Offshore Outsourcing & Scammer
Blog about offshore outsourcing and scammer in the outsourcing industry
Why Google denies us real end-to-end encryption?
by Rudolf Faix Monday, April 6, 2015 3:40 PM

Why did we still do not have easy-to-use end-to-end encryption? The standard answer is far too complicated! But this is nonsense; Apple shows how to make it simple.

AndroidThe technical challenges for true end-to-end encryption are solved for many years. In principle, one could make the simple. With it would be sure not just anybody can easily read along our private and business communications.

Nevertheless, emails, chats and phone calls are still almost always in plain text. They are secured for transport (SSL / TLS), but at least, the service provider can read everything and often does. This course also various other interested parties that attach to help him, the contents of confidential messages.

At this point I always hear, end-to-end encryption is still far too complicated. Alone to generate key, not to mention the checking and signing - end users don’t like do that. In fact, I'll never get anyone to use PGP. Nevertheless, the argument is simply wrong.

Because there is already end-to-end encryption, which is so simple that they use many millions of users and do not even know this: Apple's iMessage encrypts any message with a key that is only known by the recipient. Not Apple, not the network operator and not the NSA. And the highlight: Thanks to Apple's iMessage is a sophisticated design that not a bit more complicated than traditional SMS. Each iPhone owners use it easily and has not to worry about the encryption. The encryption is just there.

This one who wants to read along these messages has to attack this encryption. This also applies to Apple or someone standing there with a National Security Letter at the door. In practice this means: It is not enough that Apple or engage NSAs to the appropriate server to write there the plaintext with, as would be the case with Google, Skype and almost all other services. Instead, Apple would have to actively engage in communication and distribute counterfeit keys.

Of course, experts will argue that Apple does not satisfy the pure doctrine and the user himself has no control over his keys. Specifically, the system is not hedged against the fact that Apple itself eventually distributed as "Man in the Middle" wrong keys. But these are details that go past the actual heart of the matter. It can get improved without much effort. (The ignorance and arrogance of Apple is typical and with that the refuse demands for such extensions and perhaps the other side of the coin is that Apple like no other company can create easy-to-use products). Is crucial, however, Apple is the only major manufacturer and service provider offering such end-to-end encryption at all.

The real question is: Why does Google's Android has no a similar function and nourishes us with Hangouts without proper encryption? I seriously doubt that Google no one has come up with this idea or that technological pioneer in so many areas that could not be implemented just as elegant as Apple; Moxie Marlinspike shows with TextSecure how this might look like. There is only one plausible explanation for why Google has nothing to offer in this respect:

Easy to use end-to-end encryption is undesirable.

There is strong political interest to be able to read the communication of all Internet users at any time without much effort. We can only speculate as large as the pressure is exerted by politicians and authorities on the Group. But much harder probably weighs Google own economic interest: With functioning end-to-end encryption, Google would torpedo his own business model. This is in fact based on that the Group can read and analyze our data - and then to present, inter alia for suitable advertising. This of course applies equally to Facebook; so you can write off any hopes about WhatsApp.

Apple, however, earns his money is still with the sale of equipment and Commissions from business apps and content. And they deserve it obviously so good that they - unlike Google and Facebook - have the luxury to leave us our privacy.

What does that mean for us now? Not that we should buy now Apple products. There are too many things that you can refuse to Apple for good reason. But we must not be fobbed off with cloudy promise to respect our privacy and the protection of our business communications to us. Correct and above all simple end-to-end encryption for all could be done - we must demand only finite.

 

Tags: , , , , , , , , ,

Blog Rudolf Faix

Apple kicks anti-virus apps from the app store
by Rudolf Faix Tuesday, March 24, 2015 5:45 AM

The reason given for sacking from the App Store called the producers is that users may believe that there are viruses on iOS.

Apple has removed over the past few days, several anti-virus apps from the App Store. Among them was VirusBarrier for iOS by the manufacturer Intego. The app was located since 2011 in the App Store.

