unsubscribeOnce of the most common questions I get asked by users is: How do these spammers get my e-mail address? There are a number or methods that these spammers use, and I will focus on the third of these methods, in today’s blog post: By using Subscribe/Unsubscribe newsletter services.

In the 21st century it can be said that “Knowledge and not Money is Power”. The two are closely linked. Knowledge or “data” is a hot commodity on the Internet. Facebook, for instance, has over 1.2 billion users. That is a lot of people and a lot of data! Just think of the value of that data if Mark Zuckerberg (the founder of Facebook) decided to sell that information. What would be the value of that data?

Many times you might receive e-mail in the form of a newsletter that sometimes has a button down below that’s marked “Unsubscribe.”, but will the newsletters really stop if you click on it?

There are many unscrupulous newsletter senders that will sell your email address for a commission. A very common unsubscribe tactic is to send millions of people a false “you have joined a newsletter” e-mail. When users click on the “unsubscribe” link, they are not actually unsubscribing but unwittingly confirming that they are a real person with an active email address, and this typically results in getting more spam, and soon the spam flood will spiral out of control. Furthermore the spammers will then sell their database (containing your “confirmed” e-mail address) to other spammers and unscrupulous marketing firms.

Another vector that spammers use to obtain your e-mail address is through legitimate newsletters. You may often subscribe to a legitimate newsletter service and receive newsletters with not problem, but as soon as your personal information and contact details are placed into the care of a third party (the legitimate newsletter service) you are relying on the fact that their system and database security is adequate and is not vulnerable to hacking and identity theft. Hackers could break in and steal the database of e-mail address of the original newsletter service, and very quickly your e-mail address could be in the hands of spammers and scammers throughout the world!

Another sobering fact is that often marketers and newsletter services gather e-mail addresses and then sell this to a third party. Often this is mentioned in the “Terms & Conditions” when you originally subscribe, giving them the rights to give your details to their “partners” so they can contact you.

This way you become the unwitting victim in the business of selling and exchanging data!

Remember these important tips:

  • Survey Sites tend to generate a lot of junk mail. While many people use surveys as a great part-time source of extra income, signing up for surveys, free gifts, free drawings, etc. often distributes your e-mail to many unwanted mailing lists.
  • Try to keep your junk mail to a minimum by not giving your e-mail address to anybody that you don’t know, trust, or use for business purposes like your bank, business websites, etc.
  • Many different junk e-mails can come from the same source. Once you start “unsubscribing” from these e-mails, you’ll begin to notice that some of the unsubscribe pages look the same.
  • If trying to get information from sites requiring an email address try abc@123.com or similar rather than your own email address. By entering a non existent email address yours doesn’t get logged & targeted.
  • If you cancel a subscription, and e-mail keeps coming, it may be necessary to add the junk mail’s sender or domain to your blocked list.

botnetOnce of the most common questions I get asked by users is: How do these spammers get my e-mail address? There are a number or methods that these spammers use, and I will focus on the second of the methods, in today’s blog post: By using Trojan Horses, Bots and Zombies.

Let us use a familiar example: You regularly exchange emails with your elderly mother who has got a computer. Your mother uses Outlook or Thunderbird and has dozens of emails from you in her inbox. She even added you to her address book. She also has lots of emails from a distant family member – cousin Johan from Australia. You haven’t stayed in touch with Johan that closely over the years, but you definitely know who he is.

Last year, just before the Christmas, Johan downloaded and installed this really pretty Christmas screensaver that showed tranquil tree and candle scenes when he wasn’t using the computer. What he didn’t know was that the screen saver had a sinister hidden payload. While the candles flickered peacefully on his screen, the software went to work combing through his emails and address book, his browser’s cache of past webmail sessions and other files, storing every email address it would find in a separate list.

Then it sent the entire list to a server in Russia, where a criminal combined it with other such submissions to build the ultimate monster spam list that can be sold and resold over and over again.

But as if that wasn’t enough, when the “screensaver” sent the address list to Russia, it received some content in return – messages to be sent to all of Johan’s contacts. Then, unbeknownst to John, his computer started creating hundreds of emails randomly using the harvested email addresses in the To: and From: field along with the content from the Russian server and sent them out using Johan’s Internet connection. One of them used your mother’s email address as sender and yours as recipient.

