Category: Tech

Programming, Security, Tech

Phishing with Love

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

Erica: I sure hope that the latest script from Z-Daddy behind you.
Sean: What is your obsession with Scriptingthewhy!?
Photo by vjapratama, please support by following @pexel.com

Throughout the history of mankind, there is one emotion that has driven us to do many things. Some of these may be crazy and unconventional, but the result is done with good intentions…sometimes.

It’s the one emotion that no one can seem to live without unless you have no desire for it because you believe you’re cold-hearted, at this point I would cautiously call you a monster and bid you a good day. What is this emotion I’m alluding to?

It’s called love, love is a very interesting and powerfully intoxicating emotion we humans have.  If there is anything to know about love, it’s a good thing. However, if you’re rifling through piles and piles of emails from the weekend only to find one saying “ILOVEYOU” in the subject line followed by a “click here” attachment might not be the love you may want at the current point in time.

Don’t know what I’m talking about? Let me script to you what I mean.

Kim: You don’t even know why I’m mad at you.
Tim: It’s because I didn’t read that script thingy.
Kim: That and you didn’t change the toilet paper roll this morning.
Photo by Katerina Holmes, please support by following @pexel.com

A Lovely Chain Letter

As mentioned earlier, you’re rifling through all of your emails from the weekend, and you find one saying “ILOVEYOU”. While this may seem like someone sent this with the intent to brighten up your day and give you all of those cute, warm fuzzy feelings like reminiscing about grandma’s home cooking, the bad news is it’s not.

This event is referred to as the “Love Bug” or “Love Letter for You”, in other words, you’re getting duped with a computer virus, if you click on the attachment. Just when you thought someone was falling head over heels for you.

That’s a solid question Z-Daddy, I think I was in calculus with my crush Brinda Adams. I wonder if she knows that I exist.
Photo by Pavel Danilyuk, please support by following @pexel.com

Frat Worms in College

Here’s a question for you, can you remember what you were doing in the year 2000? If whatever you were doing doesn’t involve sitting in your room making computer viruses, congrats, you’re a part of the majority. I know there is someone reading this script saying “Actually, I was reverse engineering them because of lack of friends.”

Back in the heyday of the year 2000, on May 4th of that year. A 24-year-old college student from the Philippines, by the name of Onel de Guzman had created this computer virus to steal passwords for internet access because he couldn’t pay for it.

This is very reminiscent of trying to tune to the right frequency on the old-school cable box to get the pre-hub before the now prominent hub, black and orange baby. Page 153 and still can’t find anything, we’re all so broken.

At this junction and for my own sanity, I have to make it known that in some sources ILY is referred to as a virus but overall, it’s a worm. The difference is, viruses tend to come in ones or twos, and they muck up a few files in your computer system whereas worms on the other hand, just need you to open the door, and from there, one can multiply and muck up a whole network. Worms are like the frat boys of the computer world, once in, they like to party.   

YES, I AM LOVED…by a guy? Oh whatever, it’s 2023 I’m not judging, I just need someone to hold me and say it’s going to be all right.
Photo by Andrea Piacquadio, please support by following @pexel.com

Loving Dollar Decline

Here’s a scenario on the ILY process, yes, I know you’re dying to know. So, let’s say you are friends with Tom, and you get a message from Tom saying “ILOVEYOU” in the subject line. You open the email and see there’s an attachment. With you knowing Tom, you open the attachment thinking nothing of it but that’s when having to explain to someone why you ghosted them, and spontaneously pop back up begins.

This triggers an event of messages being re-sent to, not only everyone in your list of contacts but their list as well. Do you see how it wormed its way into your life? This scenario is what happens on small scale but on a larger one, ILY found its way into corporate networks due to Microsoft Outlook being widely used at the time which resulted in files of every type being wiped from the hard drives and in just about 10 business days resulted in 45 million users and cost about $10 billion in damages. That’s $3.5 billion in today’s currency, the power of the good ole American dollar, am I right?

