Using Evernote to capture receipts

A few years ago my employer, Catapult Systems, had a policy in place for submitting receipts when doing expense reports.  At the time whoever put the policy together really didn’t consider all the challenges a consultant will actually face at the client’s site.  Basically there were only three options.  Us consultants had to fax in our receipts, scan/email them, or mail them in.  There was another option but that required actually visiting a Catapult office and since never go into any Catapult offices that wasn’t an option for me.  A lot of the consultants wanted to take photos and email them but at the time photos of receipts were not approved for whatever reasons. 

Below are the non-detailed processes for each option

Fax

  • Download and print a fax cover page.
  • Tape the receipts to a/many 8.5 X 11 piece(s) of paper. 
  • Fax the cover page with all of the 8.5 X 11 pieces of paper.

Mail

  • Stuff all the receipts in an envelope and mail it in. 

Scan

  • Scan all of the receipts.
  • Email them.

I tried all three options and depending on the client, their hardware, and other things that changed from place to place the above options could be difficult to perform. 

Fax

Faxing was frustrating.  I had to access a internal Catapult website with a client’s machine and print something.  Sometimes it took time to install a printer.  If I used my Catapult notebook printing to a client’s printer on their network could take even longer as it’s not a domain joined machine.  There was always the option of downloading the fax cover page from my Catapult notebook, emailing it to a client contact, and asking them to print it but I didn’t’ like doing that.  The client is paying for your time and they shouldn’t be expected to help you with an expense report.  Once I overcame printing the fax cover page I then had find some tape and sit there taping receipts to pieces of paper.  That wasn’t an efficient use of my time.  A lot of companies have long distance codes so when it came time to faxing it in I had to get the client involved.  All of this was too time consuming and could have involved the client too much. 

Mail

I really didn’t want to send in my receipts without first making a copy of them.  Some problems I ran into making copies were some copiers needed a billing code, it was time consuming to copy all of my receipts, and I had to carry a stash of envelopes and stamps with me. 

Scan

Come on, most places don’t have a network scanner and if they do you have to get with the client on how to connect to it and to retrieve your scans.  Clients shouldn’t have to get involved with consultants submitting expense reports. 

Out of the three methods I used the scan option most of the time.  This was because I actually traveled with a battery operated portable scanner.  I don’t remember the model I had at the time but I did up grade it to this model and I love it.  This was the best option for me as I didn’t have to involve the client but it was still time consuming scanning, transferring the files from the scanner to my notebook, and it was one more piece of hardware taking up room and weight in my notebook bag.

 

 

I can’t remember when but Catapult eventually allowed photographs of receipts to be submitted as long as they were readable.  This was a good solution and in the past few years a lot of software has come out that will do a great job turning a photograph into more of a scan so the text is legible.  I use Evernote a lot(Sorry Microsoft OneNote but at the time Evernote was available on all of my devices).  I can’t remember when or in what version it was implemented but Evernote allows you to take a photo of something that is a “document”.  The result is almost as good as a scan with a smaller file size than a photo that is faster to capture than physically scanning it.  What’s even better is I can use Evernote on my phone to capture all of my receipts and they sync with my desktop so I can email them.  Of course the syncing also means my data is in more than one place so IF my phone were to die at least all of my Evernote files are in the cloud and on my desktop.  Evernote also allows me to capture my receipts without having to hang onto them until I get to my scanner.  Evernote also decreases the risk of me losing a receipt or two. 

 

 

When using Evernote to capture your receipts it’s important to not only use the proper setting in the software but to properly prepare what you’re capturing.  In the photos below you’ll notice differences.  The three photos below I’m using the photo setting in Evernote.  It’s basically just a photo.  Notice the space around the receipt.  Sure I could have held my phone closer but getting too close means it might not focus and holding my phone too far away it might be difficult to read without having someone zoom in. 

 

wp_ss_20150120_0001   IMG_1501201221121 IMG_1501201221353

 

In the photos below I’m using Evernote’s document mode(notice the darker bar in the phone screenshot).  The first photo of the receipt is a giant white mess.  That’s because the surface it’s laying on isn’t a contrasting color(see similar photo above).  The second photo has a contrasting color around the receipt so it automatically zooms in and it appears to be more of a scan that a photo.  That’s great as whoever I email that too doesn’t have to zoom in to see the numbers and letter. 

 

wp_ss_20150120_0002IMG_1501201221262  IMG_1501201221454

 

 

Using Evernote’s document mode the size of the file is also smaller while retaining a decent quality image. 

680KB photo non-contrasting background

IMG_1501201221121 
zoomed
image

 

311KB document non-contrasting background

 IMG_1501201221262
Zoomed
image

 

762KB Photo contrasting background

 IMG_1501201221353
Zoomed
image

 

156KB document with contrasting background
 IMG_1501201221454
Zoomed
image

 

As you can see by using Evernote’s document capture settings of a receipt laying on a contrasting surface I can quickly capture my receipts while out and about in a decent quality that syncs with the cloud/desktop. 

 

I also use Evernote’s document capture feature to capture my personal receipts.  I do this so if I have to return, exchange, or even look up what I bought I have it in an electronic format where I can access anywhere from any of my devices at anytime.  I don’t need to run home and pullout a shoebox of receipts.  Evernote also indexes PDF and JPG files so I can type a word and it will find it on my receipts!

 

 

If you’re interested in capturing receipts for personal or work purposes I highly recommend looking at Evernote and the document feature. 