Now you received some spam from your mother asking you to buy fake watches and you’re ready to speak to her telling her to stop. Well, don’t. Your mother has obviously nothing to do with the whole thing and you’ll never find out that it was actually Johan’s computer.

You just had a look into the really nasty underworld of the Internet where botmasters (the guy in Russia) control botnets (infected computers that all report to the same server) of remote-controlled zombies (Johan’s computer) that were compromised using trojan horses (the screensaver) or similar malware.

And it doesn’t even end there. The botmaster typically doesn’t spam for his own account but hires out his botnet to whoever pays the most. The equally shady factory in China wanting to sell more fake Rolexes can now hire the botmaster to blast their offers all over the internet. The guy in Russia doesn’t even care if you open or click on that email from your mother, he gets paid either way. And when he’s done with the watches, he’ll inform his entire mailing list that they all won the lottery and can pick up the prize if only they pay a small “transfer fee” up front. And after that, he’ll mail a Paypal phish for yet another “client”. And for good measure, he’ll sell his entire email address database, incl. yours, to a friend who is in the same line of “business”.

In other words, once your email address got picked up by a botnet, Pandora’s Box is wide open. The whole scheme is particularly wicked because now you have to depend on others to keep your address safe. Unfortunately, there is little you can do:

  • First of all, do your own share: NEVER open email attachments that you didn’t ask for, even if they appear to come from good friends like Johan. If you’re still curious, ask Johan or your mother first if they really sent it.
  • NEVER download anything where you can’t in­de­pend­ent­ly verify it’s safe. With “independently verify” I mean you can read about it in forums, blogs, news sites, your local “computer geek” etc. Facebook fan pages, even with 1000s of “fans”, do NOT count, they are way too easy to manipulate and are usually full of misinformation!
  • NEVER get fooled by fake “security scans” (they’re quite the opposite!) or “video codec updates” to see that funny kitten clip. If you think you need a new Flash player, type in flash.com by hand and update from there. If afterwards the site still says you need an “update” get out of there as fast as you can.
  • Then educate your friends and family about the same. Explain how trojans work. Send them a link to this blog page!
  • You can try having multiple private email addresses. Keep a super-private one, only for family and very few of your closest friends. (Personally I know they are familiar with the dangers lurking on the net, because I indoctrinated many of them myself.) Then I use my university address for everyone I work with and I don’t use this for private mail – EVER! Then I have a semi-private one for my wider social circle. The latter two do get some spam, although it’s still manageable. I find GMail to have a very good “spam filter”, and blacklisting spammers is very easy!

Thanks to BustSpammers.com for the material.

rumplestiltskinOnce of the most common questions I get asked by users is: How do these spammers get my e-mail address? There are a number or methods that these spammers use, and I will focus in one of the methods, in today’s blog post: The “Rumplestiltskin” attack.

A dictionary or Rumplestiltskin attack is an attack where the spammer floods e-mail servers with usernames selected from a dictionary.It comes from the old Grimm’s fairy story, Rumplestiltskin.

A couple of decades back, when the university’s e-mail system was still very primitive and e-mail addresses were limited to 8 characters, most personnel at the university had simple names like ab@sun.ac.za, aa1@sun.ac.za, bv@sun.ac.za. It is relatively easy to make up a list of common letter combinations and just add @sun.ac.za onto it to create a e-mail list. Add to that common  role-based accounts, such as admin, help and support, as well as adding the latest Baby Names list and you have a list that can be used to launch a Rumplestiltskin attack.

If you send  E-mail to Unknown Users or address that do not exist, Why bother?

Firstly rather than spammers buying a list from other spammers, they can just spam to any possible name they can generate. It might seem rather inefficient but sending email is cheap.

The second reason – which is far more sinister – is that spammers use these techniques to generate lists of valid email accounts. They first send to a generated list and when they do get a response or the receiving mail server doesn’t answer back and say “unknown e-mail address”. This allows them to either sell these lists of “verified” emails or be more accurate in their other spamming activities.

With this second reason in mind, you should be able to see the danger of replying to these mails or filling in the “opt-out” option, that is commonly included in such mails, or by setting your “Send delivery receipt” to automatic on your e-mail. As soon as these spammers realize that there is a real person at the other end of the e-mail, they will increase their spam. They get paid to send out the mail, not for how many people respond to them.

