Scam Alert: “Testers needed to test the Apple iPad” –

i got an email last night sent from a client we did a website for about a year ago inviting me to become a tester for an Apple iPad.  actually, i got two emails — one sent to each of my main addresses.  The subject line of the email was “Testers needed to test the Apple iPad.” redundancy aside, i was curious — also, skeptical.  it’s a little late in the game for there to be iPad testing; usually testing (and certainly anything calling itself “beta testing”) is conducted before the device is ready to ship — the iPad already has a hard release date.  the only kind of testing that would even be feasible is some kind of user experience testing for the purposes of market research (in which case it wouldn’t matter when the product was released, but it would probably make more sense after the producer got some initial sales figures). barring someone hanging out in your home and following you around as you use the thing, something like that would almost certainly need some special software installed, and it’s been well documented and established that the only software that gets onto an iPad is — like the iPhone or iPod Touch — from the iTunes App Store.  The body of the email had this to say:

Hello [my name],

Your contact “[contact’s email address]” invited you to join our TestitandKeepit program.

At this time we are actively searching for people who will be willing to test the new Apple iPad. The testing period will take only two months, after which you may keep it as compensation.

To see more details and register to our program, follow the link below:


The TestitandKeepit Team

This immediately made me search for “test it and keep it ” — certainly if this was an established company, their website would be high ranked on a search for their own business name.  and, if it was a scam,  i should see some blog posts or scam reports on such.  the results?  well, i didn’t find the company, or even their website, by searching for “test it and keep it”, but i did find several posts in various different places that gave the impression that it was, in fact, a scam.  most of them, however, were not based on any hard evidence as the authors hadn’t actually gone through all the steps.  it wasn’t until i found this post on the sophos blog from earlier this month that i could see what the take was, summarized in this handy-dandy youtube video.

all of these so far, though, are referencing this as being a facebook scam, and it wasn’t an email (or invitation to join a group) from facebook that sent the invitation i received.  thus prepared, i ventured to the site.  a few things caught my attention early on:

  1. the top navigation links work, sure, but the links to “contact”, “home”, and “rss” links at the bottom of the site don’t link to anything.
  2. while there is what appears to be a newsfeed on the right side of the page, complete with number of comments, none of the “posts” actually link to anything.  neither do the comments.
  3. there is no specific evidence of this group ever conducting a test like this before, other than a mention in the non-functioning news feed
  4. although the company description freely says that they are not directly related to the product manufacturers and are an outside organization called in to select participants for product tests and report back their findings, a company as large as apple would not be very likely to hire an outside organization — especially their policy for extreme secrecy when it comes to new products.
  5. from their about page:

    Our mission is simple:
    “Make life easier for everyone.”

    We offer solutions hassle-free to companies who want their products reviewed. We select participants and we deal with all the paper work, the logistic behind selecting the participants, getting their reviews, etc… Plus we make life easier for all the people who will purchase the product in the future, because of our help, the product will be improved and fixed from its original conceptual bugs or malfunctionning.

    this is the sort of meaningless copy that people who have never been directly involved with product manufacturers or large corporations might believe.  are there companies that get hired by large organizations to test their products?  sure.  but are the primary incentives in hiring such a company a) selecting participants, b) dealing with paperwork, and c) making life easier?  no, they have staff that can handle stuff like that.  would a company like apple hire the “Test It and Keep It Team” based on their company’s description on their about page?  very unlikely.

  6. and then there’s the little matter of grammar.  most people who receive spam on a daily basis know that the easiest way to detect spam and phishing emails from their legitimate counterparts is that, more often than not, the language and grammar in the spam and phishing emails is atrociously bad, riddled with spelling and punctuation errors as well as simple sentence structure errors that any large company’s PR and marketing team would have caught before going to press.  however it’s also widely known that people don’t read, and certainly when it comes to something like this, they are more likely to skim the page. yuo konw taht eamil taht yuo gte wehre lla teh wrods aer splled wrnog and this is to prove that as long as all the letters are there, it doesn’t matter what order they come in in terms of being able to read it?  well, that just goes to show how much we can skim and not even realize we’re doing it, but anyone somewhat trained in picking out errors like this will see these things as glaringly obvious.  certainly no company trying to impress the likes of apple would let such mistakes be published on their website.