Once the app has been removed, Jeff Erwin, the CEO from Intego, has asked Apple for their reasons. According to Apple, the description of his app was misleading, since users might think there would be viruses on iOS. After he had changed the description of the app to make it clear that the app scans emails and downloads, Erwin has taken the case to the executive suite of Apple - without success.

Apple has not only thrown VirusBarrier, several apps and also the corresponding category from the App Store. Some apps are still online, such as Avira Mobile Security, Lookout Antivirus & Security and McAfee Security. These apps are free, VirusBarrier cost $ 0.99. What criteria exactly Apple classifies an antivirus app misleading, is not known.

Apple has been always arrogant. Arrogance comes sooner or later to a fall off.

Apple with Worm 

Thank god, we don't need that crap on iOS or on Macs. Plain and simple, you don't need antivirus on Apple platforms. Period. I've used Macs since 1990 and not once have I ever conceived of the notion of installing antivirus on my Macs.

You are doing yourself and all Mac users here a disservice by saying stuff like this. It is widely known in the industry, especially with companies like Sophos and Kaspersky, that there are definitely Mac viruses in the wild that can infect Mac computers that do not have antivirus installed.

Just because you have a Mac does NOT mean you are immune to viruses. It is a very dangerous misconception that you are 100% protected because you use a Mac.

Mac Virus & Malware Threats: http://www.kaspersky.com/internet-security-center/threats/mac

Mac Virus Lets Hackers Control Thousands Of Computers, Through Reddit: http://www.ibtimes.com/mac-virus-lets-hackers-control-thousands-computers-through-reddit-1699227

http://www.huffingtonpost.com/news/mac-virus/

Apple Vows To Fight Flashback Virus, Mac Users Receive Wake-Up Call: http://www.huffingtonpost.com/2012/04/11/apple-flashback-virus_n_1417886.html

Apple Stops Boasting That Macs Are Virus Free: http://www.huffingtonpost.com/2012/06/25/mac-virus-apple_n_1625110.html

Security Firm: Microsoft Ahead Of Apple: http://www.huffingtonpost.com/2012/04/26/microsoft-security-apple_n_1456073.html

Surprising Number Of Macs Infected With Malware: http://www.huffingtonpost.com/2012/04/24/mac-malware_n_1448561.html

Be safe out there, everyone. Don't believe the hype that you're protected just because you use Mac. With Apple's growing marketshare comes the greater possibility that Macs will be targeted. Especially when its a common belief among Mac users that they're invincible.

 

Tags: , , , , , ,

Security

Call centers read the given scripts and conditions very carefully
by Rudolf Faix Wednesday, March 18, 2015 4:50 AM

As more closely I take a look in the offshore outsourcing business as more I come to the conclusion that either the offshore call center themselves should get deceived or it should help to cheat others.

I got the following email with attachments forwarded. For easier reading I have opened the documents and pasted their content into the email. The script shows how the customer is getting betrayed.

It is a game to make the called one afraid that he does not get his medication in the future. That is already a big fault in selling. That has nothing to do with a serious sale. It looks like the client has no chance to sell his products in a serious way to someone. For this purpose he need to use such criminal methods.

If you are looking at the from me read marked parts of the email, then you see that you get only paid if the lead is interested in receiving Diabetic testing supplies. All other medications are not getting paid.

--------- Original Message ---------
Subject: diabetic LT
From: "Visionary Leads" <info@visionaryleads.com>
Date: 2/4/15 10:47 am
To: jorell@visionaryleads.com

OUTSOURCEDIABETIC SCRIPT.DOCX

Hi! Is (patient) available?

Hi (patient)! I'm calling from Health Source. I just want to let you know Mr./Mrs. (patient) that you may no longer be receiving your diabetic supplies in the mail and I just wanted to make sure that you will be getting your diabetes supplies on time.

Do you mind me asking the last time that you got your diabetic supplies in the mail?

Ok! I'm going to get you setup. I just have to verify some basic information.

-Verify the address:

Are you still located at _________?

Can I have you Date of Birth?