Apr
14

wordpress-under-attack-cropSince 12 April 2013, the WordPress blog system world-wide is facing its most serious coordinated brute force attack. Some WordPress hosts have reported that they have blocked as many as 60 million requests against their hosted WordPress customers in a single hour.

This attack, which targets administrative accounts, appear to be coming from a sophisticated botnet that may have as many as 100,000 computers, based on the number of unique Internet addresses the attacks are coming from.

…And Internet security experts have estimating that the botnet has the power to test as many as 2 billion passwords in an hour.

WordPress users should always make sure that their passwords, especially for admin accounts, are long and not guessable from a password list. Of course, that’s good advice for just about any password you use, but it’s especially applicable right now.

While it’s difficult to tell what the aggressor is trying to accomplish with this current round of password cracking, the consequences could be disastrous. It has been suggested that the perpetrator could be trying to upgrade a botnet composed of ordinary PCs into one that is made up of servers.

Last year, a brute force attack against Joomla sites created a server-grade botnet, created with a tool called Brobot, that overwhelmed US financial institutions with DDoS attacks.

One risk is that personal bloggers that set up WordPress installations might not have thought to set up a highly secure password. However, it’s not just the blogger’s posts that are at stake, as the attacker could potentially use the login to gain access to the hosting server, a more valuable prize that could cause even more damage.

This botnet is going around all of the WordPress blogs it can find trying to login with the “admin” username and a bunch of common passwords.

If you still use “admin” as a username on your blog, change it, use a strong password, and better still change the name of the admin account to something else, which will certain block the botnet attack.

I personally run 7 WordPress blogs, excluding this GERGABlog, and a year or so ago, after a attack crippled 3 of the sites, I removed the default “Admin” account and had set very strong passwords on all of them.

On Friday evening I installed a small plugin, recommended by my hosting company, which blocks an Internet address from making further attempts after a specified limit of retries is reached. I set the plugin to log all Internet Addesses that had been locked out, and after barely 30 minutes, 3 of my 7 blogs had logged more than 5 Internet addresses that has tried to attack my blog and had been locked out. I could see that the attack was underway and was very glad that my paranoia had paid off!

Mar
18
Filed Under (Tips) by dw on 18-03-2013

chainAll software has defects (known as bugs) and bad design — which make computers vulnerable to attack. The Windows operating system, Office suites, media players, browsers and browser plug-ins are just a few examples of software that are open to attack.

An Attack vector (or just vector) is a specific computer-system vulnerability, along with the path and method that exploits it. It’s just a particular way to gain access to a computer in order to install malware, gain external control, or extract user data. (You might have a state-of-the-art burglar alarm at home, but if you leave the back door unlocked to let the cat in, you have created an attack vector)

There are other places to attack computer systems besides the software. The human element — the component between the chair and the keyboard — is often the most vulnerable part of a computer system. In humorous terms, this is known to computer geeks as a PEBKAC error. (Problem Exists Between Keyboard And Chair)

Email attachments have been the classic vector to use against humans. Email messages entice or alarm users, to open malicious attachments. Once opened, these attachment do the dirty work, often with the willing permission and participation of the victim. These attacks rely on deception to get past defense systems.

Along with attachments, email messages, downloaded files, infected webpages, videos, popup windows, instant messages, and social media (blogs, Facebook, Twitter) are vehicles for many popular attack vectors.

One Ring to rule them all! This saying comes from the “Lord of the Rings”. Often people become victims of online fraud by using the same password  or usernames on multiple sites, including social media sites and Internet banking sites. Your online banking site and Facebook profile should never have the same password. Facebook is easily compromised, opening up a vulnerability to your Internet banking security.

Take a look at your online presence. How much information is out there about you that could be pieced together to scam you? Your name? Email address? Friends’ names? Their email addresses? Are you on, for example, any of the popular social networking sites? Take a look at your posts. Anything there you don’t want a scammer to know? Or have you posted something on a friend’s page that might reveal too much?

Passwords: Do you use just one password or easy-to-figure-out variations on just one? If you do either, you should not. You are making it easy for a phishing scammer to get access to your personal financial information. Every password for every site you visit should be different. Random letters and numbers work best. Change them frequently.

 

nessieWhat is a Virus/E-Mail Hoax?

