A. As you have accidentally found out, cameras require photos to be in specific places with specific naming conventions. The directories on the SD card will have specific names. Usually the image files themselves are sequentially numbered, such as IMG_01281.jpg
The exact naming will depend on your specific model of camera.
The first step is to back up the photos to the computer so you don’t lose them.
A question for you: why do you need the photos to show up in the camera? Is it okay to just have them on the computer?
Next, using a different SD card, take some photos. Then look at that card on the computer to see what the directory name is and how the image file names are structured.
Then rename the files on the first card to match that format, counting backwards from the number of the first new photo you took. If you have more than 100 photos, you may have to create additional folders
Often, the first level directory on the card is named DCIM (digital camera image), additional folders are created within that for ‘camera rolls’ which may have a limit of 99 or 999 photos per folder, depending on the brand. Each brand of camera has their own operating system and conventions for naming. here is one example
Finally, don’t rename, reformat, or move things around on a SD card with a computer. Do your formatting in the camera and otherwise leave the card alone.
Q&A is a compilation of questions we have answered around the Web
MegaHertz (MHz) means the measure of clock frequency in million cycles per second. Mega Transactions per Second (MT/s) means the computer transaction rate in million per second DDR means Double Data Rate.
DDR memory makes an operation on the leading edge and the trailing edge of each clock cycle, so there are two operations per clock. So, a 1333 MHz memory bus speed clock equals 2666 MT/s DDR RAM.
This would often erroneously called 2666 MHz RAM, but it isn’t really. It is 2666 MT/s RAM.
Q&A is a compilation of questions we have answered around the Web
A. Single or dual or quad channel memory access doesn’t have anything to do with the individual RAM modules — an individual RAM DIMM is the same whether it is sold alone, or in a package of 2 or 4 matching pieces as a kit.
The key to dual or quad channel memory access is 1) the motherboard and memory controller on the CPU have to support it, and 2) you have to install 2 or 4 pieces of RAM that match identically – in terms of size, speed and configuration – into the appropriate slots on the motherboard (refer to the manual for instructions of slot population order).
Not many desktop machines support quad channel access, but most modern desktop and notebook machines support dual channel access. Dual channel access improves the speed that the CPU can access the memory locations on the modules by treating two modules as one big module. Although the theoretical bandwidth is doubled, the effective real world difference is around 6% performance improvement in memory intensive use.
If you buy an appropriate specification quad channel kit (that is, four pieces of matching RAM), you can certainly install them in a computer that supports dual channel, and you will get dual channel access.
Q&A is a compilation of questions that we have answered around the Web
A. M.2 (formerly known as NGFF) is a standard for a computer expansion card socket, and the cards that can go into it. M.2 – Wikipedia
M.2 cards are named after their size: the most popular is M.2 2280 – 22 mm wide x 80 mm long. All 22 mm wide cards fit the same basic M.2 socket,but they are keyed with slots in the connector edge to differentiate between different functions of cards.
SATA and PCI-e (PCI Express) are both computer bus interfaces for data communication to a storage device.
NVMe (NVM Express) is a logical device interface that is specified for PCI-e devices in the M.2 socket, so “M.2 PCI-e” and “M.2 NVMe” are sometimes used interchangeably. SATA drives use the previous ACHI logical device interface.
SATA devices can come in a variety of physical packages, including 2.5 inch drive, 3.5 inch drive, 5.25 inch optical drive, mSATA socket, or M.2 socket.
M.2 storage devices are designed to work with either the SATA or the PCI-e NVMe standard but not both.
The M.2 slots on a computer motherboard may be SATA only, PCI-e only, or may support drives of both both interfaces: you have to check the documentation or the labeling on the motherboard itself.
Speeds: SATA drives are limited to the maximum SATA bandwidth of 6 Gbps (about 600 MBps). PCI-e Gen3 x4 lane NVMe drives are limited to a theotetical maximum of 3,940 MBps. The newest products shipping with PCI-3 Gen4 x4 lane interfaces have a theoretical maximum of 8000 MBps
A. USB “keychain” flash drives are slower because the flash drive has much poorer writing performance than an external hard disk drive. The real world speed of writing depends both on the performance of the interface (USB in this case) and the write performance of the storage medium.
