Singapore Airlines Free First Class Tickets WhatsApp scam

Lately, I kept receiving the following message from contacts on my business WhatsApp number:

Hello, Singapore Airline is giving away 2 Free FirstClass Tickets to celebrate 45th anniversary, Now you can get your tickets too ! go here to get it: http://www.singaporeaır.com/firstclass Enjoy your flight!.

singapore air free business class tickets whatsapp scam

It is surprising how careless people can be when forwarding such messages around. There are a few things in the message above that clues one in on its authenticity:

  1. The English. Singapore Airlines was spelled without an “s” at the back, Inconsistent and unnecessary capitalisation of letters, inappropriate spaces and punctuation.
  2. The hyperlink might appear to be singaporeair.com but if you take a closer look, you will notice that there’s something wrong with the letter “i” in the word “air”. We’ll elaborate below.

So what happened to the dot in the “i”? Turns out that the letter is actually:

ı

The letter i without a dot above.

Source: Wikipedia

This is a visual trick used by people with malicious intention to lower the guard of people who have learned to be suspicious of obviously dubious URLs. These people will go “Hey the URL looks legit” and proceeds to click on it.

By the time I found some time to write this post, the site has been taken down. However, I still want to explain more about the web technologies used to bait people to the site.

How did the scammer do it?

Scammers have been using internationalized domain names (IDN) to create resemblance to leigitimate domain names for some time now. But because DNS servers cannot handle the unicode characters of IDNs, Punycode is used to convert the unicode back to ASCII characters. For the above domain, www.singaporeaır.com actually converts to www.xn--singaporear-8zb.com. And if you were you look up the domain name, it claims to be registered in the Bahamas:

Domain Name: XN–SINGAPOREAR-8ZB.COM
Registry Domain ID: 2182998491_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.internet.bs
Registrar URL: http://www.internetbs.net
Updated Date: 2017-11-04T05:16:54Z
Creation Date: 2017-11-04T04:45:22Z
Registrar Registration Expiration Date: 2018-11-04T04:45:22Z
Registrar: Internet Domain Service BS Corp.
Registrar IANA ID: 2487
Registrar Abuse Contact Email: abuse@internet.bs
Registrar Abuse Contact Phone: +1.5167401179
Reseller:
Domain Status: clientTransferProhibited – http://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID:
Registrant Name: Domain Admin
Registrant Organization: Whois Privacy Corp.
Registrant Street: Ocean Centre, Montagu Foreshore, East Bay Street
Registrant City: Nassau
Registrant State/Province: New Providence
Registrant Postal Code:
Registrant Country: BS
Registrant Phone: +1.5163872248
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: xn--singaporear-8zb.com-owner-ysp5@customers.whoisprivacycorp.com
Registry Admin ID:
Admin Name: Domain Admin
Admin Organization: Whois Privacy Corp.
Admin Street: Ocean Centre, Montagu Foreshore, East Bay Street
Admin City: Nassau
Admin State/Province: New Providence
Admin Postal Code:
Admin Country: BS
Admin Phone: +1.5163872248
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: xn--singaporear-8zb.com-admin-85n9@customers.whoisprivacycorp.com
Registry Tech ID:
Tech Name: Domain Admin
Tech Organization: Whois Privacy Corp.
Tech Street: Ocean Centre, Montagu Foreshore, East Bay Street
Tech City: Nassau
Tech State/Province: New Providence
Tech Postal Code:
Tech Country: BS
Tech Phone: +1.5163872248
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: xn--singaporear-8zb.com-tech-qfid@customers.whoisprivacycorp.com
Name Server: ns-canada.topdns.com
Name Server: ns-uk.topdns.com
Name Server: ns-usa.topdns.com
DNSSEC: unsigned
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2017-11-07T06:47:31Z <<<

Registrar: Internet Domain Service BS Corp
Whois Server: whois.internet.bs
Creation Date: 2017-11-04T04:45:22Z
Updated Date: 2017-11-04T05:16:54Z
Expiration Date: 2018-11-04T04:45:22Z

Nameserver: NS-CANADA.TOPDNS.COM
Nameserver: NS-UK.TOPDNS.COM
Nameserver: NS-USA.TOPDNS.COM

The profile of the registrant has been anonymised as part of a value-added service provided by the registrar but even then, we should take the above information with a pinch of salt. One important point to note is that the domain was only registered 3 days ago and we don’t know what else this person plans to do.

