About Me

I ramble about a number of things - but travel experiences, movies and music feature prominently. See my label cloud for a better idea. All comnments and opinions on this blog are my own, and do not in any way reflect the opinions/position of my employer (past/current/future).

03 August 2013

Great Phishing Email (target - Standard Bank)


I love great phishing emails - the ones where the phishers have made the effort to make the email look legitimate. Earlier this week, I got this one from Standard Bank - an email that actually strikes the right notes in many ways. In fact, it is very difficult to state that it is illegitimate, and I doubt most normal users would be able to spot it as a phishing email.

Firstly, I am ex-customer - so asking details for further screening is not a "bad" message. The grammar, the notes on the opening times of the customer contact centre, the disclaimers are all perfect. I did open the HTML attachment, but not on a browser - and even the stylesheets are perfect (using a legitimate Standard Bank stylesheet). They even have the right anti-phishing messages
"Important security alert! Standard Bank will never ask you to access internet banking through a link in an email. Don't fall victim to fraud!"
And lastly, all the HTML code seems to point to Standard Bank website - unless a domain itself is compromised, I couldn't spot an incorrect domain. But perhaps, I didn't look hard enough.

So, why do I think it is a phishing email?
  1. The attachment asks for your ATM pin and Internet Banking password (to be reset)
  2. Asks for "Zip Code"
  3. Asks for other personal data, such as ID numbers
  4. Asks for email password
  5. And lastly, the email headers give it away
Received: from exchange.szlonghao.com ([113.98.251.13])
        by mx.google.com with ESMTPS id q66si27264684yhl.395.2013.07.29.03. 
48.06
        for 
        (version=TLSv1 cipher=RC4-SHA bits=128/128);
        Mon, 29 Jul 2013 03:48:47 -0700 (PDT)
Received-SPF: softfail (google.com: domain of transitioning 
ibsupport@standardbank.co.za does not designate 113.98.251.13 as permitted 

sender) client-ip=113.98.251.13;

Happy End

This is the first crowdsourced initiative that I have backed, and got all the rewards. A 96 page hardcover photo book, covering remote plane crashes where all on board survived. Some of the stories of the miraculous landings are impressive - the photos of crahsed planes, where nature has reclaimed them, even more so. His website has many more abandoned initiatives - the Olympic Spirit covering abandoned Olympic games venues is particularly poignant - especially the ones covering Athens.

28 July 2013

Turbine Art Fair

Set in Johannesburg's iconic Turbine Hall, the 1st Turbine Art Fair, was a show case of young artists and gallery art in a single location. There was a wide variety of art, most for sale - and probably the best way to see a wide variety in a single location. A very nice way to spend an afternoon in the city ...

Big Top Burlesque

According to the Wikipedia article, Burlesque is a musical or theatrical parody, although it later morphed into more of a variety show, and in American settings, with a tilt towards featuring strip-tease. I have been to two burlesque shows before - and both featured a significant amount of parody - mostly with sexual innuendo. 

Big Top Burlesque is a South African production, featuring an amazing singer (singing a variety of pop hits), and dancers effectively exhibiting wares from one of the sponsors - Lola Montez. That is not to say that the show was bad - the individual performances were actually quite good, including a great acrobatic show. But, I don't really think it should be called burlesque ...

However the disappointment was not the show - but the food. One of the selling points of the show, is the 3 course meal from the restaurant The Blue Feather, on whose grounds the show takes place. Considering that the restaurant features a R500 per person tasting-menu one would have thought that the food would be of the quality of a fine dining restaurant. Instead, it was, at best, the same quality as a chain restaurant at a shopping mall (and I am not referring to Tashas) - hardly the advertisement for a fine dining venue.

Individually the components of the show were not bad - but the overall package just didn't live up to the billing, and I wouldn't really call it value for money.