Attached by USB 2.0, an external hard drive can reach about a 30–40 MBps writing rate, limited by USB 2 transmission. On USB 3.0 (USB 3.1 Gen 1) and USB 3.1 Gen 2, hard drives will hit the maximum writing rate of the spinning hard drive, which is about 100 – 200 MBps depending on the drive.
Consumer USB sticks (on USB 3) can do 10 – 45 MBps sustained write speed. That’s down to the low cost NAND Flash chips, the rudimentary controller, and the inefficiency of writing NAND flash memory in general. Flash memory cannot be simply written byte by byte, it has to be written in relatively large blocks. If there is any data on the drive already within a block, then the whole block has to be copied to temporary storage, then erased, then merged with the new data, then written back to the block of flash cells. There are some workarounds to shuffle pages within blocks, but in USB flash sticks the controller is not sophisticated. All this means is that writing to flash takes much longer than it should https://en.wikipedia.org/wiki/Flash_memory#Block_erasure
Single large files will write much faster than many small files. A freshly formatted stick will write faster than one that is badly fragmented with existing data. USB flash drive – Wikipedia
There are faster, more expensive sticks out there, that can do up to 100 MBps or more peak rates on USB 3 User benchmarks, but watch out for the random small file performance. See 639 USB Flash Drives Compared
The second rule of support is: Check the cables again! Is everything powered on?
Once you have done that, you need to isolate where the internet access is being interrupted. Was the internet connection working previously? Do you have WiFi or are you cabled?
Are you able to log in with WiFi and get ‘bars’ of WiFi connectivity? If so that’s good, it means you have connected with the WiFi router. Making a connection to the router however is not the same as making a connection to the Internet, it is only the first step/.
If you can’t connect to your WiFi router, try making a cabled connection to the router from your computer, this will test whether the problem is with your WiFi login ID and password, or the WiFi connection. The cabled connection requires no login.
So look at your router, it should have lights for WAN connection (your broadband connection) and one or more lights for the wired and wireless internal connections. Do any of the lights look different from normal (dead or orange instead of green, for example?)
Do other machines in your location have Internet access, or are all devices (tablets, smart TV, etc) that are hooked through this router offline? If all your devices are out, you probably have a service problem or a router problem.
Turn off the router, and turn off your broadband modem (they might be the same device or separate units). Then wait at least 30 seconds. (now is a good time to unplug and replug the cables between the modem and the router). If the modem and or router don’t have power switches, you can just pull out their power plugs.
Now turn on the broadband modem, wait 30 seconds (observe the lights as it makes connection with the provider, it should settle on one or two lights green indicating WAN access).
Then turn on the router, and wait for it to connect to the modem. Observe its lights. Also check the broadband modem, some of them have a switch on the top to cut connection and put it in standby… its all to easy to accidentally turn this switch on.
If you don’t get a stable light for the WAN connection (the Online light in the example) on your router and/or modem, the service to your building may be down. Call your broadband provider.
If a separate router doesn’t get a stable light from its WAN port, then the connection between the router and the broadband modem may be bad, or the router may be mis-configured.
If the lights look normal, try logging in again from the computer.
If this computer won’t log in to an internet connection, but other devices can, first do a restart on the computer, and try again.
If the computer will log onto WiFi but still can’t get on the Internet (you get Page Not Found on any site you try in any browser), then the computer’s or router’s DNS settings may be bad, or the internet connection from your provider may be down. Hints for troubleshooting DNS problems You can try replacing the DNS Server settings in the computer’s network preferences with Google’s ( 8.8.8.8 , 8.8.4.4 ) or OpenDNS ( 208.67.222.222 , 208.67.220.220 )
‘Canned air’ is a common, if environmentally dubious, method of blowing dust out of computers. Although chlorinated fluorocarbon propellants have been banned, the replacement propellants, Hydrofluorocarbons (HFC) and hydrocarbons, are still not good for the atmosphere, and throwing away the empty metal cans doesn’t help either.
If you are in the business of computer repair or use air dusting frequently, a Metro Data Vac (available from computer stores and online) is a better product. It costs less than 10 cans of ‘air’
It’s useful for other things like inflating air mattresses and beach balls. I also use it to blow the excess water out of my vegetable garden’s micro-drip irrigation system to prepare for winter.