Have you ever received an e-mail message that includes something like the following:

  •  A warning of a new virus that you should send on to everyone you know.
  • A warning of a scam that you should send on to everyone you know.
  • A petition to help the needy or some cause that wants you to forward it on to those who might be interested.
  • A get-rich-quick scheme that claims if you forward on the message you’ll receive money for each time it’s forwarded.
  • A claim that for each email sent someone in need will be helped by another organization.
  • A warning of a new virus or a scam that was sent out apparently by an organisation that is perceived as being legitimate and informed – like the South African Police.

These 6 scenarios account for almost all the virus and e-mail hoaxes you will see, and in almost all cases anything that follows any of these guidelines is a hoax, false, or an outdated petition that is just “floating” around the Internet. Before you consider forwarding any email that asks you to forward it to anyone else you should be able to do the following:

  •  Check the original date the message was created and sent.
  • Check the original sender of the message.
  • Check how many times the mail has been forwarded (Several FWD: Or Forwarded: in the subject line will be a clue)
  • Check any quotes made by any organizations mentioned with specific URL’s (web addresses) that backup the claims made in the message.
  • If the e-mail is for a cause, check the date of any action mentioned and/or the specific piece of legislation that is mentioned.

In general it is considered very bad manners  to forward a message on to a large number of people.

Why these Hoaxes Cause Problems?

Imagine if someone receives a message that tells them to forward it on to “everyone they know.” If  this person forwards the message on to 100 people, (which is not uncommon) and just a few people forward this message onto to another large group, the message will be duplicated thousands of times in a short period of time, often just hours.

A few thousand extra e-mails result in a bunch of wasted disk space, clogging of network bandwidth, and most importantly the complete waste of time for many professionals and, possibly, your friends all over the world. This simple e-mail hoax may cost thousands of dollars in wasted time by everyone involved. Consider the man hours wasted in dealing with these hoaxes and what is costing the organisation.

Furthermore the organisation is employing people to do a job and if these employees waste time sending out mail instead of doing their work, they are essentially robbing the organisation

What is equally disconcerting is that there might be a message that is true, or contains some important information, that is ignored because most of the previous e-mail have been hoaxes. (The old fairy tale of “The boy who cried wolf” is a good example)

 How to Tell if a Message is a Hoax?

Below is a message about a supposed screen saver that will wipe out your hard drive and “steal your password.” You can read about this virus hoax at http://www.symantec.com/avcenter/venc/data/buddylst.zip.html

Read after the message for some tips on how you can tell this is obviously a hoax.

 Subject: [Fwd: Beware of the Budweiser virus–really!]

 This information came from Microsoft yesterday morning. Please pass it on to anyone you know who has access to the Internet. You may receive an apparently harmless Budweiser Screensaver, If you do, DO NOT OPEN IT UNDER ANY CIRCUMSTANCES, but delete it immediately. Once opened, you will lose EVERYTHING on your PC. Your hard disk will be completely destroyed and the person who sent you the message will have access to your name and password via the Internet.

 As far as we know, the virus was circulated yesterday morning. It’s a new virus, and extremely dangerous. Please copy this information and e-mail it to everyone in your address book. We need to do all we can to block his virus. AOL has confirmed how dangerous it is, and there is no Antivirus program as yet which is capable of destroying it.

Please take all the necessary precautions, and pass this information on to your friends, acquaintances and work colleagues.

End of message.

EMAILCHIEF

 First, take look at the following text:

“This information came from Microsoft yesterday morning.”

The words “yesterday morning” are quite a clue. When was yesterday morning? Obviously not yesterday. What about Microsoft? If they are making some sort of announcement where is the web site address with this announcement? Why would Microsoft make an announcement about some random virus that has nothing to do with their company?

Please pass it on to anyone you know who has access to the Internet.

Anything that asks you to “pass it on to anyone you know who has access to the Internet” is a big flag. Any official group (Microsoft, AOL, etc.) are the last ones to ask you to forward e-mail to everyone you know. This goes against standard Internet policies and good etiquette. It just clogs up disks, networks and wastes everyone’s time.

“AOL has confirmed how dangerous it is…”

If AOL had confirmed anything they would certainly have a URL with this statement. Furthermore, what does AOL have to do with this? Finally, AOL is not an official virus reporting agency. You want to see things like CERT, Symantec (they make Norton AntiVirus), McAfee, F-PROT (they make F-PROT F-Secure), etc.