Michigan’s silly deposits on cans and bottles

One thing I absolutely loved about moving from Michigan to Texas was I didn’t have to deal with deposits on cans and bottles.  When I moved back to Michigan I was upset that I had those stupid deposits once again.  In case anyone doesn’t know what I’m talking about let me explain.  In a handful of states there is a deposit when you buy certain products in certain containers.  in most states it’s 5 cents when you buy a soda or a beer in a can, plastic bottle, and glass bottle.  Michigan is the ONLY state that charges a 10 cent deposit.  What that means is when you checkout the store charges you 10 cents for each soda or beer that is in a can, plastic bottles, and/or glass bottle.  Notice how I said soda or beer.  I’ll talk more about that later.  If you buy a 6 pack of beer that is marked at $5 you pay tax on that $5 plus an additional 60 cents in deposits.  When you bring the cans and/or bottles back you get your deposit back.  It’s done as a way to strongly encourage people to recycle via loss of their own money.  It’s also a way for people to walk the streets and pick up cans and bottles(yes you see it all the time).  This whole deposit thing is a pain in the ass!  People have to try to rinse out every can and bottle and keep them somewhere in their house just to haul off to the store to get their deposit back.  It’s also very disgusting as I’ve seen people dump dirty cans and bottles into shopping carts where the stale soda and beer is dripping through the bottom of the cart all over the ground.  That means you might lay your food when you’re grocery shopping on the bottom of a cart that just had stale soda and/or beer all over it.  We all know grocery stores never clean their carts.  As for the smell of the machines that accepts these items and the areas people go to return them is awful.  Imagine a room where someone spilled beer all over the ground and rarely cleans it up.  IT STINKS!  Below is what one of the machines looks like near the opening and also what one of my plastic bags looked like so you have a clue on how dirty everything is.  Of course if everyone were to rinse their returnables nothing would get dirty but you can’t depend on EVERYONE doing the right thing.

WP_20141226_13_46_31_Pro

WP_20141226_13_46_47_Pro

 

To make matters worse a store/store chain will only take back a can or bottle if they sell it.  If a store won’t take a can or a bottle the typical response would be to just throw it away but it’s actually against the law in Michigan to throw away a bottle or can that has a deposit on it!  Now you can “recycle” using approved recycling services but if it hits a landfill then you broke the law.  I believe in recycling but there are only deposits on beer and soda cans, plastic bottles, and glass bottles.  There are not any deposits on wine bottles, liquor bottles, non-carbonated energy drink cans, and water bottles.  That just doesn’t make sense.  If you’re encouraging people to recycle why exclude a bunch of items?

Today I decided how much time it would take me to return two tall kitchen trashcans full of returnables.  Since a store only takes back cans and bottles they sell I had to visit two stores.

In the table below there are two columns.  The first column shows how much time would be involved if I was already making a trip to the store.  The second column shows how much time I actually spend as my only reason for going out of the house today was to return the cans and bottles.

 

Activity At Store Special Trip
Sort through cans/bottles and separate them by store at home 7:22 7:22
Drive to Meijer and walk to the returns area NA 11:25
Time to feed one can/bottle into the machine 8:26 8:26
In line/walk back to car NA 6:46
Drive to Aldi and walk to the returns area NA 15:35
Time to feed one can/bottle into the machine(there was only one machine and it was being used by someone before me.  Also it became full and we had to wait for someone to empty it). 9:25 9:25
In line/walk back to car NA 2:12
Time to drive home NA 15:35
TOTALS 25:13 76:46

If I was going to both grocery stores I would have spent a little over 25 minutes just returning the bottles and cans!  Since it was a special trip just for returning cans and bottles it took me over 76 minutes!  All of that time to get my measly $8.50 back.  That’s right, 85 cans/bottles = $8.50.  I haven’t even talked about the money involved for stores to buy and maintain these machines as I’m sure the cost is being passed to the customer.

I wish the state would do away with deposits or at the very least make all cans and bottles have deposits but I doubt that will ever happen.

Computer scam described in first person detail

For background on this scam please visit
http://www.consumer.ftc.gov/blog/ftc-combats-tech-support-scams
I believe the people that I spoke with were not from a company but rouge scammers.

 

Remember everyone. When someone calls you be leery. Don’t trust incoming calls no matter how convincing things sounds.  It’s always best to hang up. If something is ligament then that company will contact you another way than email or phone trying to get you to give financial and/or personal information.

 

I’m a VERY knowledgeable seasoned IT consultant specializing in Microsoft products. Every step of the way I knew the risks and had everything setup where I, my computer, or should I say VM, and my personal information was never in danger. I don’t recommend others do what I did. That being said I want to apologize for the lack of screenshots. Every time I tried to take a screenshot they would notice keyboard and mouse activity. I wanted things to go smoothly so we could continue to the very end so I just watched and took notes most of the time. If some of my sentences sound odd that’s because I’m trying to convey the way I was being spoken to. You’ll notice quotes in this blog. That’s exactly what was told to me from these people. I recorded both of these calls so the accuracy of this blog is very high.