I would not use a household or shop vacuum on blower mode with a hose – the vinyl hose tends to build up a static electric charge in the air coming though, and I am cautious about that.
Some people have asked about an air compressor, this can be used with appropriate nozzles and keeping mind to limiting the pressure (you can damage components with too much pressure). The caution about compressors is if they are oil lubricated and the oil gets in the air lines – you don’t want to spray an oil mist in a computer.
Swap files on the computer’s hard drive are there for when you don’t have enough physical RAM, so the operating systems swaps data out of RAM space and writes a file on storage, to free up RAM for then next use. All modern operating systems use Virtual Memory files, Swap Memory files or Paging files.
The problem is, that hard drives are much, much slower than RAM (how much slower?) so when the operating system is forced to use the swap file, it slows the whole machine down. It’s a big part of the “spinning ball” syndrome you see when you have multiple documents open and you switch between documents or programs. The first defense is to get enough actual RAM to accommodate all of most of your multitasking requirements.
But if you cannot upgrade your RAM any further (either because the machine doesn’t take more, or you are already at the max), installing a SSD drive as your main drive is the last resort to speeding up multitasking. The SSD, being faster than the hard drive, will lower the time spent waiting for the swap file.
Q&A – Questions we have answered in various places over time
A: RAM, of any generation, has always been much faster than hard drives or SSD drives, and RAM continues to be faster.
There are several reasons.
Bus access: RAM is on a bus that is much ‘closer’ to the CPU than drives, and with more lanes. The CPU can access RAM through the high speed motherboard connections, whereas hard drives have to be accessed through a SATA or IDE or PCI-e controller, which imposes limits to bandwidth.
Latency: Latency is the time lag between when a request is made and the first data is read. RAM has latency measured in nanoseconds. Drives have latency measured in milliseconds
Going back 20 years, from PC-66 SDRAM to today’s DDR4, RAM latency has always fallen into the range of 8 to 20 ns. As RAM speeds have increased from 66 Mt/s to 2400 Mt/s the latency has increased. Since latency is measured in clock ticks, PC100 runs at 100 MHz clock speed, at latency 2 that equals 20 ns. DDR4-2400 2400 MTs RAM runs at 1200 MHz clock speed so at CAS latency of 16 that equals 13.3 ns. CAS latency – Wikipedia
Hard drive latency is the average time that the drive needs to process the request, move the heads, and wait for the platters to spin around to the correct block of data. A typical hard drive would have a combined seek time and rotational latency of about 5 ms. or 5,000,000 ns. That’s 250,000 times slower than RAM latency.
SSDs have a very short latency, one of their big advantages over hard drives. In the article below, the read latency was .031 ms. But that is still 31,000 ns, 1,550 times slower than RAM. Sadly SSD’s write performance is much worse than their read performance.
Throughput: Drives are also limited in their bandwidth. SATA hard drives can output between 150 and 210 MBps SATA SSD drives can output up to about 540 MBps. Writing speeds will generally be lower. DDR4–2400 RAM memory can output 19.2 GBps or 19,660 MBps, That’s 36 times the bandwidth of the fastest SATA SSD.
PCI-e M.2 NVMe SSD drives can achieve up to 2,800 MBps read speeds (writes slower). Still 7 times less bandwidth than contemporary RAM.
Yes, news sites rely a lot on syndication, ads, dynamic content and loading content from multiple different sources. But the majority of computers do not bog down or lock up on news sites, so there are more variables at play here.
What computer? How much RAM does it have? What OS and version? What web browser and version? What news sites in particular? What internet connection and how fast?
The two most obvious things to try are to use a different web browser, and clear out your browser cache frequently.
If you use Firefox with the NoScript extension, you can control what scripts are allowed to run from which domains, and therefore selectively filter the content until you only get what you need. In general, use the latest version of the web browser, and turn off as many features and scripting as you can.
Then, look at your computer(s). Do they have sufficient resources for your OS and the programs you are running? Its’s very common for people with 4 Gb RAM running Windows 10 or OSX 10.13+ to suffer major performance drags, whereas it may have been fine in an earlier OS. Get enough RAM.