The following statement is a big sign:

“…and there is no Antivirus program as yet which is capable of destroying it.”

By the time the message gets to anyone, if the virus was for real, all the major antivirus programs would already have a check for this. Generally it takes just one or two days for a big company like Symantec, McAfee, or F-PROT to come up with a check for such a virus.

Finally, we have this:

“…the person who sent you the message will have access to your name and password via the Internet.”

What password? What do they mean by “via the Internet”? If you do store any of your passwords on your machine (e.g. dialup, in Eudora, etc.) it’s encrypted. Furthermore, suppose it’s some super virus and it can decrypt your passwords in certain circumstances, then what? Is it going to mail the password back to its creator? Now the South African Police can track them down easily and arrest them? None of this makes much sense. Many e-mail hoaxes make ridiculous statements such as this.

Where to Check if a Message is a Hoax

Before you consider forwarding a message about a “virus” or a petition, always check your sources, just because your elderly mother sent it from her computer, or the e-mail has a South African Police or SARS logo on it, doesn’t necessarily tell you that it is legitimate or true. Sometime a simple Google search with key terms will immediately give you an answer, often within a couple of seconds.

To check if a message is a hoax you can try out the following sites:

Snopes Urban Legends Reference Pages

http://www.snopes.com/

Symantec’s AntiVirus Research Center Virus Hoax Page

http://www.symantec.com/avcenter/hoax.html

 

May
28
Filed Under (Uncategorized) by dw on 28-05-2012

Social networking services like Facebook are dangerous. You lose your privacy and open yourself to a number of risks.

For example, two masked robbers robbed the wrong home, hours after a teenager posted a photo on Facebook of a large pile of her grandmother’s savings.

Police in New South Wales, Australia, said that the men, armed with a club and a knife, struck at the home of the 17-year-old’s mother in the country town of Bundanoon on Thursday night, but were told the daughter no longer lived there.

The bandits searched the house and took a small amount of cash as well as other property before leaving. No one was injured.

Police said that earlier in the day the girl had posted a picture on her Facebook page of a “large sum of cash” she had helped count at her 72-year-old grandmother’s home in Sydney, 75 miles north-east of Bundanoon.

No matter how “cool” or convenient Facebook is, it is always important to keep a close watch on its security implications. Each of these services comes with its own set of security concerns which can put your information
systems and/or personal data at risk. (the incident above is one such example)

For example, you have posted an update on your Facebook profile say: “Looking forward to the family holiday next week at the beach house.” Although these might seem relatively harmless, the third bullet point could raise some concern. You have just told all your friends, as well as all their friends, that you will be away from home for a full week. This is comparable to putting a sign on the main road that shouts “Empty House” for passers-by to see. Even if you have a burglar alarm or neighbors keeping an occasional eye on the home, you still don’t want to create the temptation for strangers (Friends of Friends) to consider helping themselves to the contents of your house.

This is just one of the risks you might encounter when using Facebook, and this is one to the reasons why I prefer to steer away from social networking services. You rarely know or meet your “friends”, and this exposes you to unacceptable risks to your personal safety! Optimism aside, the world is full of mean-spirited people who would want to exploit and harm you. Be careful!

 

Mar
08
Filed Under (Tips) by dw on 08-03-2012

Each day, almost 3,000 laptop computers are stolen. Many of these thefts could be prevented. Here are some practical steps you can take to prevent your portable notebook computer from becoming a police statistic.

  • Lock your notebook in your office during off-hours.
  • Whenever possible, take your laptop home with you so you always know where it is.
  • Review and understand the laptop insurance coverage included in your business and homeowners’ policies to ensure that you have coverage for theft.
  • Keep only the most necessary proprietary information on the laptop.
  • Do not load passwords on the laptop, particularly those allowing remote and email communication with clients or the office.
  • Never leave your laptop unattended in a public place, even for a moment!
  • Consider installing a boot-up password, available on most laptops, so only users with your password can access the hard drive.
  • Back up your files and store them in some place other than the laptop carrying case.
  • Consider engraving the company name or some other identification on the laptop cover.
  • Be especially cautious about installing software from unknown sources—it may contain a virus.
  • Pay attention to where you use your laptop. Be aware that someone behind or next to you can see your computer screen. This is especially true on an airplane.