Also, can I have your primary health insurance?
(No Medicare Part B or Medicaid)
(Diabetics with Medicare accompanied with private insurance, Share private insurance with Pharma Rep)

Before I'm going to transfer you to the pharmacy specialist that's going to get you setup, I just want ask you if there are any issues with your health that I may be able to help with?

-(Site exaples-e.g. back pain, join pain, diabetic neuropathy etc.)

Because you are eligible to receive a new compounded pain cream at little to no cost to you. The pain cream is a much more effective option than normal medication.
Also, it will help get rid of any pain you may be having.

-Ask for the pain location (start with the most severely affected location)

Ok! Great. Just make sure you CLEARLY STATE that you are willing to switch suppliers to the pharmacy affiliate, so you can receive your mention supplies on time and on a regular basis. Just one second while I get the diabetic specialist on the line. She is going to verify your doctor and make sure you have the proper billing information for your insurance and then we will get that sent out for you immediately.

Please stay on the line okay?
----transfer call----
(WHEN TRANSFERRING A CALL ALWAYS PROVIDE THE DIABETIC’S PRIVATE INSURANCE TO PHARMA SPECIALIST)


DIABETIC LIVE TRANSFER GUIDELINES.DOCX
LIVE XFER DIRECTIONS:

It is important inform the patient they may need to switch suppliers. A Diabetic specialist will explain the detailed options after verifying Contact Info/ Insurance info / Dr. Info.
Specialists will accept introduction with either short or long form info.

  TO TRANSFER A CALL TO THE DIABETIC SPECIALIST: AGENT INTERFACE:
TRANSFER>Presets>MedCare Pharmacy>DIAL WITH CUSTOMER>LEAVE 3 WAY CALL

INTRODUCE THE PATIENT TO THE SPECIALIST AND LET THE AGENT KNOW WHICH PRODUCT THE PATIENT IS INTERESTED IN (EX: DIABETIC TESTING SUPPLIES, PAIN GEL, ETC).

IF YOU HAVE ASKED THE PATIENT FOR INSURANCE/DR INFO, THEN TELL THE SPECIALIST THE INFO YOU WERE ABLE TO VERIFY WITH THE PATIENT.
PLEASE SPEAK CLEARLY AND LEAVE THE CONFERENCE QUIETLY.
ONCE YOU HAVE COMPLETED THE INTRODUCTION QUIETLY LEAVE THE CALL.
ANY NOISE DURING THE RECORDED ENROLLMENT PROCESS WILL VOID THE LEAD.


------------------------------------------------------------------------

HEALTH SOURCE

- Health Source represents Pharmacy affiliates. Our purpose is to supply quality Pharmacy services and products to the comfort and privacy of our patients homes at little or no cost to the patient.

- We are looking for patients who need diabetic testing supplies.

-We offer all meters/strips, medical supplies, Braces, and Compound Rx Medications shipped to the patients home on a regular basis at no cost to them.

------------------------------------------------------------------------

Agent Notes:

- Remember only transfer when the patient is interested in receiving Diabetic testing supplies by mail. This service is provided by our affiliate pharmacy.

- When a patient asks a question that you do not know, simply transfer the call and inform the patient "a diabetic specialist will better answer your question, If you would like I can transfer you now……(xfer to Pharmacy)".

- Engage patients in conversation that will stimulate a positive rapport without wasting time. Be efficient with your time and know when to hangup. Many patients will speak on and on with no intention of enrolling in our service……. Reports, Graphs, and Call-Data Metrics reflect a positive correlation between top producing agents to agents with the longest call time averages.
On average, the best agents spend more time on on each call because they stay close to the script, establish a rapport, all while speaking clearly and slowly.
      Ex: Confirm a street
address/dob/PolicyInfo/doctor/etc, Ask about the weather, mention a personal experience, discuss your health concerns, etc.. NEVER let a patient control a conversation. Stick to the point and get back to your script as quickly as possible.

- Remember only transfer if the patient is interested in receiving Diabetic testing supplies by mail. This service is provided by our affiliate pharmacy located in sunny south Florida,

Sent from my iPhone

John Krawczyk
Visionary Leads
CMO
215-949-3636
www.visionaryleads.com
www.seomanagementconsultants.com
www.classesanddegree.com (2016-02-25 Link removed - Domain already not exists)
www.diabeticdesk.com

I’ll suggest in this case making for your own security a recording of the transferred call. This is technical possible if your VoIP system is staying in the media path after the transfer. It uses a little bit more traffic but you have afterwards something what you can present to any fraud investing official.


The client is only paying per lead and it seems to be very hard to sell his products. Why else should he write already the fraud into the script?

 

If we take a look at the listed domains in the signature than we find out that:

  • seomanagementconsultants.com is registered at May 15, 2012, where the registrant, admin and tech contact is John Krawczyk
  • visionaryleads.com is registered at June 3, 2013, where the registrant, admin and tech contact is John Krawczyk
  • classesanddegree.com (2016-02-25 Link removed - Domain already not exists) is a new domain, registered at September 30, 2014. This site is already registered to an address in India and has a corresponding bad reputation.
  • diabeticdesk.com is also a new domain, registered at November 23, 2014. This site is registered to an India address and has a very high risk.
  • classesanddegree.com (2016-02-25 Link removed - Domain already not exists) and diabeticdesk.com are hosted at a server, which have one more high risk site on it: ropemediahouse.com
  • Interesting is in any case that ropemediahous.com and classesanddegree.com (2016-02-25 Link removed - Domain already not exists) have the same owner, who does even not know what is a street and a house number:
    classesanddegree.com: Rope Media Pvt Ltd, Gurgaon, 122001 Haryana, India, +91.9818555403
    ropemediahouse.com: Rope Media Private Limited, Vasant Kunj, 110070 New Delhi, +91.01244306053

If we take a look at the website www.diabeticdesk.com then we know why only leads for diabetic measurement products are getting paid. There is no other product offered then diabetic measurements. Drugs are not offered. For this the necessary drugs will not get shipped. It would be better to get a campaign from or for a drugstore. In such a case the call center will not cheat some people.

 

The name John Krawczyk sounds and seems to be a Polish name. In combination with the facts above I remember an old Austrian proverb: “Come and visit Poland - Your car is already there.”

It seems for me that there is an organized fraud happening. It can be possible too, that John Krawczyk is getting used from the scammer from India.

 

Registration information of the used Domains:

Domain Name: SEOMANAGEMENTCONSULTANTS.COM
Registry Domain ID: 1720656451_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: [link removed] Date: 2014-05-16T10:52:36Z
Creation Date: 2012-05-15T22:00:03Z
Registrar Registration Expiration Date: 2015-05-15T22:00:03Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Phone: +1.480-624-2505
Domain Status: clientTransferProhibited [link removed] Status: clientUpdateProhibited [link removed] Status: clientRenewProhibited [link removed] Status: clientDeleteProhibited [link removed] Registrant ID:
Registrant Name: John Krawczyk
Registrant Organization: FIRST CHOICE DEBT RELIEF
Registrant Street: 5 Neshaminy Interplex
Registrant Street: suite 300
Registrant City: Trevose
Registrant State/Province: Pennsylvania
Registrant Postal Code: 19053
Registrant Country: United States
Registrant Phone: (215) 609-0122
Registrant Phone Ext:
Registrant Fax: (215) 543-5736
Registrant Fax Ext:
Registry Admin ID:
Admin Name: John Krawczyk
Admin Organization: FIRST CHOICE DEBT RELIEF
Admin Street: 5 Neshaminy Interplex
Admin Street: suite 300
Admin City: Trevose
Admin State/Province: Pennsylvania
Admin Postal Code: 19053
Admin Country: United States
Admin Phone: (215) 609-0122
Admin Phone Ext:
Admin Fax: (215) 543-5736
Admin Fax Ext:
Registry Tech ID:
Tech Name: John Krawczyk
Tech Organization: FIRST CHOICE DEBT RELIEF
Tech Street: 5 Neshaminy Interplex
Tech Street: suite 300
Tech City: Trevose
Tech State/Province: Pennsylvania
Tech Postal Code: 19053
Tech Country: United States
Tech Phone: (215) 609-0122
Tech Phone Ext:
Tech Fax: (215) 543-5736
Tech Fax Ext:
Name Server: NS05.DOMAINCONTROL.COM
Name Server: NS06.DOMAINCONTROL.COM
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: [link removed] update of WHOIS database: 2015-01-05T21:00:00Z
Domain Name: VISIONARYLEADS.COM
Registry Domain ID: 1805955020_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: [link removed] Date: 2014-06-04 07:52:36
Creation Date: 2013-06-03 15:17:46
Registrar Registration Expiration Date: 2015-06-03 15:17:46
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Phone: +1.480-624-2505
Domain Status: clientTransferProhibited
Domain Status: clientUpdateProhibited
Domain Status: clientRenewProhibited
Domain Status: clientDeleteProhibited
Registry Registrant ID:
Registrant Name: John Krawczyk
Registrant Organization: SEO
Registrant Street: 5 Neshaminy Interplex
Registrant Street: suite 300
Registrant City: Trevose
Registrant State/Province: Pennsylvania
Registrant Postal Code: 19053
Registrant Country: United States
Registrant Phone: 2156090122
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registry Admin ID:
Admin Name: John Krawczyk
Admin Organization: SEO
Admin Street: 5 Neshaminy Interplex
Admin Street: suite 300
Admin City: Trevose
Admin State/Province: Pennsylvania
Admin Postal Code: 19053
Admin Country: United States
Admin Phone: 2156090122
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Registry Tech ID:
Tech Name: John Krawczyk
Tech Organization: SEO
Tech Street: 5 Neshaminy Interplex
Tech Street: suite 300
Tech City: Trevose
Tech State/Province: Pennsylvania
Tech Postal Code: 19053
Tech Country: United States
Tech Phone: 2156090122
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Name Server: NS71.DOMAINCONTROL.COM
Name Server: NS72.DOMAINCONTROL.COM
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: [link removed] update of WHOIS database: 2014-07-31T19:00:00Z
Domain Name: CLASSESANDDEGREE.COM
Registry Domain ID: 1878271185_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: [link removed] Date: 2014-09-30T09:27:16Z
Creation Date: 2014-09-30T09:27:16Z
Registrar Registration Expiration Date: 2015-09-30T09:27:16Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Phone: +1.480-624-2505
Domain Status: clientTransferProhibited [link removed] Status: clientUpdateProhibited [link removed] Status: clientRenewProhibited [link removed] Status: clientDeleteProhibited [link removed] Registrant ID:
Registrant Name: Rope Media
Registrant Organization: Rope Media Pvt Ltd
Registrant Street: Gurgaon
Registrant City: Gurgaon
Registrant State/Province: Haryana
Registrant Postal Code: 122001
Registrant Country: India
Registrant Phone: +91.9818555403