How much multitasking are you doing (including background apps like antivirus, downloading, helpers, etc.)? The more programs and background processes you have open at once, the higher the demand for memory. Cut down on the excess.
The free utility CCleaner has a convenient tool for viewing and disabling startup processes under Windows and Mac
Q&A is a compilation of questions we have answered on the Web in a variety of venues
The Thunderbolt protocol is an extension of the PCI-e bus and therefore cannot be converted from USB or any other common interface.
Thunderbolt relies on having a Thunderbolt hardware controller chip, typically built into the motherboard, plus CPU PCI-e lanes dedicated to it, and BIOS support.
For these reasons, it is a non-starter to add Thunderbolt to an existing machine (laptop or desktop) that does not support it.
You can’t go from this –
to this –
in real life. Only in Photoshop
Q&A is a compilation of questions we have answered on the Web in a variety of venues
There is a security vulnerability that affects the QNAP NAS storage devices, and their QTS operating system. It has been fixed with a firmware update from QNAP in February, but the catch is — you need to manually install the update before it will fix things. Because backup appliances work in the background, and we don’t have them in our faces (on our screens) like Windows and OSX, we don’t see nag notices reminding us to upgrade. But they are computers, inside, and their OS needs updating as well.
When I checked my NAS units, the firmware was at 2016 levels, that is not good. (Also, I forgot the Admin passwords to allow QFinder to actually let me upgrade.)
Here’s the steps to putting that right: Use the QFinder Pro application ( https://www.qnap.com/en/utilities/essentials to install the latest version) to log into your QNAP device with your Administrative password.
Oops. If you are like me, you set this up 4 years ago and have long since forgotten the password. No problem, since you are long overdue to change it anyway…
Locate the Reset button on the back panel of the QNAP, behind a small hole. (The location will vary with different models)
With the QNAP NAS running, using a pin or a very thin screwdriver (a Torx 5 for repairing iPhones turns out to be ideal) press this button down for three full seconds. Release when it beeps, or release after 4 seconds and it should beep once on release. This will reset the Admin password, WITHOUT destroying the shares and user access that you set up. If you hold the button down 10 seconds, then it will destroy your setup and make it difficult to get back at your data. https://www.qnap.com/en/how-to/knowledge-base/article/the-different-ways-of-resetting-your-nas-explained/
Next, after the QNAP has rebooted, use QFinder Pro to log on to the unit with the username “admin” and the password “admin”.
Note, if it persistently rejects your password: The QNAP application and Web interface both send passwords as clear text by default. If you have a security program, (Bitdefender in my case) it may block that as insecure, and you may have to create an exception in the security program to let it through.
Choose the name of your NAS in QFinder, choose Configuration, enter the username and password. Now your first job before anything is to change that password to a secure one, because every hacker in the world knows they can access your machine with admin-admin. In Configuration, choose the Password tab and enter the existing password, then your new password twice.
Then re-log onto the QNAP with your new, secure password (which you have safely recorded in your password manager for reference in 2024…). Choose Login from QFinder Pro, which will launch your Web browser and then Login with admin and your new password.
In the web based interface, you’ll likely have several pop up windows offering Help, suggested Apps, etc. Politely decline these.
It may present a window saying that the Firmware needs updating, You can OK that one to start the process. If not, go to Control Panel, System area, Firmware Update icon
It will tell you the firmware that is ready to be downloaded and installed, just OK it and then be prepared to wait for 20 – 40 minutes as it downloads, installs and reboots the QNAP.
Once it has restarted, you are done. Well almost. In my case the firmware was old enough that it had to update to an intermediate version before it would install today’s version, that just meant another run through the Firmware Update cycle. The QFinder Pro interface will throw up a red flag after the Version number if there is another update needed.
Apple announced that iPhone 5 will require updating before Nov 3 or iCloud, App Store, email, web and other services will no longer work.
Starting just before 12:00 a.m. UTC on November 3, 2019,* iPhone 5 will require an iOS update to maintain accurate GPS location and to continue to use functions that rely on correct date and time including App Store, iCloud, email, and web browsing. This is due to the GPS time rollover issue that began affecting GPS-enabled products from other manufacturers on April 6, 2019. Affected Apple devices are not impacted until just before 12:00 a.m. UTC on November 3, 2019.
