The Village Websmith - What's New?

image link to close detail window
Open in New Window

That has been the premise on which the Webinthebox® quote request form has been based for some time now.  However, in a multi-faceted business, sometimes it would be nice to ask questions specific to one activity.

That's what a customer asked for recently anyway, in order to present a shorter list to each visitor who fills in the enquiry form, based solely on the page that prompted the enquiry.

So, as the obliging sort of chap that I am, there is now a completely new version of the quote request form that can be applied to as many different aspects of a business as necessary, with as many questions on each as you wish.  These can be answered in the form of simple text, drop down lists, check boxes, radio buttons or date pickers.

Guiding your customers to make the right choices has never been simpler or more flexible.  You can add the information gathering pages as a DIY project, DIY with help or we can do the whole thing for you, depending on how much time you have available.  To find out more, click in the header of any page, or pick up the phone.

Get More Information

0 Comments. How about being first?

LIke all machines, computers have a finite lifespan. This can be measured as being the time when they can run the latest applications and perform at the optimum level.

After a while, advances from the software team in the game of e-leapfrog that they play with the hardware makers, make it impossible for the latest updates to be applied, performance and more importantly, security can be compromised.

Very soon, it is anticipated the the web server on which your site is hosted will reach that time in its life.  This means that all our customers on that machine will be migrated to a new server shortly, so that the current one can enjoy its hard-earned retirement.  

To keep everyone up to date, the migration will take place over the Christmas holiday when traffic is likely to be at its lowest.  We are not expecting a great deal of downtime, which should be a matter of minutes for most sites, but this is just to give you advance notice of the impending change.

You don't have to do anything and your emails, web site performance and search engine efficiency won't be affected.  In fact, unless you happen to visit your site in the short time while the changeover is finalised you probably won't notice.

In anticipation of having a shiny new server up and running in time for the new year, I wish one and all a happy Christmas and a very relaxing holiday.

0 Comments. How about being first?
Since the regular Wednesday surgeries got killed off by an accursed virus, passing on information and tips to help people get the best value out of their web presence has been a luxury rather than an essential  regular activity.

However, using Zoom, Wednesdays will once again be dedicated to coaching our customers in keeping their web sites firing on all cylinders.

This is going to happen in two ways, starting at the beginning of September.  Firstly, we have prepared a 12 module (one a week) 'soup to nuts' series of one hour workshops, dealing with all the aspects of web site management that we regularly receive calls about.  The idea is to run the modules twice each Wednesday, once inside normal business hours for those who can make it, and once outside business hours for those who can't. 

Attendance will be limited to five delegates per session and more details can be found on the Wednesday's Workshops page.

For those who are comfortable with most aspects of managing their site, but need help to move on to the next level with one or more functions, the rest of Wednesday at the Websmithy will be available as bookable half-hour slots during which we can address your questions specifically and in-depth.  If you can't make Wednesdays, then we can book slots on any day to suit, but on Wednesdays, this is all that will be going on here, so you can be sure of getting through.  More information and bookings for one to one coaching sessions is also made via the Wednesday Website Workshops page.

Get More Information

0 Comments. How about being first?

And finally in this series of 4 articles, the dull but highly necessary matter of compliance with privacy laws and establishing the basis of doing business. To keep it short, There is now:

 

 

    • A new page for your terms and conditions, based on a relational database, sections can be customised, re-ordered, or printed out to a .pdf document on the fly.

 

    • The enquiry form has been made more 'granular' in line with recommendations from the ICO, so that visitors can specify what information they receive from you.

 

    • This has been supplemented by a more pro-active approach to managing customer data, making it possible for them to edit and delete the information in your database relating to themselves.

 

    • The ePrivacy Directive (Cookies Law) splash panel has been given a facelift to make it more subtle in appearance and display the policies more clearly.

 

 

I said it has been a busy year so far!  We are looking forward to being even busier for the rest of 2022.

Get More Information

0 Comments. How about being first?

It's lovely, but is it art? More importantly, does it work? Once you have visitors on your site, giving them easily accessible information in an attractive package that is easy for them to respond to can also make a big difference. The latest devices, browsers and server functions have had a big impact on the creative possibilities.



  • The now ubiquitous 16:9 screen aspect ratio has meant that wider, more relaxed looking layouts can be used, still keeping the most important information in the central 'sweet spot' for easy access.

  • New inner layouts take advantage of this by placing reinforcing images, specification panels or live feeds alongside the information area.

  • Full size image backgrounds are also now available either as a single image, a random selection from a group or a rolling sequence.

  • You can now make your text stand out more by selecting from a vastly increased range of fonts.

  • Images from galleries and other image based pages can now be opened into a separate new window so that visitors can keep multiple images open for comparison.

  • Videos are a great way of showing off what you do, whether it is at regular speed or time lapse video of a longer process. You can now embed them in any page, singly, or group them in a categorised video gallery.

Get More Information

0 Comments. How about being first?

Everyone wants their site to appeal to the search engines and the key to doing that is to make sure that they are aware of the quality of information available from your site. Enhancements in this area include:



  • Upgraded menu files that automatically draw the alternate and title text from page information.

  • Internal page names now included in page links to generate more seo friendly urls.

  • Gallery pages now add category names to the generated url for increased seo friendliness.

