REI Stupid Coupons

REI.jpeg

REI had a special online. 


You order $100 or more of stuff, and you get a $20 “member bonus” card. 


That sounded good, so I placed an order. 


So I get a message that I’ll have the bonus card within 48 hours or I should check my spam folder. 


Not sure what should take 48 hours, but I end up getting the email with the $20 code the same day. 


Thinking I’d go and get something for the freebie, I head to the store today and find something perfectly for $20!


Wow–that’s cool.


I wait on this long line with my wife…and we’re checking out this new popcorn on the line called Halfpops, which looks like Half Poop, and what’s the other half?  


After having lousy experiences with these B.S. coupons in the past, we are joking back and forth how there is less than a 50% chance that the coupon actually works today and we end up walking out with the product.


Sure enough, we get to the register and the cashier says, 

“Sorry. The coupon is not good for another 2 weeks!”


Bingo.  Well why they heck did you send me the coupon now and not make it good for another 2 weeks–why waste everyone’s time here?


Also, what difference is it to REI to make me wait 2 weeks to use the member reward–I’m in the store now, so if they want to cross-sell me some stuff what difference does another couple of weeks make. 


You’d think the customer service at REI would say, “we apologize for the inconvenience” and process it now to make it a positive experience, but instead they actually told me to come back in 2 weeks and start all over AGAIN. 


Gee, thanks REI for the member bonus reward…you’ve really done so well with customer service for your members, NOT!  


I think REI is blinded by stupid policies and corporate bullsh*t so that they cannot take care of their customers and do what makes common sense. 😉


(Source Photo: Andy Blumenthal)

I Got The Call

ATM.jpeg

I got the call!


But not the one that I always wanted, which is to serve at the very highest echelons of government or/and industry for those values and things which I so hold dear. 


No, instead I got the call that my professor in college warned me about. 


He said:

“You will get a call one day from someone asking for a lot of cash–no questions asked! At that time, you will know who you’re real friends are.”


So I actually got this call (for real) and in the middle of my work day.


This person who contacts me is considered quite affluent and with an extensive network, and I know him/her for only a relatively short time


Person:

“You know you’re like family to me Andy…I need $2,000–in cash–by 7 pm. I’ll pay you back $500 on Friday and the rest by Monday.”


Me (Stunned):

“What–is this a joke or something?”


Person:

{Repeats again the request}


Me:

“OMG. What’s wrong–is everyone okay? Are you in any trouble?”


Person:

Uh, everyone’s fine…don’t ask me any questions–there’s no time for this now.”


Me {Reaching for some humor in this bizarre situation}:

“Oh, only $2,000–I thought maybe you needed $2 million–that’s no problem, of course.”


Person:

“Please don’t make jokes now Andy–this isn’t funny!”


Me {Trying once again to get some more–any–information}:

“Can you just explain to me what’s going on–I really want to understand, so I can help you.”


Person:

“Do you have the cash or not?”


Me: 

“To be frank no. I don’t keep any cash around. {Inquiring to learn more…} Could you take a check or something else?”


Person:

“No. Listen, can you go to the ATM now?”


Me {frustrated by the abruptness, lack of sensical communication, and pushiness, as well as more than a little suspicious at how this is all going down}:

“Well the ATMs have a cash limit. Also, I would really need to check with my {lovely} wife first,”


Person {seeing they weren’t getting what they wanted when they wanted it}:

“Okay, well if you can’t help, I’ll just call someone else–thanks {hanging up on me}!” 


WOW!


Despite having trusted this person and feeling very hurt by all this, I still called the person back later that evening to follow up and because I truly cared, and they were still not any more forthcoming with me, and in fact, were quite attacking that they were sorry to have called me.


But I wasn’t sorry…my college professor was right on, thank G-d–I do know who my friends are!


Whether its a lunch date, LinkedIn/Facebook contact, or social invitation, be discerning about the motives of people–outside of any sane and normal context–that are seeking to “friend” you. 😉


(Source Photo: Andy Blumenthal)

One-Two-Three Punch For Cyber Security

Punch

Here are three crafty ideas for improving our cyber security that can be used to protect, prevent, and recover from attacks:

1) Intrusion Deception (not detection)–Mykonos Software aims to protect websites by putting up a virtual minefield–“setting traps to confound hackers.” When the software detects hackers trying to infiltrate, it can flood hackers with false information on vulnerabilities that goes nowhere, mess with the hackers computers such as by pop-up flashing maps of their locations and local defense attorneys, and disrupt their connections and slow down their hacking attempts (Bloomberg BusinessWeek).