The implication is that if you do not update before Nov 3, you will no longer be able to connect to Apple and will not be able to update the phone via the IOS updater, and you will have to restore it from ITunes on a computer. If you don’t have a current backup, that means losing data.
Apple is sending out alerts to iPhone 5 owners that their phones must be updated to iOS 10.3.4 before November 3. If the iPhone 5 is not updated in time, it will be unable to connect to the internet entirely, including web browsing in Safari, email, iCloud and App Store services. This issue is specific to the iPhone 5, which was last sold in September 2013. To keep the phone functioning normally, update to the latest iOS 10.3.4 update before November 3. If you miss that date, OTA updates and iCloud backup will no longer be possible as the phone will not be able to connect to the network. In that case, you will need to connect to a computer and restore with iTunes on a PC or Mac.
If, like me, you have an iPhone 5 sitting in a drawer as a backup phone, it would be an excellent idea to pull it out now, charge it up and get it updated.
I was a little alarmed that the updater advised that it “will have to take all the apps off the phone to update, but, trust me, I’ll put them back on again”. It seems to have kept its promise.
Why do I keep it? There’s one dodgy application that I use, for a Chinese company’s automated pet feeder. I don’t want this app on my daily phone or iPad, so I keep it on the older iPhone and only use it when I go out of town and have to set up provisions for “She who must be fed”
Host ports A host is a computer or another device with an operating system, that has the ports and the OS support (and drivers) to control a USB device.
Where are the ports? If it is a desktop computer, there are usually several USB ports on the back panel where the motherboard’s ports come out. The Host USB ports are all Female jacks
If it is a notebook computer, the ports may be on either side of the machine or on the back.
USB 2.0 and 3.0 host ports are rectangles about 13mm wide and 5 mm high, these are called USB A Female ports.
Black designates a USB 2.0 port. It is fine for keyboards, mice, printers, scanners, etc.
White was used in the original USB 1.1 standard, however you will not see any USB 1.1 devices or computers that have been manufactured in approximately the last 15 years.
The ones with blue plastic inserts are USB 3.0 speed (USB 3.0 is now officially named USB 3.1 Gen 1, just to confuse things). the ones with black inserts are USB 2.0. Red inserts charging ports that continue charging USB peripherals even when the computer sleeps. USB peripherals generally will work with either USB 2.0 or USB 3.0 hosts, however the available 5V power and data speed on USB 2.0 ports may be limited for some devices.
The latest USB port is Type C (officially USB 3.1 Gen 2 with Type C connector). It is smaller, a slender rounded port about 7mm wide and can be inserted in either direction. With the correct cable, you can adapt from USB – C to USB – A type. You will see USB C ports on only the most recent machines.
Peripheral Ports Peripheral devices like printers, smartphones and cameras have various USB ports but these will all be Female ports.
A peripheral must be connected to a host. You can’t connect two peripherals together. A few peripherals such as smartphones and tablets, can be both a host and a peripheral using the same port (but not at the same time) – for example hooking up to a computer as a peripheral or acting as a host attaching to a USB stick to back up files.
Where are they? The ports are located in different places, usually on the back panel or the rear section of a side panel for printers, on the bottom edge of cellphones and tablets, and behind a flap or a rubber seal on cameras.
Here’s what to look for USB ports on printers and large external devices tend to be a squarish, 10 mm x 10 mm USB B-Type port, there are 2 versions, USB 2.0, and USB 3.0 which has an extension on one edge
USB ports on most phones, tablets and cameras are Micro USB which is about 7mm x 2 mm with one of the long edges bevelled. These are common for charging ports as well as USB data, and are a mandated charging standard in Europe.
Older devices may have Mini USB, which was quickly passed over in favor of the Micro design.
Some devices that need more power such as external hard drives, may have a Micro USB 3.0 which is wider than the MicroUSB and has a second set of contacts. The USB 3 Micro B port will accept a Micro B connector.
There are some other rare types of USB cable connections, and some manufacturers use a non-USB standard connection. Some Olympus and Nikon cameras use the UC-E6 connector, the cable would have a standard Type A male on the other end
Very occasionally, a peripheral will use the full size Type A port, which is problematic because there are few A (male) to A (male) cables available.