When Traveling

  • Carry your notebook in a strong, padded,nondescript bag. Do not use a carrying case that advertises there’s a computer inside.
  • Never leave a laptop in full view in your car, and never check the computer as luggage at airports.Do not leave your laptop unattended.
  • At airport checkpoints, be observant. Don’t place the laptop on a conveyor belt until you are ready to walk through the checkpoint.

Laptop & Data Security Tools

Several effective laptop and data security options are available to protect your equipment from theft:

  • IBM has “secure” notebooks that are equipped with Asset ID, a radiofrequency-based security and asset-tracking technology.
  • Automatic online backups by Toshiba prevent anyone from reading the data your computer sends without your pass phrase. Information is encrypted before your PC transmits it.
  • Track-it is a product that blasts a sonic alarm if you get more than 40 feet from your laptop to alert you that it has been left behind.
  • A software program, CompuTrace, calls in with its location to a Central Monitoring System. These calls are made at regular intervals, providing the electronic serial number, phone number (from which it is calling) and other traceable information.
  • For some inexpensive ways of reducing laptop theft, try security cables, stands, AnchorPads and boxes that offer good protection.
Mar
02

Moodle and Blackboard are both popular online LMS solution (Learning Management System) with which the Faculty of Health Sciences can develop complete online courses that can include multimedia content.

How do the two compare to each other and what are the benefits unique to each course delivery system?  Let’s explore some of these benefits of  Moodle and Blackboard.

Firstly let’s clear the deck and note what Moodle and Blackboard are.

Moodle is an Open Source Learning Management System that is provided freely and can be run on many operating systems. According to the Moodle website it is “free to download, change, share, improve, and customize to whatever you want it to be,”. Therefore, any lecturer can use it to build or supplement a course.

Blackboard on the other hand is a proprietary Learning Management System and its use is typically limited to institutions like the university which pay a sizeable fee each year to take on a license agreement for its use. Each and every student at the university pays a small amount every year for the licencing.

Moodle’s is definitely the gawky teenager here. It is constantly in a state of development and improvement, there’s no waiting for the company to fix a bug or impove the program. Being “open source” each and every user has a unique opportunity to contribute to the development of the product.

The new features of Moodle mostly centre around increased usability, these include: easier navigation, improved user profiles, community hub publishing and downloading, a new interface for messaging, and a feature that allows teachers to check student work for plagiarism. Text formats will also allow plug-ins for embedded photos and videos in text (but Blackboard allows for this too).

A major improvement over previous releases is that anyone can set up a community hub, which is a public or private directory of courses. Another notable feature is that Moodle now allows teachers to search all public community hubs and download courses to use as templates for building their own courses. Also, teachers can now see when a student completes a certain activity or task and can also see reports on a student’s progress in a course.

Many small scale open source platforms require that users support the product themselves, getting their “hands dirty” tweaking and improving the hard way – of course using the open source community as their primary resource. However Moodle has an advantage, it has become so popular that a small industry has evolved around it, providing a wide range of support and services. Two of the most popular support and hosting services are  Moodlerooms and Remote-Learner.

Blackboard Learn is Blackboard’s newest and most innovative upgrade to its Blackboard Learn package.

Improvements in its uses for higher education include course wikis (Moodle improved theirs as well), blogs and journals that stimulate conversation and reflection on a course, and group tools that make group collaboration and communication easier than the previous version. Its most notable feature is its Web 2.0 interface, which makes it easy for educators to navigate when adding content to an online course and for students to navigate when accessing course content.

Blackboard Learn now incorporates Blackboard Connect (of course at an additional cost), which alerts students to deadlines, due dates and academic priorities within a course. The new release also allows educators to more easily incorporate videos and photos directly into text for a more complete learning experience.  Finally, Blackboard features Blackboard Mobile Learn (also at an additional cost – and why am I not surprised), which lets students connect to their online courses using various handheld devices, such as the iPhone or iPad.

So, what are the biggest differences?

Features & Functions: Both of these tools have a lot of different functionality available, either natively, or through add-on types of functionality. If different functions are going to be the deciding factor in selecting one of these versus the other, you will really need to drill in and compare and decide for yourselves which features and functions will make the difference for the Faculty.

