Lionnel Yamentou Blog, Technology

The “Perfect” Phishing Email

A few years ago one of my sisters forwarded me an email to ask me if it was legitimate. The email claimed she had won a lottery she did not remember even playing. The email was instructing her to follow a few simple steps to claim her prize. Obviously, I responded and told her to forget about it. It was a classic scam.

Today’s cyber criminals are much more sophisticated. As much as developers leverage modern technologies to create more secure applications, cyber criminals do the same to swindle their victims. Phishing is one of the easiest forms of gaining access to the login credentials of an unsuspecting user. It consists of sending fraudulent emails purporting to be from reputable companies in order to induce recipients to divulge personal information such as passwords and credit card numbers.

One phishing email came through my inbox today and it was so well crafted that I decided to showcase it. It has all the elements to be the perfect phishing email. Below is a screenshot of the phishing email. Below, I explain what you can look out for to help you in assessing that this is a phishing email.

Here are the red flags that make the email suspicious:
A. The email is sent from mailbox.com but the sender is speedataweb.com
B. Moving the mouse over the link reveals (at the bottom of the page – destination preview) that the destination is not the link in blue.
C. The Google Team would never send out an email signing with a different domain. 
D. Mail Systems Incorporated is not related to Google nor Speedataweb.com. How are they the ones sending that email?

Besides those red flags, the email is actually well crafted. It refers to a specific problem and creates a sense of urgency by providing a deadline to act by, along with consequences if nothing is done.

The goal of that phishing email is to trick you into providing your account username and password into a fake login form. I must say that Google does a good job of detecting and alerting user of potential phishing login pages. Thank you, Google. You take a lot from us, but you also give a lot. 🙂

If you receive an email that looks suspicious, there is a directory of phishing scams you can visit and see if it already catalogued there: https://scam.directory/niche/phishing.

If it looks or feels fishy, it is probably phishing. Don’t let the “almost” perfect phishing email trick you. 

Lionnel Yamentou Blog, Business, Technology

The Toastmaster’s Log (www.mytlog.tk)

If like most people you have ever “Googled” for solutions to problems or answers to questions, you know that there is virtually nothing you cannot find online. From web applications to native apps, going through web app, browser extensions and plugins, there is an online service to solve (or guide you toward solving) almost every challenge you could be faced with. phone-apps

When I joined Toastmasters International in June 2012 my objective was to earn my Distinguished Toastmaster Award within a maximum of 18 months. I missed that objective. I know people who have done it and it was a goal in alignment with my life plan and priorities at the time. Getting familiarized with the Toastmasters International educational program, I admired the fact that they had one of the best system to turn any dedicated learner into a top-notch communicator, and leader. I shifted my focus to enjoying the process and making the most of the experience. That might sound like a justification for not reaching my initial objective, because it is. 🙂

I spend a lot of time online and belong to an age group that is estimated to spend on average 7 hours online every day. After serving as a VP Education for 18 months with two different clubs, I thought it would be nice to have an online tool to help me keep a record of my speech and leadership projects completed. This online record would be maintained concurrently with my physical manuals.  One of the benefits of such a solution would be to show me in real time my progress toward my DTM.

mytlog dashboard
www.mytlog.tk

Before setting out to create a system that would help me in that way, I googled and the best results came from this page on the Toastmasters International website: http://www.toastmasters.org/software. As you notice on that page, all the tools available are geared toward club management as a whole. Therefore they are club-centric, rather than member-oriented.

After a few dozen hours of hacking, The Toastmaster’s Log emerged. It is currently a MVP (Minimum Viable Product) and it already serves its intended purpose well. The system is available here: www.mytlog.com and I have used it for a few months. There could be dozens of more features added to make it more appealing and features-rich, but that will defeat my initial purpose of keeping focused on individual member’s need to complete record their progress towards their DTM, online.

If you are an active Toastmaster, you are welcome to sign up and start using the system, it is and shall remain free. If you are not a Toastmaster, you can use the application to record speeches you give. It is always good to have a log.

Is there any other tool you have used for similar logging purposes, what features do you feel you need most?