none of these things looked too promising for this little site, but out of pure curiosity, i decided to see what happens when i try to sign up.  like the facebook version, the signup is split up into 3 parts.

step 1 — submit your name and email address (interestingly, though, the name fields are labeled as “Name” and “Last Name” — usually, when first and last name are required, they are at least listed as “first name” and “last name”)

step 2 — invite all your friends.  since they can’t do this automatically directly on facebook, they’ve built in a method by which you can invite all of your friends from various different networks simply by entering your username and password!  (because i love giving out my username and password to shady companies.)  presumably this mass emails all your friends on various different networks with a message similar to what i received trying to get more people to sign up for step 3.

step 3 — complete registration.  you might think that this would be like a submit button or send you a validation key or something like that.  in fact, this button redirects you to a completely different site, online reward center (i am providing the link for reference purposes only, submit your information at your own risk).  at first glance, this looks exactly like those other sites where you go through 20 pages of offers and surveys to get a free iPod, only to come to the last 2 or 3 pages which require you to sign up for 10 different trial offers in order to receive your iPod.  no good will come of these sites — trust me, i’ve tried.  at one point in time i had heard a story of someone i knew personally who had set up a fake email address and gone through the steps and did actually get their ipod which led me to try it myself.  i chickened out at giving out my credit card number, though, so the only thing i got was spam and added onto Camel’s list for product samples and coupons.  i don’t smoke, but at some point there was an option to choose which cigarettes i preferred, marlboro or camel, and neither wasn’t an option.  as a sidenote, i googled “online reward center” too, and found several entries on the scamminess of that, too, including several questions to Yahoo! Answers to the effect of “is the free stuff you get here for real?” to which the answers were “no,” “no,” and “sometimes if you’re lucky and prepared to get a lot of spam.”

so here’s what i think: this started out as a facebook scam.  ultimately, though, it got banned from facebook from so many complaints (but not before racking up thousands upon thousands of fans).  after that, either a copycat scam popped up, or the same guys with a different catch who, rather than harvesting cell phone numbers, is getting commission on all the crap you sign up for on those survey things — a gimmick that is almost as old as the internet itself (and more than likely based on those publisher’s clearing house sweepstakes offers).

the moral here is: if it looks like a duck, acts like a duck, and quacks like a duck, it’s probably a duck, no matter how much you want that duck to be a free iPad.

also: as a further side note — i contacted the person from whom i received the email originally, including the link to the sophos post.  his response was that he recieved it but did not sign up for anything.  after doing a twitter search, it looks like possibly this scam is even more insidious than it seems, exploiting gmail contact lists to get email addresses.

Update 3-31-2010:

For anyone who’s signed up inadvertently and are interested in “what are my risks” read this from the scam warners forum.  The short response is: don’t give anyone your credit card information over the phone.

If I briefly describe the Florida holiday scam it’ll give you an idea how this can turn into a very shady business.

There are many ways used by marketing companies to collect people’s details. Many sites offer money off coupons and they insist you enter personal details including your phone number. They also have booths at country fairs, race meetings or exhibitions with entries to a free competition for a holiday (of course, there’s no holiday). They then sell these details on to a boiler room with one purpose only – to get your credit card details. They ring up telling you that you’ve won a holiday and that you just need to pay some small deposit, and it’s pressure tactics that you wouldn’t believe. They then clear your account.

It isn’t just spamming.

wordpress shortcodes kick ass (or: shortcodes, an affiliate marketer’s best friend)

shortcodethis one will make the internet marketing peeps smile…

let’s say you have some kind of text or phrase that you use a lot.  it could be anything, but let’s — for the sake of argument, and for showing the full power of this code — assume that the text or phrase includes a link.  let’s go one step further (for the aforementioned affiliate/internet marketers) and say the link is big, long, ugly, and not something that you have memorized like you might a regular url like  no, this link is something like  that’s not so easy to remember unless you have it saved somewhere and can copy and paste.  which requires you to find it, copy it, and paste it in.  this is where the announcer guy overdubs the flabbergasted and frustrated housewife saying “there has to be a better way!”