I often get unsolicited calls to my cell phone and home phone even when all of my phone numbers have been on the FTC’s do not call list for years. When I get one of these calls I either hang up on them, string them along like I’m interested, or act really stupid. If they stay on the line long enough I eventually let them know I’m on the do not call list and the company they’re working for is breaking the law. They either hang up, tell me that I’m not on the do not call list, or attempt to prove that they have a business relationship with me. Once I was actually told it costs money to be on the do not call list. I don’t know if these people are clueless, desperately need a paycheck, or don’t care. Unsolicited calls are bad but what’s worse is when someone is trying to intentional scam me out of money without offering a false promise of lowering my credit cards interest rates, becoming an Amazon affiliate, or giving me a free security system that of course I have to pay to have monitored. If someone is calling selling a good or a service and I don’t have a valid business relationship with you then be prepared for me to waste your time. If you’re calling me trying to intentional scam me then be prepared for whatever I dish out including documenting everything that happens so others will know.

A few month ago I received a phone call. I knew from the caller ID that it was going to be an unsolicited call and I was prepared to waste their time. When I answered, a gentleman with a thick Indian accent named “Peter Brown” claimed he was from “Computer Maintenance Department”. He told me they’ve been receiving error messages from my computer. He wanted to guide me though a few things to help me fix my computer. I knew his intentions weren’t to sell me something but to try to con and scam me out money or obtain my credit card number. Knowing this I wanted to play along for a while to see how this scam worked. When I asked him how he got my phone number his response was my Computer ID number has been registered with their database. Say what? He went on to say when my computer downloads any kind of virus they’ll receive the error message. I asked if it was my IP address and his response was “computer secret ID number”, whatever that means. Remember that quote, “Computer Secret ID number”. He had me open up the Windows run box using keyboard shortcuts. He requested that I type in cmd and click OK. In the command window he had me type assoc and hit enter. This of course brought up a list of file types that are registered and what applications are associated with them. This is so Windows knows what app to use to open different kinds of files. At this point he wanted me to look for a line toward the bottom that has CLSID in it. To try to prove to me that he in fact knew something about my computer he went on to say the CLSID number is that “computer secret ID number” he was talking about earlier. He wanted to read back my CLSID number that I saw in front of me and mentioned if he’s wrong then I can hang up. Well of course he’s going to know this as quick research with him on the phone turned up that number is the same on all of my computers. It’s not unique, it’s the same on pretty much every Windows machine out there. By him trying to fool me that this is a secret number and by him telling verifying mine I would believe he is telling the truth. Of course none of this is working as I’m smarter than him but it shows how people that are not familiar with Windows could fall for something like this.

clip_image001

When he read me the number I pretended to act surprised and upped the gullibility factor. He once again went on to say my computer will register with their database using the CLSID number when I download any kind of virus. He then said that was the reason why he was calling me from “Windows”. I said “so you’re calling me from Windows, OK”. He then went on to say when my computer is online it “download the viruses”. At this point he had me open up the run box using keyboard shortcuts. We asked me to type in www.microsoftsupport015.com and click OK. This took me to a webpage that tried to look like an official support site.

clip_image003

The graphics said “Windows Security Department”. Of course to someone skilled in this area I knew it wasn’t a valid Microsoft or Windows website but to someone that has skills in different areas I’m sure they would have believed it. At this point he wanted me click on the link that said “SECURITY SOFTWARE” that would download a file. He explained this will connect my computer to “Microsoft in Arizona” where they’ll help me resolve my problems. When I questioned him about the software he said it is security software and just ignore the warnings. Of course I’m wasn’t going to do this and I told him I was concerned about running software from the internet. His response was it was security software. At this point either we got disconnected or he dropped the call knowing he was just wasting his time.

 

It was after that call that I wanted to see how this scam worked in great detail. I decided to setup a Windows Azure VM and wait for the next call. In a few weeks sure enough my phone rang with a spoofed caller ID number. This gentleman like the other had a thick Indian accent. This person told me he was from “Windows Technical Department” and my computer had some malware on it. He wanted to help me get rid of it. I’ve been waiting for this call to find out more how this scam works. The last call I strung him along until they wanted me to install some remote access software. This time I was ready. I had a virtual machine isolated in Azure with a unique password with no software or data on it. It was a bare install of Windows. I was ready to see how this scam worked and ready to document it.

What was interesting with this call and the other was in the background I could hear others talking as if they were in a call center. Having spoken to another scammer they let it slip that the background noise was a CD to make people think they’re actually in a call center when they’re not. I guess scammers shouldn’t tell their secrets eh? Anyway this gentleman wanted to know if I was in front of my computer. I said I was but I had to turn it on. Little did he know I was powering up that VM designed specifically for the purpose to document our upcoming hour long phone call. To make him think I was gullible I told him I’ve been noticing it takes longer than usual for my machine to boot and that’s why my machine in front of me was taking so long to start up. The truth was I forgot the unique password and had to look it up. What he said sounded like he was reading from a script. He said whenever I’m “going to online to the internet my computer is downloading junk files that is corrupting my computer day by day”. He then said that’s the reason I’m having these kinds of problems. As I was waiting for my VM to start I asked him if Microsoft watches for this stuff. He said he was not calling me from Microsoft. He said he was calling me from “Windows Technical Department”. I thought that was interesting. Here he is trying to scam me but yet he’s sort of honest enough to say he’s not from Microsoft. I then asked him if Windows looks for this and his response was simply “Windows Technical Department”. I asked him once again if the “Windows Technical Department” looks for this and his response was “yes, I’ll help you out. No need to worry about that”. Once I logged into my VM the very first thing he wanted me to do a key combination of Windows + R to bring up the run window. When the run window came up he wanted me to type in eventvwr and click OK to bring up the Event Viewer.

