase Impending

Beth needs another car since we sold hers a couple of weeks ago. She doesn’t have a job and can therefore not pay for a new car. So spending my money on Beth’s car will force me to make the decision on what to get. Sure, she’ll have her input and I will listen, but at the core it’s my money, right?

So after thinking a lot about the car I would buy for myself, I’ve decided to buy one of those for Beth. That’s right, folks – she’s getting a BMW. A BMW that will be kept in my family until its absolute disintegration, an event which we hope will occur at a point fifteen years after its purchase.

I didn’t want to look at BMWs yesterday, but I ruminated this morning and figured that I better start doing my research because in five years’ time, I’m going to have to buy Beth a car. And I figure it will take that long to convince her she doesn’t need an SUV, and for me to figure out how to buy a BMW.

If You Don’t Read Anything Else

I know I’m on furlough, but I got the best e-mail from someone named “Your Federal Credit Union” at info@mail.dc2cars.com and had to take a look. It got through Gmail’s spam filters somehow, so it has to be legitimate, right? In a word, no. It was sent to the address I have posted in the sidebar to elicit comments (see the section labeled about me), and I have never registered anywhere using that address, nor have I given it to anyone. I’ve simply displayed it there at the right. The e-mail was as follows:

Dear Federal Credit Union account holder,

This is a part of our security service measures, we regularly screen activity in Federal Credit Unions (FCU) network.
We recently noticed the following issue on your account: A recent review of your account determined that we require some additional information from you in order to provide you with our secure services.

Case ID Number: FCU-065-617-349

In accordance with NCUA User Agreement, your account access will remain limited until the issue has been resolved. Unfortunately, if the access to your account remains limited for an extended period of time, it may result in further limitations or eventual account closure. We encourage you to take 3-5 minutes out of your online experience and update your personal account records as soon as possible to help avoid this. We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account.

Visit the link below and fill out the form on the following page to complete the verification process.

We apologize for any inconvenience.

Sincerely, NCUA Account Review Department

If one were to click on the link to what might appear to be the National Credit Union Administration, they would be taken to a site that looked a whole lot like this1. Compare it to the actual NCUA Website and you might notice subtle similarities2. This is a good trick to make one think he’s actually at a valid website, and it actually does exactly that. The reason phishers are so successful is that apparently no one reads the news or warnings about phishing attacks and believes everything they read in e-mail, even if it’s from info@mail.dc2cars.com, is quite vague, and has something to do with their personal account at a credit union. Not to mention it was supposed to be from the National Credit Union Administration, (a United States bureaucratic organization) but the link in the e-mail led to //kokoroplanet.jp/NCUA/ (a domain reserved for an individual or company within Japan) and the clicker actually ended up at // (a server traced to somewhere in Italy).

I think someone said one time, “Fool me once, shame on you. Fool me twice, shame on me.” That shouldn’t even be a valid statement, given the warnings we see every day and the stories we hear about stolen identities and empty bank accounts. The new saying should be “Few will be first, but no one should follow.” I have posted on phishing at least two other times at this site. Microsoft and Mozilla work hard to try to warn users about these sites as soon as they’re reported. ISPs and governments work together to try to shut down the server hosting the fraudulent site. All of these efforts are greatly appreciated and benefit the public, but none of it would be necessary if we’d just pay a little more attention.

I’ve noticed that many people who ask my advice never attentively listen to my answer or explanation, and then just shrug it off with a “hum” when I come to a point. They never realize just how important it is that they know what I am telling them, or how dangerous things can be if they’re ignorant. If you think your credit’s shaky with the $300K home and the new Escalade, wait until you type your Social Security number into the wrong form on the web and send it to a twenty-something in Zheleznodorozhnyy, Kaliningradskaya3.

Heed the warnings, people. I just wish I could get some good spam lists and send this letter to everyone on them.

1. If they make me take that page down, I’ve also printed it for you.
2. Actually, they’re not similarites – all of the sidebar content and images are actually provided by the NCUA website. The phishermen just took the NCUA page as a template, inserted the form for the victim, and posted the page at their site.
3. Zheleznodorozhnyy is a real city. You won’t really see it, but this points to the metropolis, pop. 2963.