WordPress shortcodes take one block of text and replace it with another.  Possibly you’ve used a plugin that relies on shortcodes…some examples i can think of off the top of my head — because i use them on — are the flash audio player plugin and download counter. in both cases i need to put some kind of predefined text in brackets along with something that makes it unique to what i’m trying to embed.  so as i’m writing the post it looks something like [functionname(uniqueidentifier)] or [functionname:uniqueidentifier] — in the case of the audio plugin, for example, the specific usage is [au.dio:audiofile.mp3] and for download counter it’s [downlo.adcounter('downloadname')].  those are shortcodes — it takes one thing that you type into your post, and turns it into something else behind the scenes.  now, let’s go back to our ugly example…

i’ve got the ugly link and i want to link it to the phrase “my fancy product”.  every time.  sure, i could type “my fancy product” as i’m writing the post, highlight the phrase, click the link icon in the visual editor, flip back to my notepad document (or whatever) where i saved the link, copy it, paste it into the link box in WordPress, and then select “open in a new window” (or not, depending on if i want to lure them away from my site…) and hit OK.  i could even save the full link in a notepad document, so i’d have [co]<a href=”” target=”_blank”>my fancy product</a>[de], and then i would switch over to the HTML editor in WordPress, paste in the full link code, and then switch back to the visual editor and finish my post.  i could do that…but all those extra clicks and switching apps and windows are time consuming, especially if i need to do this multiple times in a post or a page.

that’s where shortcodes come in.  for the same link, i could add this to my [co]functions.php[de] file:

[co]function fancyproduct() {
return ‘<a href=”” target=”_blank”>my fancy product</a>’;
add_shortcode(‘link’, ‘fancyproduct’);[de]

now i can just type [link] while i’m posting, and when the post is published, it replaces that with a link to “my fancy product”.  i’m using this right now to be able to type [a.p] to insert a link back to my business’ website, [ap].  and i’m using it in this post to open and close [co]<code>[de] tags, rather than doing it manually in the HTML editor.  really, the number of uses for this are only limited by the number of things you do.  you can use shortcodes to insert images, text, more code, whatever.  the important thing to remember when you’re doing this on your own is how to set it up right.  so:

[co]1 function fancyproduct(){[de] — that’s the name of your function.  it can be anything but something identifiable makes it easier to recognize later.
[co]2 return ‘[de]this is where you put whatever you want the output to be[co]’;
3 }[de] — this closes the bracket that was opened on line 1 that tells WordPress what to output for the [co]fancyproduct[de] function.
[co]4 add_shortcode(‘[de]this is what you want your shortcode text to be. just remember you don’t need the [ ] brackets here, only when you are actually writing the post[co]’,'[de]this is the name of the function from line 1.  this is important because it sort of makes the whole thing work[co]’);[de]

but how do i edit my [co]functions.php[de] file?

glad you asked.  if you aren’t a hacker like me and already savvy with DreamWeaver or some other HTML editor, Automattic conveniently gave you a text editor right in your WordPress backend.  (if you are a geek, just open the functions.php file in your theme files in your favorite text or HTML editor.)  to get to the built-in theme editor, expand the Appearance tab and click Editor (there’s also a Plugin Editor, too, so make sure you click the Editor link under Appearance).  from the list at the right, click on Theme Functions (functions.php).  now you’re in.

php code can be scary even to someone who’s familiar with HTML.  the [co]<?php /*some code here */ ?>[de] tags are intimidating, and make everything look a lot more like programming.  it’s not.  you just want to add in your shortcode block before the end of a [co]?>[de] bracket, or wrap the whole function in php tags like this:

function fancyproduct() {
return ‘<a href=”” target=”_blank”>my fancy product</a>’;
add_shortcode(‘link’, ‘fancyproduct’);

and i like to put comments in there so i know what i’m doing.  there’s two ways to comment things in php, you can either use [co]//[de] which you would do if your comment ends at the end of the line or [co]/* some stuff here */[de] for longer comments that can span more than one line.  my final [ap] shortcode function looks like this:

[co]// arcane palette shortcode
function apalette() {
return ‘<a href=”” target=”_blank”>Arcane Palette</a>’;
add_shortcode(‘ap’, ‘apalette’);[de]

this trick came from WPShout, where its author, Alex Denning, always posts awesome tips, tricks, and hacks for WordPress.  you can take a look at his post Write Faster with WordPress Shortcodes for another explanation of how they work.