clip_image004

At this point he guided me to the Administrative Events filter. He then asked me if I saw any errors. Of course I did. It’s common to have errors, warnings, and informational events in the event viewer. He told me not to click any errors because “these are the online infections that are corrupting your computer day by day without my knowledge”. Once again it sounded like what he said came from a script. He then asked me to close out of the Event Viewer.

 clip_image006

At this point he once again wanted me to do a windows key + R to bring up the run window. This time he directed me to type www.121support.usa in the run box. Then he changed his mind and wanted me to use http://www.121usahelp.com . At that point he directed me to click OK to open up the webpage.

clip_image007

clip_image008

This of course brought up a website that appeared to connect to a remote support connection. He did not want me to type a password in the box. He wanted me to click on the Ammyy link below.

 clip_image010

At this point the call dropped. I was upset as I wanted to know more how this scam works. Since I seemed gullible he ACTUALLY CALLED ME BACK! Yes, he called me back.

Clicking the Ammyy link of course downloaded ammyy.exe. Ammyy is a remote support software application where someone can control your keyboard and/or mouse. He directed me to run it so I did of course as this is an isolated VM used only for collecting information on how this scam works.

 clip_image012

At this point the application opened ready for someone to connect to my computer as soon as I gave them my ID. Of course he asked for my ID as he wanted control of my machine so of course I game him my ID.

clip_image013

Once he connected to my machine he asked me place a check in “remember my answer for this operator” and to click accept. At this point any keyboard commands I used to try to capture screenshots messed him up so I took notes at this point. Any screenshots from this point are not from the actual session but recreated for this blog.

clip_image014

At this point he congratulated me and told me I was successfully connected to the “Windows Technical Department”. He told me the movement from the mouse is from his technician. I asked him if he was going to fix my computer and he said he is just seeing how much my computer is corrupted without my “good knowledge”. What’s interesting is while they had control of my computer, or should I say control of my isolated VM, they went to a website, downloaded TeamViewer, that is another remote control application, installed it, and connected to my machine using that software. I tried to get the website they went to but it was so fast I couldn’t document it. Once they switched to TeamViewer I was told that now I’m fully connected to his technician. At this point they opened up Event Viewer and showed me all the “errors”. I then got “transferred” or as I like to think the phone was handed to his partner in crime next to him. I heard them speaking in a language that wasn’t in English. This new person introduced himself as a “SENIOR” technical supervisor. He then dove into telling me all those “errors” I’m seeing are inside of my computer and he wanted to tell me that’s why “Windows was giving a call”.

He asked me if I used my computer for business or personal reasons. My response was it’s for business knowing it’s just a useless VM. He asked me if I “didn’t want to lose my computer anymore” and of course my response was “no I don’t want to lose it”. He once again said I’ll see with my own eyes all the errors and warnings. He said “one warning and one error may crash your computer any part of time”. He then went on to say I have lots of problems on my computer. He said each date and time in the event viewer was when a problem came inside of my computer. Once again if my sentences sound odd it’s because that’s how is sounded from him. He then asked me if I email, online backing and stopping, or playing online games that made problems come inside of my computer without my “good knowledge”. I said my machine has been running slow and his response was that’s the reason why they’re calling me to show me all of these problems. He said I shouldn’t worry because a Windows Technician was working inside of my computer showing me all of these problems. He then said he will show me all of these problems one by one in my computer.

At this point he made me bring up the run windows again using the Windows key +R and had me type in inf online hacker and click OK.
Yes, he had me type in inf online hacker
This brougt up my INF folder.

clip_image016

He asked me what I saw and I told him I saw a bunch of folders. He mentioned that I had 991 items(screenshot below not from session but recreated)then asked me if I reconized these folders. Playing along I said no knowing it’s my INF folder. He then went on to say this is the hacker folder. He said 991 hackers hacked my machine. I guess each hacker gets their own folder each time they connect? He then went on to say that the date and time was when they hacked my computer. Of course that wasn’t true but I’m wasn’t going to argue with him and he was much smarter than I was 😉 He even went so far to say that the hacker on that date and time was watching what I was doing on my computer without my “good knowledge”. What is is with the term “good knowledge” they keep using? He then went on to say my machine is hacked and it might have been from email. He wanted to check out my “email position” whatever that meant. Of course this was an isolated VM. I didn’t have any software installed or any personalized settings.

With everything they’ve been doing so far it was all very convincing for the average user but they still kept going wanting to prove to me that my machine was infected and hackers hacked it. I don’t even think they used the term malware but they kept going trying to scare me. At this point he brought up Internet Explorer and went to a page that validates W3C code.

clip_image018

He directed me enter my email address in the field and click Check. I entered some fake email address and clicked Check. Of course the page is validating a website but since I was directed to use an email address obviously it returned errors.

clip_image020

This is where he said 282 hackers hacked my email. He also said there were 8 warnings that I have inside of my computer. Of course this is all BS. He then wanted to show me the errors and warning of my hacked email. Once again he used the term “good knowledge” talking about email is secure but my email has been hacked. He then went on to say my computer may crash at any corrupt time. He asked me if I wanted to crash my computer and of course I said no smiling.

He then started asking me if I had a 6 digit code. Frankly I had no clue what the heck he was talking about so I said no. He said I should have been given a 6 digit code when I bought the computer. At this point I was like what. I thought he didn’t know what the heck he was talking about but he kept going on about this 6 digit code. He brought up a website used for people to connect to a LogMeIn technician and wanted me to put in my 6 digit code that I had no clue what he was talking about.

