Friday, September 24, 2010

Has my cables provider's billing system been compromised?

My cable provider (internet and telephony infrastructure) in Israel is a company called HOT. I get my invoices from their service into my mail, and this morning I got this email:

This email's title is in hebrew, translated it says: "A notification about a change in billing service username" (roughly) the sender seems to be HOT but in fact it is not, as you can see, the red arrow points to the real underlying email address: "", this is how it looks normally (green arrow):

Normally, links in emails coming from HOT billing service lead to, e.g (green arrow):

However, in the suspicious email the links looks very... err... suspicious :)
(red arrow again)

So this email is either a very unwise attempt to use some external email sending service or, and I stress the OR, it means someone is trying a phishing move. I find it hard to believe someone would try such a specific phishing email on a random bank of emails...

My only logical conjecture is: the sender had access to a list of HOT customers (business customer in my case), which is a very scary conjecture, one that I hope will be proven wrong...


Further investigation reveals that em-sender*.com might be connected to a company called Hmmm... this mail might be legit after all...

Friday, September 17, 2010

Wednesday, September 8, 2010

Using Facebook Javascript SDK in your Blogger blog (Like button example)

Before you go any further you must read (and implement) my post about open graph:

Teach your Blogger Blog to speak Facebook's open graph protocol

Open your blogger design interface and goto edit html and find the body opening tag (search page for <body). In another browser window open this reference url on facebook's developers site: copy the code there and paste it right after the body tag in your blogger template. The code snippet you just pasted should contain the following text: appId: 'your app id' (if it doesn't then facebook might have changed something and this post might not be relevant anymore). 

If you properly followed the previous post (teach your blogger...) then you should have a Page on facebook for your blog by now, Go to it. We need the ID of that page, we can copy it from the address bar of our browser:

See the yellow marked number thats the ID of the page, copy it and paste it instead of your app id text (leave the single quotes in tact) in the code snippet we copy pasted from facebook. Save the template! :)

Time to add a like button to each post but first, make sure the Expand widget template checkbox is checked in your template editor:

I've decided to place the like button beneath the title of each post and at the end of it, the exact position in the template depends on your blogger's template, when you locate the desired spot, paste the following code in it:
<!-- facebook local post like button -->
     <b:if cond=''>
       <fb:like expr:href='' layout='button_count' show_faces='false' width='200'/>
        <b:if cond='data:post.url'>
       <fb:like expr:href='data:post.url' layout='button_count' show_faces='false' width='200'/>
       <fb:like expr:href='data:url' layout='button_count' show_faces='false' width='200'/>
<!-- facebook local post like button -->
And that should be it. If everything went right you should now see a like button on your blog, try it... and please try my button too ;-)

Using Blogger data tags inside script tags

Template will look like this:
<script type='javascript'>
var url='<data:blog.url/>';
And the rendered result will look like this:
<script type="javascript">
var url='';

Concatenating text in blogger data tags

I was messing around with my blogger template, testing the best way to integrate a facebook Like button into posts (this due to numerous demands to see how its done properly and not in a side bar).

One of the methods I tested required me to generate different ids for different posts and the most logical way to do so would be to use to post id somehow. I searched the reference on blogger support but couldn't find any example, so I looked inside some templates and I found an example. So in the template we type this:
<span expr:id='&quot;myId&quot; +'></span>
Please note that I have to use encoded quotes to surround the text and concatenate using the plus sign. This html will be rendered as a result by blogger engine:
<span id='myId8712387612387612'></span>