Sorry I have been quiet for a while, just got back from vacation. Here's something I found in my inbox:

From: United Parcel Service <admkgtxokpqc@bodiesbymahmood.com>
Date: Mon, 14 Jul 2008 10:00:05 -0600
To: flyte new media <contact@flyte.biz>
Subject: UPS Paket N3754519698

Unfortunately we were not able to deliver postal package you sent on July the 1st in time
because the recipient's address is not correct.
Please print out the invoice copy attached and collect the package at our office

Your UPS

First tip-off that this wasn't legitimate? Misspelling the word "packet." Second tip-off was the poor grammar of the first letter. Third was the missing period at the end of the last sentence.

Final tip-off was the return email address. I don't believe UPS owns the bodiesbymahmood.com domain. Just saying.

Rich Brooks
Scam Artiste

I'm a t-shirt kind of guy. In fact, Threadless is one of my favorite Web sites and controls much of my wardrobe. Recently, however, I found a couple of Ts I liked over at Busted Tees and purchased them.

What a mistake.

When the package arrived the packing slip was correct--two shirts, both large--but one of the shirts was a small. No big deal, right? I called customer support and a nice guy told me he was really sorry and someone would call back the next day to help me out.

Nearly a week passed, but no call. So I called back.

Someone else, who was very nice, apologized again. She had no record of my call, but promised that she would have someone call me back. I asked why she couldn't help me out, but it turns out that she doesn't actually work for Busted Tees. All she can do is report my problem to the company and they'll take care of it. (Or not.)

Two more days passed. I called a third time. Again, a very nice person answered who apologized for nothing happening. Again, he said he would tell the company and someone would get back to me. I explained that I didn't quite believe them anymore, so if I didn't hear back from them I would just talk to my credit card company and have the charge removed. He told me he would pass along the message.

On the following Monday I sent an email. Finally a response. They told me to ship the t-shirt to them and they'd replace it. I told them that I no longer had the packaging because it had been ripped when I opened it, and couldn't they just do the right thing and send me the right shirt and I'd send back the wrong shirt when I got it...after all, I certainly had been patient w/their non-existent customer service. She agreed.

Two weeks passed and I didn't receive the shirt. So I emailed again. Someone else told me the shirt had shipped. Unfortunately, they were talking about the original shipment and had no record of a new shirt being shipped out, despite me having a written promise that it would be.

I asked if they would please send out the shirt right away so we could put this to bed. They told me that they would forward my message to the company.

Arrgh!

Admittedly, in the universe of real problems, this is a very small planet. Perhaps even a moon. But if this was your company, would you treat your customers this way? I mean, everyone--every business, every person and every organization--makes mistakes. It's how we handle these mistakes that creates either customers for life...or angry blog posts.

Rich Brooks
Threadless Customer...for Life

Follow Up: Shortly after reading this post someone from Busted T's left a comment with an email. I followed up, and two days later I had received not only the t-shirt I ordered (right), but another cool one as an apology. I also got to keep the original t-shirt which I gave to my wife. Perfect fit.

The moral of this story? If you're a business, take care of your customers. Also, have a Google Alert or a Technorati RSS feed on your company name, so you know when people are talking smack about you.

If you're a customer, it helps to have a healthy blog. What you can't accomplish through phone or email may have legs in the blogosphere.

Today I received a fairly sophisticated PayPal phishing scam that made me take a second look.

It was in no small part due to the fact that I had received some PayPal payments recently for our How to Plan, Build and Promote a Business Blog workshop and just moved them to our bank account.

The subject line: "Your Account Has Been Flagged ! " was good; it's probably fairly accurate to what PayPal might say, except for the floating exclamation point.

Almost all the links within the email go to a real PayPal page, further confusing the average recipient. It's only the "Click here to verify your Information" with it's odd capitalization that links to the faux site.

At this bogus site the scammer will ask you to login with your PayPal username and password. Then he (or she) has all they need to access your PayPal account and more.

How can you protect yourself as the scam artists get more savvy? Easy: never click on a link in an email. Instead, visit Paypal.com (or whatever site is appropriate) and log in there.

No legitimate banking related site will include links to their Web site from an email. They've all had to deal with angry, deceived customers. They will tell you to visit their site by typing it in to your Web browser and go there.

Rich Brooks
Putting the Pal in PayPal

If you've received a receipt for your Payment to Debbie's RC World through your PayPal account you can delete it; it's a scam.

The goal of this phishing scam is to get you to click on the Dispute Transaction and give up your username/password at a fake PayPal site.

Item Name: Sportwerks Raven ST RTR Electric Truck
Cost: $175.00
Email: eric@debbiesrcworld.com

Remember: Never click on a link in an email. If you're unsure, go to the Web site directly and log into your account.