At this time we got disconnected again. Since they had control of my VM they opened up notepad and was typing to me while I was typing back. I told them I really wanted my computer fixed so please call me back. It seems like they were having technical difficulties but after a few minutes they called me back. Yup, they called me back a second time.

At this point they he kept asking me about this 6 digit code that he says I should have got when I bought my computer. I really had no clue what he was talking about. Since they had control of my computer they opened the window below(example)and tried to explain that when I bought my computer I should have been given the 6 digit code that is last 6 digits of the Product ID.

clip_image021

Of course I knew this wasn’t true but since I was trying to expose how this scam worked I just went along with it. He wanted me to type that last 6 digits of my product ID in the LogMeIn webpage that was up on my screen. This LogMeIn webpage was for people to enter a 6 digit code to connect to a LogMeIn user so they can remote control a machine. Of course following his directions I entered those 6 digits and clicked “start download” knowing it’s not going to connect me to anyone. At this point I received a warning message saying the code “does not exist and please contact my support providers”. He made a big deal about this. I don’t know why but he asked me to enter it again so I did and the same thing happened. He said “oh my goodness”. He then went on to say my support provider is expired, whatever that means. At this point he claimed he wanted to see if it was expired hinting that I might have to renew my software certificate license. Now I was starting to put everything together. From here he opened my Cert Store / certmgr.msc and found a certificate that was expired or not yet valid. He showed me the properties saying it’s expired and that I need to renew my “software certificate license”. It’s normal for some certificates to be expired or not yet valid. I knew nothing was wrong but to the average or below average user this could scare them.
clip_image022

He then went on to say that was the reason why “the code is not accepting”. I guess he was trying to say in a very vague way Windows is not activated but I knew he was lying. So far to the average or below average computer user it’s all very convincing but of course I wasn’t buying it. Now here is where he doubled down since I was sounding intentionally sounding stupid and gullible. He said I need to renew my software certificate license first before they can connect to my machine to clean out all the hackers. I saw where this was going. He was going to try to double scam me. Once to “activate” and once to “clean”.

This “gentleman” informed me that it would be $179 for a 5 year software certificate license, $279 for a 7 year software certificate license, and $349 for a lifetime software certificate license. Well of course the lifetime software certificate license is the best deal, and most money scammed from me, so I said I wanted that one.

At this point he actually went to support.me, typed in a valid 6 digit support code too fast for me to document, and installed LogMeIn. He was doing stuff in the background with LogMeIn that I couldn’t see. I’m not sure what he did but eventually he brought up a webpage where he wanted me to enter my credit card information to renew my software certificate license. This webpage appeared to be through a 3rd party payment service and it appeared the name of the business he wanted me to pay was “Southend Enterprises”. Of course I wasn’t going to enter real financial information so I just made stuff up, put it in the form, and submitted it. I even mocked them saying the mouse was jumping around, it must be that hacker software knowing darn well that both them and I were fighting for control of the mouse. At this point I was sure they were already celebrating as they thought they just scammed someone out of another $349. Of course it was declined because I didn’t enter real numbers. He then asked me what bank my card was through so I picked one from the top of my head and told him. I guess this support technician didn’t understand me so he passed the phone back to the first person. At this point he actually wanted me to call the bank and tell them…………………….DARN, WE GOT DISCONNECTED AGAIN.

Since they still had control of my VM they used notepad to chat with me. They wanted me to call my bank and tell them to authorize the payment that was declined for $349 for Southend Enterprises. I kept telling them to call me back. For some reason they couldn’t call me so they actually GAVE ME A PHONE NUMBER TO CALL THEM. Yes, they said to call them at (786) 220-3237. I looked up the area code and it was Miami. I’m sure the number rolled to something else and/or it was a prepaid cell phone.

After making sure I wouldn’t be hit with long distance fees I called the number they gave me. Once again this “gentleman” wanted me to call my bank to authorize the declined charge. When I asked him why it didn’t go through he went on to say something but I couldn’t understand him. This is where I dropped on them that I wasted an hour of their time, I’m an IT consultant, and I know they’re trying to pull a scam. I then mentioned I have their merchant name, I recorded the entire call, and I’m even going to blog about it. Even at this point he asked me how this could be a scam. He said they went through all the things wrong with my computer and asked me why I’m thinking they are fooling me to give them money. I went on to say that my computer was really a VM that was setup specifically to document this scam and to blog about it. There was silence then he asked me how I like it. I told him it was a pretty good scam but that I strung them along as far as I could to document all of this to warn others. At this point I must have gotten under his skin as the vulgarities started only for him to eventually hang up.

The next time someone like that calls I’m all setup to not only record audio but video of my screen so that I can slow down and stop the video to document everything.

Strongly worded letter to Comcast

<name>
<address>
<date>
<account number>

Comcast
700 W Broadway Ave
Muskegon, MI

 

Dear Comcast:

I’m created this letter in hopes to have a Comcast employee take personal responsibility researching some issues and problems that we’ve been experiencing with Comcast. We’ve been dealing with a different person each time we call and that’s not yielding any positive results nor has it resolved our problems and issues. For many years we’ve had internet and TV service through Comcast and technically overall we’ve been pleased. We’ve also been pleased with the amount of services for the dollar. One aspect we have not been pleased about is calling and getting a different answer posing the same questions because it’s a different representatives each time we call. That is just part of what I’ll be discussing.