Cost: This is clearly different. As an open source product, Moodle is simply less expensive. Blackboard is sort of the “Rolls Royce” of today’s LMS, and there are users of the product who would tell you that if you want the best LMS money can buy, you should make the financial commitment to Blackboard. On the other hand, if you want a premier product for a much lower cost, Moodle is really the way to go. Another thing to be aware of is that Blackboard builds substantial annual increases into their pricing model, since they are continually procuring and integration additional products into their offerings, with the intent of adding value for their users.

Product/vendor model: As indicated above, Moodle and Blackboard are very different products with very different vendor models. One is open source, and there are many support and service vendors to choose from, while the other is proprietary and there is just the one company to work with. How that impacts your decision is up to you and your institution to determine.

Nov
23
Filed Under (Editorial) by dw on 23-11-2011

ISPA names and shames South Africa’s biggest spammers and email address resellers in their Hall of Shame

The South African Internet Service Providers’ Association (ISPA) updated their “Spam Hall of Shame” recently, naming and shaming the country’s spammers and e-mail address resellers.

Until recently it was mainly the embarrassment of appearing on this list which made it a deterrent to spammers, but an announcement by a local firm that it is using this data in fighting spam changes the game.

Pinpoint SecureMail said that they are integrating the Internet Service Providers’ Association (ISPA) Hall of Shame anti-spam watchlist in their e-mail protection software.

According to Yossi Hasson, managing director of Pinpoint SecureMail development company SYNAQ, this means that all companies listed on the ISPA spam Hall of Shame are immediately given an extra weighting on SYNAQ’s spam algorithms and are quarantined.

In the first three weeks following the ISPA Hall of Shame integration into Pinpoint SecureMail, SYNAQ identified and blocked 146,926 spam messages sent out by companies included in the list.

The latest spammers and email address resellers listed in ISPA’s spam hall of shame are as follows.

South African spammers:

  1. Dynamic Seminars
  2. New Heights 1268 / Jaco Derksen
  3. SA Webs (not SA Web Design)
  4. Ketler Presentations
  5. Brain Power
  6. Worldclass Mobile aka Marketing House
  7. World Class Products
  8. Kaleidoscope Advertising and eMarketing
  9. The Peer Group
  10. The SA Consumer Initiative
  11. Pinny Barak – Bizweb
  12. Promo Mail SA
  13. Greycell cc / Bad Credit Loans
  14. Eddy Wines
  15. Jake The Transporter
  16. Drive Car Sales / Justgroup-Africa
  17. No More Debt / Debt Free Living
  18. Marketing Now
  19. Body and Mind
  20. SA Passport
  21. Front Foot Events
  22. Plum Solutions
  23. Eezi Marketing
  24. Craig Sneeden C2IT
  25. Winners Circle
  26. Richard Catto
  27. Jimmie Somers
  28. South African Centre for Health Management cc
  29. African Experience Golf Tours
  30. FiF 247 Information Services
  31. Kevin Croft
  32. Tom Goldgamer
  33. Top In
  34. Master Lists
  35. Bulk eMail services
  36. IITA
  37. Kidz Memoriez
  38. Bidding Buzz
  39. Grunder Marketing
  40. SaveHost
  41. WebSites4SA – Johan Steyn
  42. Flossnet.org.za
  43. Marketing Counts
  44. Manhattan Hotel

Address resellers:

  1. Mark Tribelhorn
  2. Affordable Construction
  3. Rain Marketing
  4. Peter Van Wyk – Media Online (not The Media Online)
  5. Mandy Simone
  6. Timothy Heston
  7. Jonathan Schoeman: BP Media & SMSCity
  8. Verosha Bisnath
  9. ListSA
  10. Email Marketing South Africa
  11. Web Marketing Today
  12. All Things SA
  13. Data Corp SA
  14. Trinity Designs
  15. Trevor Jones
  16. MailMagic
  17. DataInc
  18. Jannie Pretorius, Group3Properties
  19. Silent G
  20. Michael Fraser, Pink Soda Marketing
  21. Graham Naude, Eezi Marketing
  22. Marketing Now
  23. Abram Morake
  24. Aqua Direct Marketing
  25. Master Lists SA
  26. Bulk eMail services
  27. marketing.counts@gmail.com
  28. Tony Baker – SA Data Marketing
  29. Lowveld Media

Staff Writer – MyBroadband.co.za