Be very careful even if the link was sent by someone you know

Whatever you do, please be very careful even when friends forward links to you via WhatsApp, Facebook or any other platform. There are two main possible scenarios:

  1. Your friend/contact knowingly forwarded the link to you but didn’t know that the link is fake
  2. Your friend/contact’s device sent the link to everyone in the contact list without his/her knowledge. This can happen to a compromised device.

Do your friend/contact a favour and alert him/her about the link instead of just clicking on it. Together, we can foil the plans of these scammers.

[Solved] Intel Compute Stick Wi-Fi broke after Windows 10 Creators Update!

I currently manage a small cluster of 25 Intel Compute Sticks (STK1AW32SC) as a small part of my day job. I allowed Windows 10 to do its regular Windows Update as part of security best practice to protect my devices from unpatched vulnerabilities.

Windows 10 Creators Update came a little late for me, trickling in between July and August 2017. During this period, privacy review dialogues kept appearing on my machines’ displays. After I’m done with all these privacy reviews, the nightmares begun.

Upon reboot after the Windows 10 Creators Update, each and every Intel Compute Stick did not have internet connectivity!

Intel Compute Stick Wireless AC 7265 can't start after Windows 10 Update

I checked and found that the wireless network adapter had disappeared from the Network Connections page!

Intel Compute Stick Wireless AC 7265 can't start after Windows 10 Update

Intel Compute Stick Wireless AC 7265 can't start after Windows 10 Update

Going to Device Manager, I found that the wireless network adapter Intel Dual Band Wirelss AC 7265 has an error on it. On some sticks, the wireless network adapter is totally missing from Device Manager! For this, go to the end of the post to see how you can perform a Network Reset to get back the device entry. For those who can see the Intel Wireless AC 7265 with a yellow triangle, double click it and go to the Driver tab.

Intel Compute Stick Wireless AC 7265 can't start after Windows 10 Update

Intel Compute Stick Wireless AC 7265 can't start after Windows 10 Update

Click Update Driver and then Browse my computer for driver software because you’ll want to rollback to the last version of the driver.

Intel Compute Stick Wireless AC 7265 can't start after Windows 10 Update

Choose Let me pick from a list of available drivers on my computer since the older driver would still be on your computer. Intel Compute Stick Wireless AC 7265 can't start after Windows 10 Update

When you get to this point, make sure you click on any older driver i.e. anything but the driver with the newest date.

Intel Compute Stick Wireless AC 7265 can't start after Windows 10 Update

Intel Compute Stick Wireless AC 7265 can't start after Windows 10 Update

There you go! Wi-Fi fixed. You don’t (usually) need to even restart the PC!Intel Compute Stick Wireless AC 7265 can't start after Windows 10 Update

As shared earlier, I encountered a strange situation on some of the sticks whereby the wireless network adapter cannot be found in the Device Manager. For such a situation, you will need to perform a Network Reset as shown in the following screenshot. Warning! You will lose ALL saved Wi-Fi networks/passwords. Once done, you will need to restart your computer and go back to Device Manager to do the driver rollback described above.

Intel Compute Stick Wireless AC 7265 can't start after Windows 10 Update

I’ve informed Intel about this but they kept referring me to Microsoft. I give up. Microsoft is NOT going to care about someone like me. What I can do is to share this fix on my blog to help as many people as I can. This is quite obviously a case of Microsoft bundling a faulty driver for this device as part of a major update! How careless!

Cheers!

Remove yellow background in Google Adsense Responsive Ads

If you have implemented the responsive Google Adsense code into your website or blog, you may notice that some ad formats introduces an unwanted yellow background to fill the area that is not covered by the ad.

Refer to the example on the right. The ad format is smaller than the width of my main blog column and Google decided to just fill it in with a strange yellow fill. Is there a way to get rid of it? Yes! And thankfully, WordPress made it really easy for you to do it by simply inserting a custom piece of CSS via the WordPress interface!

The first thing you’ll have to do is to log in to your wordpress. Mine is a self hosted WordPress instance but it shouldn’t differ too much. Once you are logged in, you should see the usual administrative black bar on top of your site. Click on “Customize”.

A sidebar will now appear. Somewhere near the bottom, there will be a menu item called “Additional CSS”. Clicking on that will produce a large edit box for you to insert custom CSS code. Paste the following code into it:

ins.adsbygoogle { background: transparent !important; }

The “!important” syntax tells the site to override the original CSS by Google. This will make the yellow background disappear. Good luck!

Oh, what if you are not using WordPress? Simply insert this into your html page’s header within <style> tags.