2) Scamming The Scammers–Notorious email spams such as from Nigeria that look to ensnare victims into wiring money overseas in order to secure some lost fortune costs $9.3 billion in losses in 2009. Psychology professors Chris Chabris and Daniel Simons suggest that we can prevent many scammers from succeeding by raising the cost of their doing business by scamming them with ” baiters” that send responses to scammers and occupy them but never actually send any money. They suggest that artificial intelligence could actually be used to create “automated scam-baiters bots” simulating potential gullible victims. These bots could even be programmed to provide phony account numbers and data to scammers to really get them spun up. (Wall Street Journal)

3) Insuring Again Losses–Insurance is a common way to manage risk by purchasing coverage for potential liabilities–this is used to indemnify against losses for everything from auto accidents to home fires, personal theft, and business interruptions. However, according to Bernard Horovitz, CEO of XL Insurance’s Global Professional Operations, businesses (and of course, individuals) are rarely are covered by insurance for hacker attacks. Insurance companies are now offering specialty products to recover from the insuring liabilities. Additionally, the insurers will “help with preventing and mitigating cyber crime” through security audits. (Wall Street Journal)

These three cyber security strategies are great examples of how we can make it technically and financially more difficult for cyber attackers to succeed in geting in a knockout punch on their victims. 😉

(Source Photo: Minna Blumenthal)

Big Phish, Small Phish

Phishing
Phishing is an attack whereby someone pretends to be a trustworthy entity, but is really trying to get your personal information in order to steal from you or an organization.
Phishing is a type of social engineeringwhere fraudsters try to deceive and spoof their victims by sending email or instant messages (or even by calling) and pretending to be a legitimate private or public sector organization. They then either request personal information, provide links to fake websites, or even create unauthorized pop-ups from legitimate websites to get you to give them your personal data.Additionally, phishing emails can contain attachments that infect recipient’s computers with malware, creating a backdoor to control or compromise a system and its information.

In all of these cases, the intent of phishing is impersonate others and lure consumers into providing information that can be used to steal identities, money, or information.

The word phishing alludes to the technique of baiting people and like in real fishing, fooling at least some into biting and getting caught in the trap.In this fraudulent type, perpetrators pretend to be legitimate financial institutions, retailers, social media companies, and government agencies in an attempt to get you to divulge private information like date of birth, social security numbers, mother maiden names, account numbers, passwords and more.

Once criminals have this valuable information, they can commit identity theft, break into your accounts, and steal money or information.Spear-phishing is a derivative of this scam that is targeted on specific people, and whaling is when the scam is perpetrated on organization executives or other high profile targets,  which can be especially compromising and harmful to themselves or the organizations they represent.

The first recorded phishing attack was in 1987.  Over the years, the prevalence of these attacks have steadily increased. According to the Anti-phishing Working Group (APWG), there were some 20,000-25,000 unique phishing campaigns every months through the first half of 2011, each targeting potentially millions of users.  Additionally, as of March 2011, there were as many as 38,000 phishing sites.  The most targeted industry continues to be financial services with 47% of the attacks.
There are a number of ways to protect yourself against phishing attacks.

  1. Delete email and messages that are unwarranted and ask for personal information
  2. Do not click on links, instead go directly to a website by using a search engine to locate it or copying the link and pasting it into the browser
  3. Configure your browser to block pop-ups
  4. Use anti-virus, firewalls, and anti-spam software
  5. Set up automatic security updates
  6. Input personal information only into secure sites, such as those that begin with “https”
  7. Only open attachments when you are expecting them and recognize where they are coming from
  8. Check financial statements upon receipt for any fraudulent activity
  9. If you are caught in a phishing scheme, notify law enforcement and credit reporting authorities immediately
  10. Always be cautious in giving out personal information
Whether you consider yourself a big fish or a small fish, beware of those trying to catch you up on the Internet–hook, line, and sinker.

Be Careful What You Point That At

Qr_code

By now many of you may or may not have pointed your smartphones at a QR (“Quick Response”) code to get more information on products, places, events, and so forth.

 

A QR code is a barcode that that generally contains alphanumeric information and takes you to a website when you read the QR code with your smartphone (i.e. by taking a picture of it with a QR reader app).

 

QR codes remind me of the barcodes in the store at the checkout line, but QR codes look more like a squared-off roschach test compared to the barcodes on items you purchase which are rectangular straight lines from top to bottom.

 

By reading the QR code, you don’t have to remember or type any information into your smartphone–your just zipped right off to wherever the QR points you (usually after you confirm on the screen that you are okay with going to the URL).

 

But QR codes like with any information technology, can be used for good or evil — for some reason though people seemed to have been unsuspecting of the sort of innocuous looking QRs.

 

Kaspersky Lab has issued a warning on QR codes after finding consumers in Russia scammed when they thought they were downloading an Android app and where instead infected with malware that caused them to send SMS messages to a premium number that charged for each message sent.

 

So while QR codes can take a reader to a harmless website for information, like other computer code, they can contain instructions that cause you to send email, SMS messages, download applications, etc. 

 

So unless you know what you are QR reading (i.e. you have a high-degree of confidence in whoever placed the advertisement with the QR code)–think twice before scanning that barcode, because you may get a surprise package in your smartphone that you weren’t expecting causing infection of your device, loss of privacy to the information stored on it, or costing you money for things you never wanted or intended to spend on.

 

Scanning a QR code while as simple taking a picture of a sunset–may not have as beautiful consequences.

 

(Source Photo: here)