Rich Brooks
Making the Internet Safer for You Since 1997

If you received an email about your recent eBay purchase of a Digimax 130, you don't need to bother clicking the Dispute Transaction link.

This is an all-too-common scam to get you to give up your PayPal login information, so don't fall for it.

In the version I received, the Payment Details included:

Amount: $47.85 USD

Transaction ID: 2LC956793J776333Y

Subject: Digimax 130

The seller was named as Edward Harrell, eBay user ID: scratchandgnaw2, although if there really is an Edward Harrell of Springtown, Texas, you can be sure he had nothing to do with this.

Rich Brooks
You Watch My Back, I'll Watch Yours

So, despite never signing up for it--and being a life-long Mac user--I continue to get Microsoft Office Live Advisor, an email newsletter targeting small business owners who use Microsoft products.

Today I tried to unsubscribe again. The message was different this time, so apparently they realized their previous message was completely frustrating and obtuse. Unfortunately, the messaging has changed, but not their unintuitive, bass ackwards, completely assinine method (not) allowing people to unsubscribe.

After clicking on the Unsubscribe link in the email, I'm taken to a page with the following information:

You've reached this page because you want to subscribe/unsubscribe to e-mail newsletters, or want us to stop sending you e-mail messages altogether. You can set your preferences at the Profile Center.

To reach the Profile Center, you will need to give us your Passport and password, so we can be certain someone isn't impersonating you. If you haven't registered with us before, we will ask you to create a Passport. Why? So we can be certain we never send mail unless you say so.

Who wrote this, George Orwell? To unsubscribe to an email I never subscribed to I need to take the time to create a Microsoft profile. And why? "So we can be certain we never send mail unless you say so."

Ummm...too late!

And Microsoft wants us to buy into their anti-spam technology? First they should get their own house in order.

Rich Brooks
Take Me Off Your Damn List!

I received an email from TD Banknorth (not) today that was an obvious phishing scam. Just in case you happened to receive a similar email today, you can safely delete it.

The telltale signs?

• Addressed to "TD Banknorth Customers." Doesn't seem very specific. Even if the bank doesn't include your name, they're likely to realize that you're just one person, not all of their customers.
• "We Kindly as you to confirm and update your details". Unnecessary capitalization of Kindly, and no period at the end of this sentence.
• "We offer you a new convenient and safe high-quality level of service to handle you ATM card." I think they meant "your."

We're all in trouble if phishing scammers ever learn to use good grammar.

But most importantly? They ask you to click through the email to their "site." Any legitimate bank will not include a link to their site and instead ask you to visit them by typing in the bank's URL. When I looked at the source code, I could see that the link is actually going to http://www.upshotokai.com/modules/Forums/language/north/index.htm which is obviously not a TD Banknorth URL.

Rich Brooks
Helping Keep You Money Safe

We're not getting much work done here today at flyte. Everyone keeps running into my office and the conference room to watch the effects of the storm. The road/pier to the left of our office is fully submerged. There's actually lobster buoys floating aimlessly down Portland Pier.

Good tires are a requirement for a day like today, which is an interesting coincidence, given the email below.

A client (OK, my dad), recently forwarded me this email from "PayPal" to confirm his concerns that this was a scam:

This e mail confirms that you have paid V***** Tire Sales
(sales@v*****tire.com) $379.00 USD using PayPal.
This credit card transaction will appear on your bill as "PAYPAL *V*****
TIRE".
------------------------------------------------------------------------

Payment Details
Transaction ID:    0EW23032ET502103Y
Total:    $379.00 USD
Item/Product Name:    Pirelli PZero Nero (M+S) P255/35ZR20 97W
Item/Product Number:    2528
------------------------------------------------------------------------

Business Information
Business:    V***** Tire Sales
Contact E-Mail:    sales@v*****tire.com
------------------------------------------------------------------------

Shipping Address
Shipping Info:    D*************s
4310 T***** ST
Dallas TX 75423
United States
Address Status:    Unconfirmed
------------------------------------------------------------------------
Wit h PayPal, you.re protected against unauthorized payments sent from your
account.This payment will not appear in your PayPal account until we verify
this transaction.If you would like to escalate this dispute to a PayPal
claim, you must do so or it will automatically close. A closed dispute
cannot be reopened or escalated to a claim.If this is transaction is not
authorized, click on the link below to fill a claim and cancel the payment.
                                 Dispute Transaction
------------------------------------------------------------------------

Thank you for using PayPal!
The PayPal Team   

Please do not reply to this email. This mailbox is not monitored and you
will not receive a response.
PayPal Email ID PP120

Although I couldn't look at the original email and see where the link went (it certainly didn't go to PayPal), I was able to confirm this was a PayPal scam similar to when Santa wanted my PayPal login info.