Apple iPhones and iPads have never used USB to date (2019). Instead, they use proprietary connectors, first the Apple 30-pin connector, then the Apple Lightning connector. Although the Lightning connector is close to the same size as Micro USB and USB Type-C they are not compatible. The older 30 pin connector is similar to one Samsung used, but again they are mutually incompatible.
Thunderbolt
Thunderbolt comes in three versions, 1, 2 and 3.
Thunderbolt (formerly under development by Apple and Intel as “LightPeak”) is an interface that combines DisplayPort monitor signals with PCI-e high speed data communications signals. A single cable attached to a Thunderbolt 1 port provides two channels of up to 10Gb/s of data in both directions, and can support displays and hard drive storage (including large capacity RAID). Thunderbolt 1 was subsequently updated to Thunderbolt 2 and Thunderbolt 3, with 20 Gb/sec and 40 Gb/sec respectively
Thunderbolt can be daisy-chained for multiple devices on one cable, and can be used with adapters to output to DisplayPort, HDMI and DVI monitors. But check that the drive does have two Thunderbolt ports. Peripherals and monitors with single Thunderbolt ports are terminal devices and can only be used on the end of the chain.
The Thunderbolt 1 and 2 cabling system uses the same connectors as MiniDisplayPort, and is compatible with MiniDP video.
The Thunderbolt 3 system uses the same connectors as USB Type-C. Because Thunderbolt 3 carries USB as well as DisplayPort and PCI-e data, a Thunderbolt 3 host is backwards compatible with USB 3.1 Type C peripherals — but not the other way around, a USB Type C host will not support a Thunderbolt peripheral.
Thunderbolt cables are active cables, they have electronics built in, so standard Mini DisplayPort and USB-C cables cannot be substituted.
Firewire
Firewire (IEEE-1394a) was introduced by Apple on their Macintosh line as a higher performance alternative to USB for external hard drives, Developed with Sony, who named it i.Link, and Panasonic, it was also used as a transfer cable for DV Video.
It and was used in two versions, Firewire 400 and Firewire 800, which doubled the performance. Firewire 400 used a 6-pin cabling system. The main connector was a D-shaped, metal shelled connector, but there was also a small 4 pin variant that was small enough to fit on a camera or camcorder. The Firewire 400 cable carried 12V power, and in an unfortunate design choice, if the connector was inserted upside down into the computer (theoretically prevented by the asymmetrical shape, but practically quite possible, due to the flimsy construction of metal of the connectors) then the 12V power would short across the data lines, burning out the peripheral’s Firewire circuitry and possibly the Macintosh’s as well.
Firewire 800 (IEEE-1394b) switched to a keyed 9 pin solid plastic connector, which was more reliable, and maintained backward compatibility with FW400 if you used appropriate adapter cables.
Every week we receive orders and quote requests from companies, universities and hospitals all over North America, requesting expensive IT equipment. Great, right? Not really, because these are fraud artists that are trying to lure companies into sending valuable goods to them, and having the bill sent to the institution that they are impersonating.
They will have all the correct logos, all the correct addresses, and the real name of a senior employee at the institution – all information that can be found online or in an annual report. But the email domain will be a lookalike; ucalgary-ca.com instead of University of Calgary’s real domain of ucalgary.ca. Or they will make a misspelling or add something to the domain , jlsmithindustries.com or jlsmiths.com or jlsmith.net instead of jlsmith.com
The criminals will want 30 day terms to pay (as normal for a large company). This gives them plenty of time to disappear before the real company sends back your invoice and tells you they never ordered anything. The variation would be if they offer to pay by credit card, and provide a stolen card number. Credit card chargebacks typically take 2 – 4 months to be reported, and the money will directly withdrawn from your bank.
If the vendor is unwary enough to go through with the quote, they will receive an official-looking purchase order, complete with company logos and signatures. If they accept the order, when it comes time to deliver the goods, invariably there will be a “new office” or “warehouse” or “client site” to ship to, rather than the main company address. That will turn out to be an anonymous mail drop. Or alternatively, the scammer will arrange their own shipping on their account to the real address, and simply redirect the parcel with an address change as soon as it is shipped.