Our internet plan for at least the past year has been the performance plan with advertised speeds of up to 25MB down and up to 5MB up. For that year we were getting consistent download speeds of 29MB down and 5MB up. As an IT consultant that frequently works out of the house I routinely measure the speed and quality of our internet connection. I understand at times it will be slower but when everything is normal I always see 29MB down and 5MB up.

Around October the 4th we called to cancel our TV service but wanted to keep our performance internet plan. The representative I spoke with was going to put us on just the performance internet plan at around $70 a month. We were trying to save more than $50 a month so I debated with her and asked her if she could honor the promotional rate of $29.99 a month that new customers were getting. That would allow us to save $90 a month while keeping our current internet plan. She honored that request as we were after or close to our current yearly promotional plan coming to an end. We understood that we had to return the cable box/DVR. While I was speaking with her I decided to upgrade to the blast internet plan at the promotional rate of $44.99 a month with speeds up to 50MB down and up to 5MB up but only if it was available in our area. The reason I worded it like that was from past experience not all of the Comcast internet plans were either available or the speeds were not obtainable in certain areas. I specifically asked her if we did not get anything close to 50MB down and 5MB up if we could go back to the performance internet plan for the promotional rate of $29.99 a month. She said yes. After she finished up she blindly transferred me to another department to verify if we would get those speeds. When asked if blast was available at our address that person said yes.

During the next few days I noticed we were not getting any faster download or upload speeds than the current 29MB down and 5MB up. We saw no change between the performance plan verses the blast plan. To eliminate our hardware, software, and cabling I directly connected a notebook to the Comcast approved gateway that I own and have owned for the past two year and bypassed the coax in the house with a direct line going to the grounding block on the side of our house. Both of those actions produced no change in speeds. I called Comcast and setup a service call for a technician to come out as we were told by Comcast that the blast plan was available in our area. The technician came out on October the 13th and until that time we still saw no increase in speed. The technician said the signals coming to the house looked good and asked why he was here. I explained we were getting nowhere near the blast advertised speeds of up to 50mb down and up to 5MB up. I explained while on the performance plan we were getting 29MB down and 5MB up and still getting those speeds while on the blast plan. He said DOCSIS 3 wasn’t switched on in Muskegon and mentioned he didn’t understand why Comcast sales keeps selling packages where people in Muskegon won’t be able to reach the speeds even after he claims they’ve told Comcast this in the past. I thanked him for his time.

I called Comcast back. The first call to Comcast I explained the representative I spoke to on the 4th said if we don’t get blast speeds I could call back and go to the performance plan at $29.99 a month. I made multiple calls to Comcast that day and was either told with the performance plan I would have to add TV or phone bringing the performance plan bill up $45 a month, the performance plan would be about $70 a month, Comcast can’t give me web prices for phone calls switching service, I’m not a new customer so I could not get promotional pricing, or I got disconnected (two times in about five phone calls). Finally someone took down my information and said a supervisor would call me back. A few days went by and I noticed our internet speeds were now noticeable slower. We were consistently getting no more than 18MB down and no more than 2.5MB up. I looked online at our bill and even though a supervisor didn’t call someone did switch our internet back to the performance plan at $29.99 a month. Now the issue is our internet is not only noticeability slower but according to Comcast’s own speed test website it is slower than the same performance plan that we’ve been on for well over a year. Nothing changed on our end but plans were changed on Comcast’s end. I once again tried to bypass our wireless access point and ran a temporary coax cable directly to the grounding block outside with no change in speed. We are still consistently getting no more than 18MB down and no more than 2.5MB up on the performance plan when on the same performance plan before we were constantly getting 29MB down and 5MB up. One thing to point out is the upload speed. Of course we want our 29MB or faster download speeds back again but with Comcast’s lower internet plans the max upload speed is 2.5MB, what we’re getting. It SEEMS like we are being throttled because if it was a technical issue I’m pretty sure the upload speed would not be exactly 50% of what it was before all the time now.

Here is what I’m upset about in order of relevance.

1- Our internet speed for the past year on the performance plan has been consistently 29MB down and 5MB up on normal days. Those were the same speeds while on our short lived blast plan. Being sold the blast plan with no improvement in speed and after multiple phone calls now our internet speeds is much slower at no more than 18MB down and no more than 2.5MB up while on the same performance plan.

2- Being sold a plan that did not improve our speeds at all and according to a Comcast field technician no one will get close to those speeds. This technician has also mentioned to Comcast this has been told repeatedly to Comcast without any changes.

3- Being told that we had to have phone or TV added on while having the performance plan even though that is not mentioned online.

4- Being told when calling up that Comcast will not honor their online prices and some representatives saying the performance plan would be $70 a month.

5- Being told when I mentioned considering having Jody cancel her service and me getting service as a new user to get the promotional rates being told I’m not a new customer. The representative said Jody put me on the account less than 90 days ago so that would not qualify me as a new user. I disagreed with the representative as I started the process of getting new service of the performance plan to see if it would force me to add Phone or TV and it did not. I had to go through a credit check that Comcast performed against my credit report.

6- Being disconnected two out of the five times I called Comcast.

What I want:

1- An explanation and/or actions(see paragraph below these points for more details) of why our internet speeds are now noticeably and consistently slower now on the same plan that was giving us noticeability and consistently faster download and upload speeds as in the past.