In other words: Ignore it!

Update: You may wonder why there are so many * in this post. I recently received a very nice email from the good people at V***** Tires. You can imagine how tough this has been on them, since they are in no way involved with this scam.

For whatever reason this post has risen in the search engine rankings and is hurting their brand. Since this scam seems to be past, I removed all of the references I could find.

I also want to thank them for writing me such a polite email rather than serving me with a cease and desist letter, or taking an aggressive stance. Other companies could learn from their behavior.

Thanks to Jonathan Braden for the cell phone photo of Portland Pier. It's tough to make out in the photo, but that car is up to its headlights in water.

Rich Brooks
Waterproof Web Design

Today I received an email from Microsoft Office Live Advisor.

Being a big time Mac user and fan, I know I never signed up for any Microsoft products. Recently I've been receiving emails (through our contact form) and phone calls reaching out to me regarding their whole Office Live thing, but I've either ignored the requests or gracefully declined.

Today I got an email with the impeccable subject line, "Picking a great domain name - TEST". [Great quality control, no?]

There's an unsubscribe link at the bottom so I clicked on it. Instead of a page that confirmed my unsubscription, I got a page where I have to sign in with a Windows Live ID, which of course I don't have.

However, I can sign up for a Windows Live ID, which seems an odd requirement to unsubscribe from their unsolicited email newsletter. Since I don't want to do that, I find another link on the page that promises to allow me to manage my contact preferences from Microsoft, which I believe is corporate-speak for unsubscribing. Now, on a mission, I click that link.

My first option here is to go to the Microsoft.com profile center where I can choose whether I want to receive marketing messages from Microsoft. Hmmm...I thought that was the point of this page, but whatever. I click the link. I'm back to the previous page where they want me to sign up for a Windows Live ID. (Did I mention I never signed up for this freakin' email newsletter to start with?)

I hit the back button and choose my second option, to manage my communication preferences from MSN and Windows Live. Is this where the email came from? I check and see it's from "Microsoft Office Live Advisor." Well, the word "live" is in there. I click. I find myself on an MSN sign in page asking for my Windows Live ID or if I'd like to sign up for one. Hit the back button again.

The next option is to be able to subscribe or unsubscribe from MSN Newsletters. Well, the word unsubscribe is here, even though it doesn't appear this is an MSN newsletter. I click on.

I'm asked for my email address. Since this is annoying but not unheard of when trying to unsubscribe from an email newsletter I enter it. I get the following alert:

Virus and spyware scan? Don't they realize I'm on a Mac? I hit "Cancel" and surprisingly it lets me move forward. Unfortunately I'm on a page entitled Register for MSN Newsletters. I'm required to login, which brings me back to the MSN sign in page. Argh! Let's back up again.

The next option is to manage my XBox Live account, which I know is incorrect, (even though I do have an XBox 360, the beset thing to every come out of Redmond.)

The final option is only if I'm registered with the Microsoft Partner Programs, which I'm not.

So I guess even though I never signed up for this email newsletter I'm doomed to receive it for all time since Microsoft won't let me unsubscribe to their opt-out email.

I guess there's nothing left to do but blog about it....

Rich Brooks
Loyal Subscriber to Microsoft Office Live Advisor

If you've recently received an email from the Domain Notification Central, you can delete it and be at ease.

This grammar-and-spelling-challenged company will try and scare Web site owners into buying redundant domains with the .us suffix. For example, from the email I just received:

Please be advised that the above noted domain name has now become available for registration.

Consequently the possibility of a conflicting domain registration may occur.

I mean, what the hell does that even mean? "A conflicting domain registration" doesn't even mean anything. The email I received had paragraph after paragraph of meaningless, lawyer-like gibberish meant only to frighten people out of their money.

Since I can't blog about every scoundral out there, here's a good tip for anytime someone or some business you don't know asks for money: Google them.

While the Domain Notification Central (the name sounds like it was written by an automated translation service) come up first for their own name, the rest of the Google results page are warnings against this company.

Googling a company's phone number or fax number seems to give even better results, as often people share horror stories at their blog or in a discussion forum, sharing these tidbits of information. Googling 1-800-270-5944 brings up posts like:

• Web Piracy, Scams, and Dastardly Deeds - Smyrl.Biz
• Stupid TOASTEDspam - notificationcenter.us 0001 - 2004-07-26 ...
• Consumer Alert and
• really great sex call 1-800-270-5944 in Printable view

I'm guessing the last one was a prank to get back at the Domain Notification Central, but perhaps further investigation is required.

No matter what the medium, there will always be people trying to scam you. At least with the internet, you're one search query away from an answer.

Rich Brooks
Reporting Internet Scams