Lionnel Yamentou Blog, Business, Technology

Best online and offline credit card processing services for entrepreneurs

Finding a reliable credit card processing company can be a real hassle for first time business owners, or entrepreneurs with a business idea. Last year a friend and I started a business providing an affordable referral service to medical doctors. Our clients were people needing uncommon prescription drugs. One of the reasons why the business did not do as well as it could have is because we could not find a payment processor who would do business with us. startup-payment-processing

There were various reasons. Some of the companies we reached out to had very strict requirements. That is understandable as there are a lot of regulations in the financial services industry, especially payment processing. However, when we see how simple it is get started and run a business with Square, it does not make sense when having to cross as many hurdles as we had to. We eventually had one of our payment providers freeze our merchant account with over USD $2000 in it. That was rough, especially for a group of enthusiastic and self-motivated entrepreneurs. That’s a story for a different day.

Having done quite some research to solve this credit card payment processing problem, below are my top recommendations for entrepreneurs starting a new business.

I have an account with Stripe and their platform and API is well documented for developers. Stripe charges 2.9% + 30¢ per successful charge, or less based on volume. Earnings are transferred to your bank account on a 7-day rolling basis.

My Spacebox.io account was created to take better advantage of the Stripe.io API. Spacebox.io requires you to have and connect your Stripe.com account to have access to their service and process your payments.

Dwolla is one of the most startup friendly payment processors. The charge just 25¢ per transaction or free for transactions $10 or less. Nobody beats this price.

Through very good PR and advertising campaigns, Square has positioned itself as the go to company for small businesses and individuals when payment processing is mentioned. I have a Squareup account and find their user interface very well designed. They will send you a free Square reader for your smartphone in exchange for a $10 donation to fight AIDS. Well worth the money.

Gumroad is the best platform is you want to sell and deliver digital files online. Digital files include electronic books, softwares, images, and anything else that can be sent via email. This is a great resource for those starting up with selling information online.

Flint is one of the latest startups in the payment processing sphere. With a smartphone and their app, you take a picture of your client’s credit cards and the payment is done. They claim to be very safe and secure, and the details of the credit card are not stored on the phone. Their service does not require a card reader. Worth a try. Their fees start at 1.95%

As mentioned on their website home page, FastSpring provides an all-in-one cloud-based e-commerce, merchandising & fulfillment platform. Sell your desktop software, SaaS, games, e-books or other digital products online—worldwide. I have not personally tried their service but it was highly rated when I did my research.

Amazon payments works, I have used them personally. For a company as big as they are, I must say that they do quite well with their customer service. My emails to them are always answered within the first 24 hours.

Do you know of any other startup friendly payment processing company or service that should be on this list? Mention it or them in the comments box below.

Lionnel Yamentou Blog

We need more women in technology

women in technologyWomen account for just 6 percent of the chief executives of the top 100 tech companies, and 22 percent of the software engineers at tech companies over all, according to the National Center for Women and Information Technology. And among venture capitalists, the population of financiers who control the purse strings for a majority of tech start-ups, just 14 percent are women, the National Venture Capital Association says. (http://www.womenintechnology.org/witef/resources)

I had an experience with the dedicated server support department of Bluehost.com and thinking about that experience, I can’t help but feel that we need more women in technology. Bluehost.com, one of the leading providers of web hosting services in the United States experienced technical challenges with its servers or infrastructure this past week. Not related to that, I had an issue to resolve on one of my account with them and after about 10 days of talking to men on the phone who did not offer me any solution or took any corrective action, I had almost given up. The eleventh day, still with no resolution of my problem, I called them up and was connected to a lady, I will not mention her name but I believe all ladies at Bluehost, and in every other technology business need to be recognized. Not because they are ladies in technology, but because I have always experienced a better level of service with them compared to their male counterparts.

Note that this is not an attack on men in technology. Being a man in technology, that would be shooting myself in the foot. During my phone interaction with the “Bluehost lady”, she was very friendly, patient and more tenacious that her male colleagues who had been on the phone with me before. There are many organizations that work with women to encourage and help them grow professionally in the technology industry.

Eileen Brown is the CEO at Amastra and Author of Working The Crowd: Social Media Marketing for Business has a very good article with pratical solution on what to do about the lack of women in technology. Read her article on her blog at http://eileenbrown.wordpress.com/2012/05/28/what-to-do-about-the-lack-of-women-in-technology/.

If you are woman already in technology, consider joining Women in Technology International for exposure to and networking with the top women performers in the industry. If you a woman interested in technology but not yet sure on how to start, visit any community college or local university to discuss your goals with a career counsellor. We need more women in technology. Don’t you agree?