BuildAWebsiteTonight.com: September 2006

Wednesday, September 27, 2006

Let's go PHISHING - don't hand over your login and password!

The Sydney Morning Herald has a fascinating article today about phishing and clever attempts to relieve us of our login and password details, especially related to any system which has access to money.

"Viruses, worms and trojans are yesterday's problem," he says. "We expect to see more social engineering techniques rather than brute-force system-busting."
Symantec's Asia Pacific vice-president David Sykes says con artistry rather than technical trickery has become the most potent weapon in a malicious hacker's arsenal. "... in the first six months of 2006 Symantec detected 157,477 new unique phishing attacks, an increase of 81 per cent on the same time last year."

Wondering what 'phishing' is? Have you ever received an email supposedly from your banking institution telling you there's 'been a breach of security' and you need to 'login and confirm details'? Or have you received an email from PayPal or eBay saying something similar?

This attempt to get us to click a sneaky link in the email, and head off to a website which LOOKS like one of these companies, is called 'phishing'.

I like to think of it as being very similar to real fishing - you bait the hook, you dangle the line, and there's always some unsuspecting wide-eyed newbie who'll take the bait. Bingo! You've just netted yourself a new fish [or bank account or credit card or login & password details].

Many organisations now have specific departments to deal with this. I love PayPal - they set up an email name - spoof@paypal.com - where you can forward the suspicious emails. They investigate the sneaky links embedded within the email, and then get back to you confirm your suspicions. PS - Paypal now has an early warning detecting service for your account - read more here.

How to avoid the nastiness of being ripped off?

NEVER click a link in any email if you don't know the sender.
NEVER click a link in any email from any financial institution [bank, credit union, PayPal, eBay] when it asks you to 'confirm your details' in any way, shape or form. None of these places will ever ask you to do that.
NEVER open or double-click an attachment [in a suspicious email] - document, pdf, photo or image of any kind - if you do, you may launch a virus, or worse, a keystroke tracking program which will track every single keystroke you make ... and then send it BACK to its owner ... who then has your bank etc login and password.
NEVER give out any of these details over the phone, always ask for the person's name, company and phone number and say you'll call them back in a minute or two. Then you can ring the Head Office and see if this is 'normal practice'.

Sound scary?

Of course it is, but being forewarned means you're prepared - just because it arrives as an email with your name on it doesn't mean it's not an attempt to rip you off.

Remember - stay calm if you get one of these emails - do NOT click anything inside it. Pop over to the website for that company, look for Help or Contact Us pages, and you will probably find information on suspicious emails, and who to report them to. We all must report these, and forward the original email so these nasty people can be tracked and caught.

Be cautious and you have nothing to fear.

Ciao for now,
Teena!

Saturday, September 16, 2006

See Your Website Through Your Visitors' Eyes

This week I read an article on SiteProNews.com by Kim Roach, called "See Your Website Through Your Visitors Eyes" [Kim Roach (c) 2006].

This is something I've been telling my own clients about - experience YOUR website as though you've NEVER SEEN IT before.

You might get a shock - or be pleasantly surprised - either way you'll be glad you did.

Kim's article talks about software which tracks people's eye movements on websites, and how they scan text [not reading every word] and hop all over the place.

The point is that when you design your website, don't put TOO MUCH on the page.

Make it EASY for your web visitor to work out WHAT you do or sell, and how to get it if they want it.

This brings to mind the landing page, and I have talked about this before but it's worth mentioning it again. When someone lands on your website via a search engine link, they could be landing on ANY ONE of your website pages.

Remember that page you started to write a few months ago, then removed its link from the Menu bar, thinking you'd get back to it when you got time?

Well, it's been googled, and people are now landing on it. While it's unfinished. While it's looking uprofessional and half-baked. Ouch! So how do you know they're landing on it?

Why, you check your webstats, of course. You do HAVE web stats set up for your site .... don't you?? The best free stats I've found recently are to be found at StatCounter.com - pop over and check it out.

OK - getting back to the point - see your website through your visitors' eyes ... one morning before you look at anything else online, or before you read the newspaper, pretend you've never seen your site before. Start by going to google and typing in some of the keywords which find your site, click any link which takes you there.