Jake: So, I walked up that computer virus and was like “What’s up”.
Z-Daddy: Jake…you know that’s not help you deal with computer viruses, right?
Jake: Pfft, whatever bro, waited long enough and screen went off. Mission accomplished.
Z-Daddy: That’s…never mind.
Photo by Rusian Alekso, please support by following @pexel.com

Effects and After Effects

Now while this worm had spread its way across many, many, many systems, some of which include the Pentagon, CIA, and U.S. Army, and even ventured to the United Kingdom, this one isn’t much to worry about. A part of it was caught on a server that was quickly turned offline and with no other servers to send information to, there was nowhere for it to spread.

Many large companies had to make the decision to completely turn off their emailing systems. As we all may know, being able to email can convey information and information is money, so you can picture a lot of money was lost throughout this whole endeavor. At this junction you have nothing to worry about, however, this doesn’t mean one can run around clicking on emails with “ILOVEYOU” in the subject title.

Being aware of a potential cyber-attack could make a world of difference when it comes to protecting your computer and your life in general. If you get an email from someone you know and you’re curious about it, check with them on another medium (i.e., text message or phone call) to ensure that it was them that sent the email.

Of course, you should have anti-virus and malware protection on your computer and that it and your operating system is up to date as the older systems have vulnerabilities that are not patched. To touch back onto Guzman, while he has one of the world’s first global computer viruses (worm) under his belt which affected 45 million, charges against him and his buddy were dropped, and he regrets unleashing ILY.

When ILY did its thing and pretty much destroyed email by storm, Guzman was so shaken up that he took a year off from working with computers. He now runs a phone repair shop with his buddy in the Philippines.

She sent I love you and the attachment was her. Thank you, Z-Daddy, for keeping us aware.
Photo by Nataliya Vaitkevich, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you think there’s something I may have missed about ILOVEYOU? Script a comment below.

Security, Tech

Swapping Phones and Trading Places

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

Jesus Saves but Scriptingthewhy saved my bank account baby! Read this script!
Photo by Brett Sayles, please support by following @pexel.com

Hey you, yes you, you the reader. Do you want to know a secret? I know something special about you. The fact that you’re reading this means that you are in the market for getting robbed.

I’m sure there hasn’t been a point in time, where you haven’t had the thought to give some stranger on the internet your hard-earned cash. Please keep in mind that hard-earned was said depending on your work ethic, we all know that results may vary. You say “no”? None of this sounds appealing to you. Don’t worry, that wasn’t my angle.

Humans, it has long been known that we are creatures of habit. We don’t like change much, so we often don’t like it when our plans have hiccups. This could range from something small like having to pick up a tube of toothpaste because you just squeezed your last bit this morning and now you have to add another item to stop for on your shopping list or, to something big like having your phone no longer working because it’s not in your name despite the fact it was fully functional the day before.

You don’t quite understand that last one? Don’t worry, I’m going to script it for you.

Lord, I think this is what Z-Daddy was talking about. This phone was working a minute ago.
Photo by Alex Green, please support by following @pexel.com

A Change in Signal

If you can, picture you’re using your phone for one minute and you put it down only to come back moments later to find that it no longer operates the same. You try making some calls, double check to see if you have any “bars” (“signal”, if you wanted to be technical).

You turn on and off the airplane mode, restart your phone, and still nothing. It’s obvious that something is off and this clearly isn’t normal, you shouldn’t try putting it off to deal with it later.

There is a super high chance that you could be experiencing SIM Swapping. SIM (Subscriber Identity Module) swapping which may go by other names like SIM hijacking, SIM splitting, or sim jacking (not sure how much I like that last one, sounds like a trip to HR), is the art of an attacker/hacker gaining control of your phone number.

Once your number is obtained, life for you is going to go from Netflix and Chill to Bodies by Drowning Pool pretty quickly.

Another globe crisis and cyberattacks on the rise…I’m good with this.
Photo by Ashutosh Sonwani, please support by following @pexel.com

Changing Faces

If you’re an advent reader of mine then you’ll already know or have a good sense of who would commit this act and why, but if you’re not, ask yourself the following. How could you have committed this heinous crime of not subscribing? Why haven’t you subscribed to keep up to date on when I post? And are you going to be missing out if you don’t subscribe? To that last one, I can honestly say “yes”.

Subscription shaming aside, this act is committed with the intent of the attacker becoming you. Why would someone choose you as a target you may be asking? As mentioned before, imposing as you can grant them access to everything you have and more.

They can intercept incoming messages meant for you. Some events have involved credit cards being charged and financial institutions trying to confirm if the purchase was legit only for the attacker to confirm in your place.

Sometimes there’s just no other way to say it.
Photo by Saksham Choudhary, please support by following @pexel.com

Ways to Phone Jack

So you may be wondering, how is something like this executed. I mean, clearly, there has to be some telltale signs before it even happens, right? Well…in most and by most meaning all, you’ll never know that your information is being collected.

This could be done by using keyloggers malware, phishing emails, or which happens in most cases social engineering. The attacker will be someone who has been in the same vicinity as you and has listened close and long enough to obtain enough information to pose themselves as you.

Enough to fool your cellphone provider into giving them more information that they may be missing to commit further attacks. Once that happens, the fun of trying to get everything back in order begins, depending on your response time when you find out your phone no longer has service.

I watched out for social engineering, and I’m didn’t crazy.
Photo by Kindel Media, please support by following @pexel.com

Becoming Socially Unacceptable

At this junction, which is normal, you might be wondering how to prevent this from happening. Social engineering is tricky to catch, so you have to pay attention to everyone you’re within earshot of. Trying to do this constantly will drive you insane and pretty much overload your senses…well and at some point, you’re going to lock eyes with someone for a little longer than what’s considered to be normal, and you may end up weirding them out. The point is, you’re going to end up like Jim Carrey from the movie 23 and be uber-paranoid.

An easier and more sane solution is to be mindful of your volume in places where you’re required to verbally give your information as talking to the person as if you two are in a rave could end poorly since eavesdropping is an easy skill perk that we all have. If writing it down, make sure you are aware of people who may walk by as this could lead to them being able to perform “shoulder surfing”, this is a clever name I know. I didn’t coin it but still somehow, I can feel your judgment.

Some other countermeasures you can take instead of opting for text-based confirmations are, your cellphone provider will let you add a PIN (Personal Identification Number) to your account for an extra layer of protection. When making use of 2FAs (two-factor authentications) verification methods, opt for biometrics which relies on either facial recognition or fingerprint scanning as this involves confirmation of your physical being.

Another method is having a security key that looks like a flash drive but a simple tap or insert into the phone could be more secure if you didn’t want the hassle of trying to get your phone to recognize your face. It is highly advised to contact your provider as soon as possible if you get a “Number changed” or your phone stops operating normally, the effects and fallout could run into years of working to get everything fixed.

Within 5 hours a credit card statement of $7,845.35 could be in your name and that could be the prelude to what’s to come.    

Small Detour:

Check out this person’s experience with SIM swapping because their story is wild, click here.

Sean: I want to be a hacker like Z-Daddy when I grow up.
Z-Daddy: I’m not a hacker kid, you know what, forget it.
Photo by cottonbro studio, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Is there something I may have missed about SIM swapping? Script a comment below.

Cloud Talk, Tech

How Cloud Cuts Your Budget

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

businessman seated worrying
AWS…I could’ve cut cost going with Google cloud. Multi-cloud nonsense.
Photo by Nicola Barts, please support by following @pexel.com

Here’s a situation, you are working on your small business and you’re thinking about growing your enterprise so you can further scale to make your company become the industry giant you have set your sights on.

However, you begin to notice that cash isn’t flowing like it once was. You begin to question: “Why? How did this happen? I know my company is turning a profit. What in the world is going on here?” You check your business account only to find your money has been going places it doesn’t need to be.

You find you don’t need this stress since you have other pressing things to worry about and trying to get your finances back on track doesn’t rank high on your to-do list. This situation would be better suited if you had access to a certain team of people with a particular set of skills (my second Taken reference sorry).

There’s a name for a group of people that handles the operation of financing, but I just can’t recall it.

someone seated counting money
Counting money that doesn’t belong to me gets old very quick.
Photo by Kuncheek, please support by following @pexel.com

Clouding Around

Do you want to cut costs and track your money in the meantime and all the while grow your business to new heights? How would one do this you might ask?

Well, you have two options which are 1) you could venture to handle everything yourself which in turn would be a complete and utter nightmare, seeing you go from 0 to 100 in 1.5 seconds flat due to the fact you got overwhelmed, or 2) find yourself a team of people who could manage and monitor, assess, and even advise your finances for you.

What group of people would be crazy enough to do such a thing? Financial Operations or FinOps for short. FinOps is a cultural practice that brings cloud technology and business altogether to drive accountability and maximize business value.

FinOps are governed by six principles: collaboration, ownership, centralized cost savings, reporting, value, and taking advantage of variable costs. If you’re looking to scale your business and moving to the cloud or growing your cloud is going to be on the menu, FinOps are going to be one group needed to make sure all resources are accounted for and the budget stays on track.

In a nutshell, you can think of them as accountants for your current or future cloud.

credit card transaction
I sure could use a team of accountant to explain why business card keeps declining.
Photo by energepic, please support by following @pexel.com

Sales in Failure are Final

Oh dear reader of mine, you may be thinking to yourself, “Why would I hire an accountant? I manage my bank account and business account just fine. I budget well, I’ve got nothing to worry about.”

Well, as mentioned before, if you lack the skill set to operate in the cloud and begin to connect resources without a care in the world, your dollar sign will quickly get overwhelmed. Everything costs in the cloud down to the computing power which could range from a second to minutes.

So yeah, money management would get out of hand before you even completed computing “Hello World” using a Lambda function. Therefore, having a FinOps team would be very beneficial. What group of people would turn to FinOps for information?

Financial planners, analysts, business managers, and advisors use reports from FinOps for cost allocation and forecasting. This is like having a weatherman in your business, but they’re actually paid to get the forecast right.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

a team of people looking over data
Third quarter isn’t looking good, might be another quarter in the red.
Photo by fauxels, please support by following @pexel.com

Fins Cuts the Budget

How much does FinOps have a play in the world of today you might be wondering. Well, that depends on what part of the world you are in, if you’re the employer, you’re more likely to hear about how certain cloud resources are outside of your budget and how you should be focused on cutting costs.

If you’re the employee, then it’s more likely you’re hearing about how cloud resources you could use, and need are outside of the company’s budget and how much the company needs to focus on cutting costs.

FinOps has been around since 2012 and many companies both big and small have adopted the FinOps framework to run their business. This adoption helps edge out the competition by enabling companies using FinOps to be capable to make better data-driven decisions, reducing costs on wasted resources, creating investment opportunities, and increasing transparency.

Just think of them as all good things to have if you get hit with an audit. Again, this group has a particular set of skills that work in your favor, just don’t forget to pay them on time.

older fellow seated at table
So you think you have a future in FinOps?
Photo by Andrea Piacquadio, please support by following @pexel.com

Choosing Paths

So, you may have the response “Nah, I can handle my budget and others with no problem. Just tell me, do I need a degree?” There’s some good but pricey news, you don’t need a degree to get into FinOps, just need to be familiar with their core principles.

FinOps is a cultural mindset developed to provide accountability to a business. Your time will be better suited to pursuing certifications with some specialized credentials like a Chartered Financial Analyst (CFA) or Certified Equity Professional (CEP) however, obtaining these certifications is not going to be easy, and knowing your stuff when it comes to financing is a must.

Another option is you could join the FinOps Foundation and select from their courses to become either a certified practitioner (I know I mentioned this step but skip becoming a practitioner, employers don’t recognize them) or hop right into becoming a certified professional. Just know, this is going to get pricey since this ranges from $599 – $3,750 (I did say I had some pricey good news).

But if you’re trying to learn on a budget, again Zero daddy has you covered. There are other resources, Coursera has one course on FinOps provided by Intel, and there are several courses on Udemy. Just stay away from getting caught up in tutorial hell. Gain a deep understanding of the basics, build upon them, and keep on moving.

After obtaining some of these credentials and online courses, you will be able to demonstrate your knowledge of investment and financial management best practices. Or you could do a combination if you have the time and money, it all boils down to what goals you have in place.

typewriter with paper saying "goals"
Goals without actions are only dreams.
Photo by Markus Winkler, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Think there something that might have been missed about Finops? Script a comment below.