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registry Admin ID:
Admin Name: Rope Media
Admin Organization: Rope Media Pvt Ltd
Admin Street: Gurgaon
Admin City: Gurgaon
Admin State/Province: Haryana
Admin Postal Code: 122001
Admin Country: India
Admin Phone: +91.9818555403
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Registry Tech ID:
Tech Name: Rope Media
Tech Organization: Rope Media Pvt Ltd
Tech Street: Gurgaon
Tech City: Gurgaon
Tech State/Province: Haryana
Tech Postal Code: 122001
Tech Country: India
Tech Phone: +91.9818555403
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Name Server: NS1.ROPEMEDIAHOUSE.COM
Name Server: NS2.ROPEMEDIAHOUSE.COM
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: [link removed] update of WHOIS database: 2015-01-21T16:00:00Z
Domain Name: DIABETICDESK.COM
Registry Domain ID: 1886767790_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: [link removed] Date: 2014-11-23T15:42:00Z
Creation Date: 2014-11-23T15:42:00Z
Registrar Registration Expiration Date: 2015-11-23T15:42:00Z
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Phone: +1.480-624-2505
Domain Status: clientTransferProhibited [link removed] Status: clientUpdateProhibited [link removed] Status: clientRenewProhibited [link removed] Status: clientDeleteProhibited [link removed] Registrant ID:
Registrant Name: Magna Outsourcing
Registrant Organization: Magna Outsourcing
Registrant Street: CP-31 1st Floor Sonka Galaxy Tower Gomti Nagar
Registrant City: Lucknow
Registrant State/Province: Uttar Pradesh
Registrant Postal Code: 226010
Registrant Country: India
Registrant Phone: +91.9161867901
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registry Admin ID:
Admin Name: Magna Outsourcing
Admin Organization: Magna Outsourcing
Admin Street: CP-31 1st Floor Sonka Galaxy Tower Gomti Nagar
Admin City: Lucknow
Admin State/Province: Uttar Pradesh
Admin Postal Code: 226010
Admin Country: India
Admin Phone: +91.9161867901
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Registry Tech ID:
Tech Name: Magna Outsourcing
Tech Organization: Magna Outsourcing
Tech Street: CP-31 1st Floor Sonka Galaxy Tower Gomti Nagar
Tech City: Lucknow
Tech State/Province: Uttar Pradesh
Tech Postal Code: 226010
Tech Country: India
Tech Phone: +91.9161867901
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Name Server: NS1.ROPEMEDIAHOUSE.COM
Name Server: NS2.ROPEMEDIAHOUSE.COM
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: [link removed] update of WHOIS database: 2015-01-21T16:00:00Z
Domain Name: ROPEMEDIAHOUSE.COM this domain is only at the same Server.
Registry Domain ID: 1860052127_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.godaddy.com
Registrar URL: [link removed] Date: 2014-05-24 12:58:24
Creation Date: 2014-05-24 12:58:24
Registrar Registration Expiration Date: 2015-05-24 12:58:24
Registrar: GoDaddy.com, LLC
Registrar IANA ID: 146
Registrar Abuse Contact Phone: +1.480-624-2505
Domain Status: clientTransferProhibited
Domain Status: clientUpdateProhibited
Domain Status: clientRenewProhibited
Domain Status: clientDeleteProhibited
Registry Registrant ID:
Registrant Name: Rope Media
Registrant Organization: Rope Media Private Limited
Registrant Street: Vasant Kunj
Registrant Street: Vasant Kun
Registrant City: New Delhi
Registrant State/Province: Delhi
Registrant Postal Code: 110070
Registrant Country: India
Registrant Phone: +91.01244306053
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registry Admin ID:
Admin Name: Rope Media
Admin Organization: Rope Media Private Limited
Admin Street: Vasant Kunj
Admin Street: Vasant Kun
Admin City: New Delhi
Admin State/Province: Delhi
Admin Postal Code: 110070
Admin Country: India
Admin Phone: +91.01244306053
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Registry Tech ID:
Tech Name: Rope Media
Tech Organization: Rope Media Private Limited
Tech Street: Vasant Kunj
Tech Street: Vasant Kun
Tech City: New Delhi
Tech State/Province: Delhi
Tech Postal Code: 110070
Tech Country: India
Tech Phone: +91.01244306053
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Name Server: NS1.ROPEMEDIAHOUSE.COM
Name Server: NS2.ROPEMEDIAHOUSE.COM
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: [link removed] update of WHOIS database: 2014-11-17T14:00:00Z