2- An explanation regarding the conflicts in what Comcast is selling versus what the on-site technician said.

3- An explanation if what we were told that we had to have TV or phone is true on the performance plan even though it does not mention that on Comcast’s website.

4- An explanation if it’s true that when calling Comcast they will not honor their own online prices and packages along with why some did not even want to consider a promotional pricing plan.

5- An explanation of what is defined as a “new customer” taking into account that even though I was added to the account less than 90 days ago I now have a credit hit on my credit report as I applied for service as a potential new customer online.

6- A simple sorry for being disconnected 30% of the time on a single day

I DO NOT want any changes to our internet plan without a two way dialog via phone, email, or letters. Part of the reason for this is according to the on-site technician speeds up to 50MB down and up to 5MB up should be obtainable in the future. If we could get up to 40MB down and up to 5MB up in the future then I would consider the blast plan again but only if there is a timeline when that plan will be “turned on” in the area. I also don’t want any changes to our internet plan without that two way dialog as I need to understand why we were getting great speeds on the old performance plan but now not great speaks on the same performance plan. I only want to deal with this once for the next year.

It’s very rare that I take the time to type what happened but like I said before working with a different person each time I call Comcast is not giving us not only consistent answers but frankly it’s wasting my time. I hope that someone will take this letter seriously and take personal responsibility for addressing the issues and problems raised above. I hope to hear back from someone within 14 days of receiving this letter.

Sincerely,

Adam Rafels
<phone number>
<email address>

AT&T secretly snuck charges back in Jody’s cell phone bill

Late last year I noticed “Mobile Protection Pack – Enhanced Support and Mobile Locate” on Jody’s bill that has Jody’s and Ashley’s lines.  Each line was being charged $3 a month so that’s $6 a month for things their phones didn’t need.  This isn’t Insurance.  Insurance is completely different and Jody was paying $6.99 a month for each line.  This Mobile Protection Pack – Enhanced Support and Mobile Locate was basically useless for Jody and Ashley as Jody’s Windows phone and Ashley’s iPhone could be located and backed up to the cloud without any extra help from AT&T.  In September of 2013 I removed the Mobile Protection Pack – Enhanced Support and Mobile Locate from both Jody and Ashley’s lines on Jody’s bill.  It was prorated and that’s fair.  I was a little upset that she’s been paying for that for who knows how long but we’re to blame for not reviewing and questioning charges on her bill.  It lowered Jody’s bill by $6 a month.  That’s not much but why pay for something that is useless?

 

Today I noticed that Mobile Protection Pack – Enhanced Support and Mobile Locate is back on Jody’s bill for both Jody’s and Ashley’s line.  I researched it and it appears when Ashley got her new Windows phone in March of 2014 AT&T snuck it back on Ashley’s line.  When Jody got her new Windows phone in July of 2014 they snuck it back on her line.  Since I removed it back in September of 2013 I didn’t look at the bill every month to make an option removed stayed removed.  Looking over the bills since then that’s an extra $20 going to AT&T for something that we canceled last year.  Looking at AT&T’s website it says someone has 30 days after activating their new device to enroll in the Mobile Protection Pack.  That completely contradicts what happened to Jody.  Even though it says you have to activate it somehow they added when Jody and Ashley got new devices.

 

After 20 minutes of me researching this, 25 minutes on the phone with AT&T, another 30 minutes detailing and documenting my research, and another 25 more minutes on the phone with AT&T they took the Mobile Protection Pack – Enhanced Support and Mobile Locate off Jody and Ashley’s lines and credited her $26 for all those months they were paying for it unnoticed.  As for my time they credited Jody’s account $25 for me taking 90 minutes of my life researching and fixing something that no one authorized or approved.  The AT&T rep on the phone said that more than likely what happened is the sales person didn’t uncheck that option that is defaulted to be checked even after it contradicts what the AT&T’s website says. 

 

The moral of this story is ANYTIME you do anything to cell phone, plan, or anything related to AT&T wireless start checking your bills so things don’t magically appear. 

 

Actual text from AT&T about the Mobile Protection Pack – Enhanced Support when you go to add/remove it from your bill:

“Your life is on your device¿your photos, videos, and contacts. With Mobile Protection Pack, you can relax and feel secure knowing you¿re covered.

When you need to replace or locate your device, restore your data, or get expert support you can count on, Mobile Protection Pack covers your device and the ¿life¿ you have on it.

You have 30 days after activating your new device to enroll in Mobile Protection Pack.

Replace It

Protection for loss, theft, damage (including water damage), and out-of-warranty malfunction

Receive your replacement device as soon as the next day

Support It

Toll-free personalized, expert support for initial setup, managing storage, battery maximization, and much more.

Locate It

Find your devices with convenient GPS locate and alarm functions

Lock and erase a lost or stolen device to secure your data

Downloadable Mobile Locate app for your device

Effective August 1, 2014, you may be eligible for the Declining Deductible discount and up to 50% off of the Standard Deductible rate.”