Ask yourself these questions:

is the website name on this page?
does this look like a legitimate business?
what's for sale?
is it easy to find more info about it?
how quickly can I find the price?
did I have to dig through layers of pages to find the price? if 'yes', did I get bored?
if I have questions, how easy is it for me to find the FAQ or Contact page?
on a scale of 10 being the highest, what would I rate this experience?

You may not like the answers you gave yourself - if not, ask a couple of friends who know nothing about your business the same questions before they pop over to your site - on random pages, not the home page. See what their answers are.

This could be the best thing you've ever done for your business - start thinking like a potential customer and see if your site is a great experience - or not. If not, fix it a.s.a.p. Remember, all feedback is good feedback, an opportunity to improve on what you have.

OK - get to it - don't waste another day!

Ciao for now,
Teena!

Sunday, September 10, 2006

"Domain Registry of America" Scam

It's been a while since I received one of these scam 'invoices' but lo and behold I received one in the post today for a domain name I registered for a client in February. That's only 6 months ago.

This company - Domain Name Registry of America [www.droa.com] - sends an Invoice at double, triple, quadruple the price you may have paid to buy a domain name, and their invoice looks like your website's domain is DUE FOR RENEWAL now.

It's not - they do this about 6 months after you buy a domain name - but a lot of these invoices either go to companies who forward the mail to their accounting department [where it slips under the radar and gets paid], or to individuals who may not understand [or forget] they don't have to pay again - for at least 6 months.

In the past two years I've had two clients fall prey to this sneaky devious underhanded company, both paid their exorbitant prices, much to their horror when they found out.

In the Invoice from this disreputable company they do state the real expiry date, but pepper their text with phrases like 'Act today!'

Beware of this company! They have also performed these scam tactics via email for several years, and also represent themselves as 'Domain Name Registry of Canada'. It depends on the domain name you purchase, if it is .com.au, they send a reply envelope with an Australian address; if it's .com or .ca, they send address for you to send your payment to the USA or Canada.

The fact that I'm in Australia and my clients were in UK and USA doesn't deter them. Everyone is 'fair game'. I guess they figure if they send out thousands, maybe hundreds of thousands of invoices, there will be a percentage of people who'll cough up the money. Don't let it be you.

[They even sneakily included an envelope with a return address in my country - sneaky buggers.]

Read your invoices and all documents you receive about your domain name very carefully - whether by mail or email - and if in doubt, ask a friend or your hosting company to clarify the document you've received.

You can read about this on other blogs - check out I.T. Vibe's site which says:

Back in December, the Federal Trade Commission imposed a ruling stating that a firm called Domain Registry of America were to stop misrepresentation.

Domain Registry of America were using a somewhat underhand tactic in an effort to get sales.

Another article can be seen here at Blog.Forret.com, with a copy of the actual letter received:

The issue is: it’s a scam. There is no need for me to renew now, and certainly not with DRoA. I know exactly who manages my domains and I am quite happy with them. But I can imagine this trick works quite well with people who have no clue how DNS works, or in accounting departments of companies. These guys have been fooling people since at least 2002, as the Domain Registry of America, of Canada, of Europe and of Australia. Who’s behind it? [click here to read more]

Other mentions of the scam:

WebHostingTalk.com

PLEASE NOTE: If you don't think this is a scam, ask yourself why ANY company would contact someone else's clients with an INVOICE half way through a contract. Check google.com with the company name and the word 'scam'. Enough said.

Regards
Teena

The importance of proofreading : or How To Get A Free Fiance!

I was having a quick look at the new Ikea website today, and was surprised to see the typos. For example:

Gee, if I knew there was an 'in-store FIANCE option' I might have gone to get one haha. Seriously though, it pays to proofread your website very carefully, and if you don't have time, get someone to help you. If you can't find anyone to help you, you might consider the proofreading service I offer [please click here].

If you just can't see any errors, ask someone else to read the site [or documents] for you, to give it a fresh overview. Sometimes if you're tired or have read something too many times, you can't see spelling or grammar mistakes.