 

Diabetic Desk.pdf (324KB)

 

Tags: , , , , , , , , , , , , , , , , , , ,

Scammer Exposed

Top Outsourcing Concerns
by Rudolf Faix Monday, March 2, 2015 1:30 AM

Hiring an offshore call center provider can make even the most seasoned executive a little bit nervous. In reality, there are many reasons to be nervous. An external company is being hired to speak directly with your customers on your behalf. However, these concerns can be overcome by hiring the right call center. 

Here are the top outsourcing concerns:

  1. Scam
    You'll find scam everywhere where business is done. Especially by doing business over the Internet. For this make a background check about your future business partner. Scammer are lazy, they are even to lazy that they are informing themselves about the business. For this are able to find out if you are talking with a real business partner by asking him specific questions about his work. A scammer will not be able to give you a suitable answer to your questions.

  2. Quality
    You know your product best. If you provide quality by a good presentation of your product, a good FAQ, the differences to your competitors and good sales arguments then it will be easy to get the telemarketers trained to sell your product.

    Don't choose cheap Internet offers for buying the data, which the telemarketer shall call. This data are already heavy used and for this is it difficult to sell something by calling. People, which are already angry at the time picking up their phone, will very seldom take an advantage of even a good offer. The most good data provider are only selling their data packages only inside the country. For this is it very hard for an offshore call center to get such quality data.
    You get what you pay for - nobody is able to work for free for you and a call center is not a data provider. Quality call centers will use your data only for your campaigns.

    So many outsourcing companies do not provide dialing data. Reason is they don't wanna mess with keeping the center up to date, because the company have their agents and other tons of center they work with. In many cases company pays huge amount to other companies in place of giving them data . That is exactly the wrong way for a successful outsourcing. 

    Choose a call center where the agent is immediately on the phone when he calls you. Playing a prerecorded message first will tell to the called one, that a call center is calling, which likes to sell something to him. The most of the dialer are working in a different way. There the agent picks up the phone only if the called one is already in the line.

  3. Loss of control
    Quality call centers are offering features, which are giving you the same possibilities like at an inhouse call center. You can can get:
    * actual status of the calls done for you
    * a spy connection where you can listen the actual call
    * recordings immediately after the hangup of the call
    * actual online call detail records after the call ended
    * a direct connection to the agents working for you
    Use all this possibilities for make the best out of your outsourcing process. The only difference to an inhouse call center is that you can communicate with "your" agents only over the phone or by using some messenger like Skype, Viber, Whatsapp, etc.

  4. Language
    The accent is not so important like the sales talent of the agent. Our best telemarketer in Austria is coming from Romania. If your mother tongue is German, than you hear that she is not a native German speaker, but it does not matter if she sell something to a customer coming from Austria, Germany or Switzerland. She has in any case success. So don't overweight the language barrier. The sale can be even be easier for such people than for native speakers.

  5. Price
    Offshore outsourcing is cheaper than to run your own call center, but don't expect that the big savings are already during the first month. You have to invest some time into the training of "your" agents and you have to listen to the recordings and tell them where they are making failures and give them some information how they can improve their performance. It is the same work like you need to do by hiring a new staff. The savings are coming with the time. Mostly they are starting during the second month.

 

 

Tags: , , , , , , , , , ,

Call Center Quality Guidelines

NSA Planted Stuxnet-Type Malware Deep Within Hard Drive Firmware
by Rudolf Faix Wednesday, February 18, 2015 12:51 PM

The U.S. National Security Agency (NSA) may be hiding highly-sophisticated hacking payloads in the firmware of consumer hard drives over the last 15 to 20 years in a campaign, giving the agency the means to eavesdrop on thousands of targets’ computers, according to an analysis by Kaspersky labs and subsequent reports.

 

'EQUATION GROUP' BEHIND THE MALWARE

The team of malicious actors is dubbed the the "Equation Group" by researchers from Moscow-based Kaspersky Lab, and describes them as "probably one of the most sophisticated cyber attack groups in the world," and "the most advanced threat actor we have seen."

The security researchers have documented 500 infections by Equation Group and believes that the actual number of victims likely reaches into the tens of thousands because of a self-destruct mechanism built into the malware.

 

TOP MANUFACTURERS' HARD DRIVES ARE INFECTED

Russian security experts reportedly uncovered state-created spyware hidden in the hard drive firmware of more than dozen of the largest manufacturers brands in the industry, including Samsung, Western Digital, Seagate, Maxtor, Toshiba and Hitachi.

These infected hard drives would have given the cyber criminals persistence on victims' computers and allowed them to set up secret data stores on the machines, which is only accessible to the malicious hackers.