Screenshot of window for the text above. 

image

My Amazon Kindle Paperwhite

My family made fun of me for buying an Amazon Kindle Paperwhite a few months ago. They asked me why I would buy that when I had an iPad. Like I always say people do things for a reason. My reason was I wanted something that was smaller and lighter than my iPad and easier on my eyes. My iPad weighs 1 pound 7 ounces and my Kindle weighs 7.5 ounces. 1 pound might not seem like much but it does make a big difference holding something in your hand for a while. I like the size of my iPad but to be honest with you I can slide my Kindle in my front and rear pocket of shorts and kakis. That’s something you can’t do with an iPad. Maybe you can do it with the mini iPad but I really didn’t want to spend a few hundred dollars to replace something I had with a smaller item. Reading the Kindle is much easier on the eyes also. Most of the time I have my backlight off as there is enough light in the room for me to see the text. For times when it’s dim or dark the backlight comes in handy.

Another reason I prefer my Kindle at times is I’m less tempted to breakaway from the book and putz around on the internet or check my email. Sure the kindle has an experimental browser but doing any web surfing on an e-ink screen is just too time consuming. As for the battery life I have no clue what happens when the battery gets critically low as I’ve never gotten to that point. I’m not a hardcore reader and I always try to keep my device charged but I’m heard you can read for 30 minutes a day for 30 days without charging.

Overall I’m very happy with my Kindle Paperwhite. As an option I can still read books on my iPad, iPod, computer, and Windows Phone. With the Whispersync technology the last furthest page syncs among devices do you never have to try to find where you left off.

If you like to read books I highly consider looking at one.

Incoming call “claiming” to fix your computer SCAM

First let me say that I am a very knowledgeable IT consultant so I knew what I was doing the entire time.  I don’t recommend doing anything a unsolicited caller asks you to do no matter what.  As you’ll see below the trick this person tried was to try to fool me that they knew something about my computer that only they would know.

95% of the calls to my old home phone number are from unsolicited telemarketers even though my number is on the government do not call list.  I think I just keep the number around so I can mess with them when they call.  I feel if they’re breaking the law and wasting my time I’ll waste their time.  I usually pretend to be interested to string them along for as long as I can before dropping the do not call list speech on them and letting them know I just wanted to waste their time.  I also let them know the company they’re working for is breaking the law.  They either debate, argue, tell lies, verbally insult me, or hang up.  Hey, whatever happens after they make my phone ring illegally is fair game right?  My record keeping them on the line is about 6 minutes and I’m working on ways to keep them on longer if possible.

Today when my home phone rang the caller ID said “Name Unavailable 997-914-9783”.  I was uploading a 4.2GB file (SQL 2008 R2) so I had some time to take the call.  It was from a gentleman that claimed to be Peter Brown even though he had a thick Indian accent.  I could hear other locals working around and/or next to him.  He said he was calling me from “computer maintenance department”.  Of course I knew where this was going so I put him on speakerphone and decided to go along with his game, or should I say scam.  He said the call was about my Windows computer.  He went on to say that they have been receiving some error message (not plural but singular without the s) from my computer and they’re calling to help me.  I asked him how he knows it’s my computer and he said my “computer ID number” has been entered into their database.  He said if my computer downloads any virus they receive the error message.  Trying to pull more info from him he said it was my “computer security ID number”.  Long story short he wanted me to open a command prompt and type in ASSOC then hit enter.  ASSOC is used to display and modify file name extensions in ALL computers.  Also the info is pretty common among all computers.  To gain his trust he wanted to say the CLSID number to me and if it didn’t match what I saw in front of me I could hang up.  Sure, I’ll play along knowing that number is the same in ALL computers.  Of course what he told me matched my computer, and my server, and another server but I just went along for fun.

After he believed he gained my trust he directed me to a website (microsoftsupport015.com) where he wanted me to download and run a file.  He said it will connect me to a Microsoft technician that will fix my problems.  That’s where I started challenging him saying I’m unsure of downloading a file and running it.  I explained to him the .ZFSendToTarget=CLSID number is the same for all computers since I ran it on another computer.  He tried to tell me that both of my machines were infected.  I told him he’s part of a scam and debated with him for a while.  He finally hung up on me.  The screenshots of ASSOC and the website are below.

After all of this happened I decided to spin up a VM in Azure, install Microsoft Endpoint Protection, update MS EP, go to the website, download the software, and run it to see what happens.  This is in an isolated environment on a machine that I don’t care about using one time unique credentials.  It has internet access but isn’t touching other machines so it’s pretty safe to blow up.  I can also delete the VM whenever I want so whatever software gets installed won’t keep running.  The file that downloaded was named aa_v31.exe and MS EP didn’t see it as a threat.  The software appears to be AMMYY remote desktop software.  It appears if I kept “Peter Brown” on the phone he would have given me an address to enter so they could remote control my machine to do who knows what.  I think I’ll power down this VM and spin it back up when I get another call like this to see what they do.  I don’t get these calls often so it might be a while with what I find out.

In the meantime people please don’t fall for this scam.  If they can’t tell you some information like your ISP, IP address, MAC address or something that is really unique to your computer then just hang up.  If you are a non-technical person don’t worry.  Just hang up anyway.  People don’t reach out to you and offer to fix your computer via the phone.  If they do more than likely it’s a scam.  Oh and by the way so are the lower your credit card rates calls.  I enjoy them the best.  They get so mad when you keep them from “selling” their service to other people, I mean victims.

For more detailed information go here www.webologist.co.uk/internet-security/pc-support-security-scams-zfsendtotarget-clsid-trick
This person took it farther than I did so you can see more of what happens.

Software I was directed to run

image

 

ASSOC Results.  He rambled off the CLSID number below.

.ZFSendToTarget=CLSID{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}

image

 

Screenshot of the website I was asked to visit and download their “security software”

screenshot.261