Note: Never let an unfamiliar customer use their own shipping account, and call your own courier companies to set all outgoing parcels to “No redirect” or “No Non-Direct Delivery” for your account – otherwise the courier company will let the recipient redirect the parcel to an alternate address as long as they have the tracking number (or they can allow a neighbor to sign for the package)
Here’s the most recent example
The first clue is that you are receiving an order or a RFQ from a company that has never contacted you before or that is out of your territory. In the example, the fact that we are in Canada and they are in Texas makes it improbable that it is legit.
Second can be that they ask for strange combinations of products – network switches and printer paper, for example, or they are asking for products that you don’t normally carry or advertise, although the criminals are getting better at paying attention to this.
Third, they mention payment terms up front, and/or they want extra fast delivery, and/or they do not seem concerned about price.
Fourth of course would be grammatical and spelling errors or stilted language in the email, but that is not reliable, as criminals can hire writers and editors too.
In the example above, one tell is the use of a AOL email address. That is sloppy on the part of the criminal, they didn’t bother to set up email boxes at the phony domain bshwc.com they registered 39 days ago. No reputable company does business email from a free email service (gmail, hotmail, outlook, aol, yahoo, ymail, etc,).
The email may be excessively concerned about proving who they are. Hint: Chief Procurement Officers or any executive suite or senior staff do NOT handle routine requests for quotes.
Crucially, you must check that domain name in the From: and in the Reply To: areas of the email headers with Whois to see who it is really registered to, and when it was registered.
Look up the actual company or institution with a Google search online to see what their real domain is. Contact the purchasing department from the information on the real website to confirm if you have any lingering doubt that it may be real.
If you are like me, you will take the extra time to email the actual company and alert their security and accounting departments to the fraud attempt. They can also take action through the domain name registrar and the domain and mail hosting companies, to take the domain down for criminal activity and for trademark infringement. In the example above I got the domain registrar ENom.com to take down the bshwc.com domain within one day. Not all of them are this responsive.
Purchase Order Fraud – Impersonation scam
Every week we receive orders and quote requests from companies, universities and hospitals all over North America, requesting expensive IT equipment. Great, right? Not really, because these are fraud artists that are trying to lure companies into sending valuable goods to them, and having the bill sent to the institution that they are impersonating.
They will have all the correct logos, all the correct addresses, and the real name of a senior employee at the institution – all information that can be found online or in an annual report. But the email domain will be a lookalike; ucalgary-ca.com instead of University of Calgary’s real domain of ucalgary.ca. Or they will make a misspelling or add something to the domain , jlsmithindustries.com or jlsmiths.com or jlsmith.net instead of jlsmith.com
The criminals will want 30 day terms to pay (as normal for a large company). This gives them plenty of time to disappear before the real company sends back your invoice and tells you they never ordered anything. The variation would be if they offer to pay by credit card, and provide a stolen card number. Credit card chargebacks typically take 2 – 4 months to be reported, and the money will directly withdrawn from your bank.
If the vendor is unwary enough to go through with the quote, they will receive an official-looking purchase order, complete with company logos and signatures. If they accept the order, when it comes time to deliver the goods, invariably there will be a “new office” or “warehouse” or “client site” to ship to, rather than the main company address. That will turn out to be an anonymous mail drop. Or alternatively, the scammer will arrange their own shipping on their account to the real address, and simply redirect the parcel with an address change as soon as it is shipped.
Here’s the most recent example
Crucially, you must check that domain name in the From: and in the Reply To: areas of the email headers with Whois to see who it is really registered to, and when it was registered.
Look up the actual company or institution with a Google search online to see what their real domain is. Contact the purchasing department from the information on the real website to confirm if you have any lingering doubt that it may be real.
If you are like me, you will take the extra time to email the actual company and alert their security and accounting departments to the fraud attempt. They can also take action through the domain name registrar and the domain and mail hosting companies, to take the domain down for criminal activity and for trademark infringement. In the example above I got the domain registrar ENom.com to take down the bshwc.com domain within one day. Not all of them are this responsive.
University of London has been hit with this so often that they have a page dedicated to the problem. It’s worth a read.
Share this:
Like this: