Friday evening is as good a time as any to migrate your websites. The time had come to move away from SiteGround after being with them for four years.
After inventorizing my websites I decided to delete most of them. Most of those website were never updated and some only had only one or two blog post. At most, some had ten posts written over a few years.
I am a chronical procrastinator. There, I said it and you read it. That’s why I have been post-phoning finding a new home for this blog for over two years.
It really was in need of a new home, though. In the past few years, the hosting company where it was previously hosting has been “improving” in all the wrong directions. Prices kept increasing each year, and performance went down.
This is a simple blog, which runs only a few plug-ins and yet it still ran poorly on the old host, despite enabling all their “amazing features” to make your site better. It was often slow, I kept getting messages that it wasn’t available when I wasn’t looking and enabling caching made the site worse to interact with, not better.
I might write a blog post about OldHost in the future, although their reputation of becoming significantly worse has preceded my blog post. It would most likely be a drip in the ocean of affiliated blog post praising their product, but I feel like it’s something that needs to be said.
But first, I have some more sites to migrate so they can become roommates of my personal blog. Speaking of which, I hope I’ll be able to write some more posts in the future. Maybe some blogs won’t make the cut while migrating them so I can focus on only a few.
by Steven Zeegers·Comments Off on Deconstructing an SMS scam in 4 steps
This morning, I was woken up at dawn because of an IT emergency. My mother had received a text from the FOD Financiën, telling her she owed them 11,50 for which they’d sent a debt collector. She sort-of-feared that this text message was real but also expected it to be an SMS scam. You can see the text she received below.
Since I was up anyway, I decided I would deconstruct the scam. And if I have to get up early, you get to suffer with me so I’m writing this blog post.
Of course it’s an SMS scam
Our government agencies don’t use SMS to communicate and there are plenty of reasons to believe this is a scam. The domain name gave it away, because our government doesn’t use .com domains. And I’m sure they won’t be sending a debt collector over €11.
1. The domain name
The domain name for this scam is financien-overheid.com as you can see in the text. That allows us to lookup where the domain name is registered. I prefer using https://who.is to found out who the registrar of a domain name is, mostly because it’s so easy to remember.
This taught me that the domain name has been registered with Namecheap. I used that information to file a complaint with Namecheap about the domain. We’ll see what they do with that information, but I’ve done my job.
2. The hosting company
To find out where the website is hosted, we have to take a look at the IP address.
Finding the IP address is pretty simple. You open your Command prompt or terminal and ping the domain name. Doing so will teach you what IP address the domain points to. Inthis case, the IP address is 188.8.131.52
Now, we need to find out who that IP address belongs to. To do that, I’m going to https://whatsmyip.com and use their IP WHOIS tool. You can find this tool here:
This teaches me that the IP address belongs to a German hosting provider, Combahton GMBH. Since I just filled in a long form for Namecheap and web providers are notoriously unwilling to cooperate I just call them out on Twitter instead of trying to figure out how to file a complaint. Yay, slacktivism!
3. The website
You should never, ever visit a website of a subspect scam mail unless you know what you’re doing. Don’t let this section trick you into believing that it’s safe to do so!
I was curious about the website of the scammers, so I gave them a visit (using Tor and a Linux VM, of course). Unfortunately, there wasn’t much to see. It appears that the URL they provided through the URL redirects you to a real website of the FOD Financiën – a page that returns a 404 error anyway.
So I ended up learning nothing about the scam website. Or perhaps I’m not smart enough to figure out why they’d redirect people to a real website. That’s also an option.
4. The phone provider
Finally, I wanted to find out who the phone provider was. Our scamming friend appears to be sending his messages from a mobile phone number which belongs to Mobile Vikings. Since I have been a satisfied customer of those guys for ages, I contacted them on Twitter. They immediately forwarded the complaint to the proper department. Now that’s customer service!
But you might be wondering how I found out that the phone number belongs to Mobile Vikings. It’s pretty simple! Just Google “lookup phone carrier” or the equivalent for your language and you should find websites that’ll allow you to lookup phone carriers.
In my case, I ended up on the website https://www.crdc.be which pointed me in the right direction.
What can you do?
As you can see, it’s not that hard to deconstruct an SMS scam. There’s plenty of information that you can find. The next step is to then report the scammer with all the providers they are using. That might not be as easy as finding the information, so you’d need to have some patience.
However, even more important is to educate your user(s). Sure, I might have been woken up earlier than I wanted, but my mother had the right reflexes:
Not clicking the link
Contacting someone more tech savvy than herself
Teach the people around you these skills. Learn them to be suspicious about text messages, mails and links that they’re receiving. Even if that means they’ll be asking you to verify every single link, I can assure you that it’ll cost you less time and give you fewer head aches to do so than to deal with the aftermath of a scam they fell for.
by Steven Zeegers·Comments Off on Wanted: No more call center position offers (M/F)
People often say that beggars can’t be choosers. Projected on my current job situation, in which I’ve been out of a job for a few months, I suppose that means I should be considering every possible job offer.
It’s fair enough to claim that any job is better than no job. However, there are some types of jobs which I’ll never apply for because I’d rather be anxious because I’m operating on low income than having to deal with the daily anxiety of doing that job.
by Steven Zeegers·Comments Off on Multiple Polish city domains compromised.
In the past few days, a trend has emerged on one of my websites. There has been a stream of subscriptions to e-mail updates from Polish e-mail addresses which are obviously fake. They’re using names which seem to be randomly picked from an American phone book. I can’t tell you what they are hoping to achieve by mass-subscribing to mail updates for my blog. However, there is a clear pattern that is shared by all the domain names.
Compromised domains all belong to Polish cities: Kalisz, Scczecin, Zgora, Opole and other city related domains are all compromised.
All mail addresses are using subdomains.
All domains are using DNS.pl DNS servers.
All domains have been updated on the 13th of May 2020 which was when their “subscriptions” have started. I believe this is the day that the subdomain used for the mailboxes has been created.
The subdomain points to a different server / hosting provider than the main domain name.
It appears that someone has gotten access to these city-owned domain names and has managed to point new records to his spam mail server. When mailed to complain, DNS.pl said that the domain names were “regionally owned” and “not theirs”. They didn’t seem to be interested in doing anything about investigating the problem.
I don’t speak Polish and have wasted enough time on finding out what is happening. But if you live in the area and have IT expertise, you might want to contact the responsible person for the following cities and tell them their domain name has been compromised: Kalisz, Szczecin and Zgora (and a few others, whose names I didn’t write down).
by Steven Zeegers·Comments Off on Analysis Paralysis deleted this post.
Earlier today, I sat down to write a blog post about a topic. However, the problem is that I can’t tell you what that topic was. I forgot because of what happened after I sat down.
Once I was ready to start writing, I immediately got distracted. My brain kindly informed me that I have two blogs. One under this domain name and one under the Twitter handle that I am using. So it demanded to know where I was going to post the blog post.
Easy. I’m posting it on stevenzeegers.me. That’s where all my blog posts end up. How is this even a question?
My brain wasn’t satisfied with that answer. It told me I needed to consider all the angles. Was I really super sure that was the best approach?Continue reading
by Steven Zeegers·Comments Off on Creating a “Who’s Who” page for teams in Microsoft Teams
Today, I was curious to find out if there’s a simple way inside Microsoft Teams to create an overview of who’s who inside a team. Why would you need that? People that are new to your organization might not always know who they can contact for certain questions. That becomes even more of an issue when you struggle with social anxiety or autism. If you’re already anxious about having to ask a question it sure doesn’t help if you don’t know who to ask.
While there’s no app inside Teams for this kind of “Who’s who” age yet, you can easily create that kind of page by using the Wiki. It’s super easy to get started, all you need is a picture, the name of a contact person and their username inside Office365! The picture might not even be strictly neccessary (for people who work remotely) but once you’re creating something, you might as well cover all grounds.
All you need is a picture and someone’s O365 username. With those, you can setup a page that’ll help people instantly connect to the right person. The Teams username will display the Teams profle card that’ll allow people to send them a message in Teams, mail them or audio/video call them. In my first version I also included the e-mail address and a phone number, but that turns out to be redundant.
Here’s the demo page I made for a team:
Team members can now easily figure out who to contact. After navigating to the channel and clicking “Wiki”, all they need to do is find a person in the “right department” and click their Teams username. No need to contact collegues about who to contact!
This solution leaves some room for improvement. I wish I didn’t have to navigate a Wiki, for starters. But it’s a good start and it’s super easy to setup!
by Steven Zeegers·Comments Off on I’ll be returning to Computertaal in 2020
I have an announcement to make, and the title of this post mostly covers what I want to say. But most people will read that title and be confused about a thing or two, so here is a little backstory.
Computertaal is a technology blog that is more than a one and a half decade old. It has been an independant source of IT tips, tricks and articles ever since.
I joined the writer staff of the blog immediately when the blog was founded. I would hesitate to call myself a co-founder because the blog has always been the brain child of Peter D’Hollander, the main guy behind the blog that has kept the lights on for over more than a decade and whom is responsible for a large chunk of the 15,000 articles that you can currently find on the blog in Dutch.
About eight years ago, I took a “brief hiatus” from writing for Computertaal because I wanted to focus on writing about Joomla, a popular CMS. That was all I wrote a bout for a while, and people will tell you not to regret things from the past but I wish I would have found a better balance back then.
Anyhow, fast forward to 2020 (and skip a period where I didn’t write about anything for a long time because reasons) and I felt the urge to start covering broader tech topics again. Instead of starting a seven millionth website which I would never finished, I decided to see if there was a possibility to go back to my roots.
I’m happy to announce that there was still a spot available for a smart-ass like me who loves to write about everything tech related under the sun. So in 2020 I’ll be returning to Computertaal as a writer and start terrorizing the Dutch tech community again with my blog posts. You have been warned.
by Steven Zeegers·Comments Off on Press Start To Start Developer Career
I always tought about making a career switch and becoming a developer, but it always seemed to be so hard. So, other than “hacking away” at some existing projects I never really did any programming. Even as a “web developer” most of what I did was focused on using existing tools. Programming my own solution? Yes, I’ll look into that. After I try every single plugin I can imagine to solve this problem.
I tried programming in my free time. I always quite, because I didn’t really see a path forward. I still struggle with figuring out what I should be doing or pursuing next. So my “developer career” never took off.
Until I was forced to make a career change and became a “Jr. Developer”. Or whatever the correct label is. Initially things were off to a slow start. I did a lot of learning and studying of complex concepts. It’s not like I didn’t write code. I had to self-teach myself enough Python to interact with an API and exchange information. I built a small demo portal in C# with ASP.Net Core. But none of that ever really left my development environment.
That changed when I got assigned some other projects. Before that, anything I’d ever programmed rests in some “PHP Projects” folder on my computer. Or it’s uploaded on some corner of the internet, but I never gave anyone the link to it.
The last month and a half were interesting, because I finally started building things that people actually used. I went from never having built anything publicly used or available, to having built the following:
* A web portal used by a big company (I’m talking prime time TV ads, nation wide brand awareness big).
* An internal app for sales people
* An “app” that reads an API which extracts data
* An app that runs on *my freaking Xbox*
Okay, so maybe that Xbox app doesn’t really count since it only exists in a sandbox environment. But I was crazy excited when I saw the splash screen pop up on my TV. I built a thing. And ran it on my Xbox of all places. That’s so crazy.
I just felt like sharing that with the world, for some reason. So, here you go. I’ve made some progress in my development career and I can’t wait to see what the future has in store. Please don’t be Cobol. Anything but Cobol.
by Steven Zeegers·Comments Off on “Make Money Online”, What you’re really buying.
Anyone with a “hiatus” between jobs, access to a computer and knowledge of building a website has been there at some point. You were on the website after seeing an advertisement or Googling “How to make money online”. You were about to click that button that screamed at you to BUY THIS THING NOW. For only $99 you could unlock the secrets to making thousands of dollars online a month. All you would need was access to a computer – and the internet, they always forget to mention the internet – and their course with a magic money generating formula.
Did you end up buying such a course? Feel free to share your experience in the comments below. For those who haven’t, I’ll save you the money and tell you what you would have bought and what their secret to making money is.Continue reading