 

UNABLE TO REMOVE THE INFECTION

One of the most sophisticated features of these notorious piece of hacking tools is the ability to infect not just the files stored on a hard drive, but also the firmware controlling the hard drive itself. The malware is hidden deep within hard drives in such a way that it is difficult to detect or remove it.

If present, once the victim insert that infected storage (such as a CD or USB drive) into an internet-connected PC, the malicious code allows hackers to snoop victims' data and map their networks that would otherwise be inaccessible.

Because the malware isn't sitting in regular storage, so it is almost impossible for a victim to get rid of it or even detect it. Such an exploit could survive a complete hard drive wipe, or the re-installation of an operating system, and "exceeds anything we have ever seen before," the company's researchers wrote in a report.

 

MORE ADVANCED TECHNIQUES USED BY EQUATION GROUP

The firm recovered two modules belonging to Equation group, dubbed EquationDrug and GrayFish. Both were used to reprogram hard drives to give the malicious hackers ability to persistently control over a target machine.

GrayFish can install itself into computer's boot record — a software code that loads before the operating system itself — and stores all of its data inside a portion of the operating system known as the registry, where configuration data is normally stored.

 GrayFish architecture - Kaspersky Labs

EquationDrug, on the other hand, was designed to be used on older versions of Windows operating systems, and "some of the plugins were designed originally for use on Windows 95/98/ME" - very old versions of Windows OS that they offer a good indication of the Equation Group's age.

 

TARGETED COUNTRIES AND ORGANISATIONS

The campaign infected tens of thousands of personal computers with one or more of the spying programs in more than 30 countries, with most infections seen in Iran, followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria.

The targets included government and military institutions, telecommunication providers, banks and financial institutions, energy companies, nuclear researchers, mass media organisations, and Islamic activists among others.

Equation Group Victims Map - Kaspersky Labs 

'ANCESTOR' OF STUXNET & FLAME

Security researchers are calling the malware as the "ancestor" of Stuxnet and Flame, the most sophisticated and powerful threats that were specially designed to spy and sabotage ICS and SCADA systems.

 

LINKS TO NSA

Kaspersky declined to publicly name the country or agency behind the spying campaign, but said it was closely linked to Stuxnet — the NSA-led cyberweapon that was used to sabotage the Iran's uranium enrichment facility.

Also, the similarities when combined with previously published NSA hard drive exploits have led many to speculate that the campaign may be part of the NSA program. NSA is the agency responsible for global surveillance program uncovered by Whistleblower Edward Snowden.

Another reason is that most of the infections discovered by the Moscow-based security firm have occurred in countries that are frequently US spying targets, such as China, Iran, Pakistan and Russia.

Meanwhile, Reuters reported sources formerly working with the NSA confirmed the agency was responsible for the attacks and developed espionage techniques on this level.

 

NSA INVOLVEMENT COULD BE RISKY

In case, if NSA found to be involved, the malicious program would have given the NSA unprecedented access to the world's computers, even when the computers are disconnected from the outer web. Computer viruses typically get activated as soon as a device is plugged in, with no further action required, and this because the viruses are stored on a hard drive's firmware.

Back in July, independent security researchers discovered a similar exploit targeting USB firmware — dubbed BadUSB — however there was no indication of the bugs being developed and deployed by Equation Group at this scale.

The issue once again raises the questions about the device manufacturers' complicity in the program. They should take extensive and sustained reverse engineering in order to successfully rewrite a hard drive's firmware.

For its part, the NSA declined to comment on the report.

 

Tags: , , , , , , , , , , ,

Security

Filter by APML

AboutMe

I'm since more then 35 years in the computer business (programming and technical support) and using the Internet since it has started. Since 2002 I'm programming solutions for Asterisk and since 2004 I'm in the call center industry.

Disclaimer

All data and information provided on this site is for informational purposes only. I make no representations as to accuracy, completeness, currentness, suitability, or validity of any information on this site and will not be liable for any errors, omissions, or delays in this information or any losses, injuries, or damages arising from its display or use. All information is provided on an as-is basis and is only representing my own opinion. By browsing or using content from this site you accept the full legal disclaimer of this website.