PS - it's also very important to let the webmaster know there are typos on their site, so be generous with your time, it'll only take a minute or two, let them know the url of the page, what the typo is, and the suggested correction. I've met some lovely people by doing this. :)

PPS - Although Ikea doesn't have an email name to contact them by, they did have a Live Chat. The operator was very friendly and pleased I'd let them know about the typos, and offered to let the webmaster know.

Cheers
Teena

Wednesday, September 06, 2006

Steve Irwin - Crocodile Hunter

I posted a message on Lynn Terry's site today, http://www.clickNewz.com, about Steve Irwin, our famous 'crocodile hunter' and his untimely death - here's what I wrote:

Lynn, I heard about Steve when I was driving home and almost had to pull the car off the road. It was the biggest shock I’ve had for a long time. A true larrikin, he lived every day to the fullest, and his passion and love for life, his family and the planet was evident in his every gesture.

His smile will be remembered forever, and although I never met him, I feel like I’ve lost a true friend, my heart is heavy here in Sydney and I mourn him greatly. A huge loss to the world, but his legacy will live on.

We should all show as much enthusiasm for life - every day - as Steve did. Hug a stranger today. Tell someone they look fabulous.

In reading the news about Steve, I do try to treasure every day and to find happiness in the small and big things in life - the vastness of the sky, the love of friends and family, the wonderful clients I have - and when something shocking like Steve Irwin's death rocks our world, it reminds us to appreciate every moment of every day. We can all do this to continue Steve's legacy, and to make the world a better place. You can read more news here at NBC.

Have a gorgeous day,

Teena

Tuesday, September 05, 2006

Blogger : getting the most out of it

One of my clients contacted me today to say she really liked one of my blogs [HumbleApostrophe] and that she uses the same template.

My client was very impressed by all the coloured fonts I use and asked how she could do the same thing. She said HER blogger software didn't allow any WYSIWYG changes.

I was confused, but I gave her a basic instruction about Blogger and said that when you Create a New Post, you have a text box to type in. This text box can be viewed in two modes:

Edit HTML, and
Compose
ok - 3 modes - yes it also has Preview mode :)

I mentioned that when you type in 'Compose' mode you see the WYSIWYG editor [What You See Is What You Get], so she'll be able to highlight the text and make it bold or coloured.

She laughed out loud and so did I when she told me the joke - for months she's been typing in 'Edit HTML' mode and didn't notice the two 'tabs' to switch from one to the other.

Ahhhhh, just goes to show - if you ask the right question, you might just get the right answer. One happy customer. Remember to take the time and be patient, work out what your client's question is, just in case they don't know what the right one is.

Happy blogging!
Teena

PS - check out one of my client's blogs which is already using colour to make a very attractive and informative blog.

Friday, September 01, 2006

Shhhhh! I know your secrets from your cellphone!

It was a bit alarming to read a report today in the Sydney Morning Herald:

Secrets spill from second-hand mobiles August 31, 2006
Second hand mobile phones purchased over the internet can surrendered credit card numbers, banking passwords, business secrets and even evidence of adultery.

One married man's girlfriend sent a text message to his mobile: His wife was getting suspicious. Perhaps they should cool it for a few days. [click here to read more]

The story went on to say how people give away or sell their old mobile phones / cellphones on the internet, and how they don't realise their old data is NOT deleted. Scary thought. And just as bad as finding out your old computer whose hard drive you erased has delighted its new owner by bringing forth all your old banking details as well as the confidential contracts you'd been working on.

This serves as a reminder that in our throw-away [disposable] world, it's worth the extra effort to search and investigate before you give away or sell anything which 'used to have' data on it.

Be warned ... be pro-active. Ciao for now,
Teena

So easy even an adult can do it!!

: Name: BuildAWebsiteTonight; Location: Sydney, Australia

Teena Hughes says, "BuildAWebsiteTonight is so easy even an adult can do it!" If you need a website but haven't got a clue where to start, our automated online Web Builder is perfect for you. Teena will add snippets of information to this blog about websites, the internet, and other small business topics - we hope you enjoy them.

View my complete profile

BuildAWebsiteTonight.com