  • Images listed in the sitemaps, which are re-generated weekly, now bring up a new page to increase the number of links to each as well as placing additional information with the images to help indexing.

  • There's a new places of interest page function for customers engaged in tourism or travel that helps linking your site to local attractions.

  • You can now embed live feeds from your social media accounts to leverage the information added by friends and followers, either at the side or the foot of any page(s).

Get More Information

0 Comments. How about being first?

Let's start with efficiency. In these troubled times with travel costs spiralling along with every other cost of running a business, every saving can make a difference. That's why the new functions in Webinthebox® are designed to cut down the need for travel, getting you better information on which to base your quotes and keeping in touch with your customer base for repeat business and referral harvesting.



  • Increased file upload capacity for images, plans and drawings; visitors can now upload up to 50MB of files via the new enquiry form.

  • There is an improved instant quote request form that includes the use of images in the questions.

  • You can cut down on site visits by incorporating a Zoom function so that potential customers can take you on a guided tour of their job using their mobile phone - even if they don't have their own Zoom account.

  • Launching the enquiry form from image based pages now pre-fills the subject information, making it easier for the visitor to indicate their interest.

  • Newsletter and broadcast email function has been improved to allow different versions of your newsletter to be sent to selected groups to make sure that only relevant information is sent, getting you a better chance of being read.

Get More Information

0 Comments. How about being first?

Sometimes you just have to laugh at the phishing attempts that come through. Here is one such example: This one originated in Thailand as that is where the action link leads. In the first half, they purport to be contacting the recipient from a UK government office to warn that the National Insurance Number has been de-activated owing to 'fraudulent activity'.

The second half seems to have been copied and pasted from a recent Microsoft Terms and Conditions change notification email. Some of the instances of Microsoft have been changed to GOV.UK, while others haven't. Does this mean there has been a secret buy-out deal and that Microsoft now owns the British Government?

Best of all, the Microsoft mailshot offers the chance to opt out of using their services if you don't like the terms and conditions. Perhaps our beloved government could learn something from that?

Either way, much as this brought a chuckle, the message is still to treat anything and everything with suspicion. There have been many instances lately of recorded phone messages purporting to be from HMRC or 'your internet provider' implying that there has been illegal activity in 'your' account and that you must press one to sort it out. Doubtless, pressing one will connect you to a ridiculously costly premium rate line in an attempt to empty your bank account through your phone bill.

It's easy to be complacent, but these efforts are aimed at people who are too busy to exercise the highest levels of caution at all times. As if to prove that nobody is immune, no matter how many of these things they see, very recently I got hoodwinked out of £1100 through a 'help a friend' scam on Facebook. Luckily, I had used Paypal and they recovered it all for me, but I was very lucky not to have got scammed through being too busy, too late at night to have 100% of my wits about me. We are all at risk!

Get More Information

0 Comments. How about being first?

In my efforts to make the obligatory ePrivacy Directive (Cookies Law) splash on the mobile display of your site as small and discreet as possible, I seem to have fallen foul of Google.

In the minimised version, visitors simply see a statement across the top of their screen saying that they should tap it to get details of your Cookies Law statement. Unfortunately, in some cases now, Google in its obsession with driving everyone to use mobile devices has marked this down as a fault under the 'Clickable items too close together' banner.

In the composite screenshot, the left hand side shows the minimal version, which most customers will currently see, then on the right is the full version which at the moment is only visible after they have clicked on the short form version.

Once they click on the accept button, neither version of the splash screen is visible until they close their browser and log back in.

Get More Information

0 Comments. How about being first?

Scammers rely on a number of factors being in place to bring them a response. Firstly, they want busy people to respond without reading or scrutinising their messages too much. They also rely on curiosity, greed and creating a degree of anger in their target audience.

Another vital factor is the honesty of their intended victims. That may sound odd, but with the vast majority of us being honest, law abiding citizens who pay their bills and observe the rules. By living such a life, we are not familiar with documents telling us that we are in breach of some regulation. This makes it easier for them to pass off their scam emails as coming from some authority or other.

In this case, the offenders have hedged their bets by starting off with a genuine email from the TV licence bods. It is so easy to do that most 8 year olds today could have produced this document. Just copy the code through your web client, browser or even word processor, change the links to yours and re-send.

The two responses they are looking for are "Oh gosh! I must have taken my eye off the ball for a moment." and "How dare they? I never miss paying that bill, I'll tell them". Whatever your reason, as soon as you click the link you are lost.

As always, hovering over the links in your web client is the acid test. So far, that is the only part that can't convincingly be spoofed. I am sure that one day, even that will be achieved by the scumbags. In the meantime, keep rolling over the links and if they aren't what it says on the wrapper, delete.

Get More Information

0 Comments. How about being first?

Thanks to the miracle of technology, I have been able to reinstate our open door web site surgeries here each Wednesday. Even better, these can now be open to a wider area.

At a time when normal business activities are restricted to say the least, there is an opportunity to do all those jobs that have been put off due to pressure of work. Making sure that your online presence is firing on all cylinders may be one of those jobs.

Join us at https://us02web.zoom.us/j/5336203220 beetween 10am and 4pm today, bringing any questions, suggestions or concerns relating to your web site, social media, email or online security and we can talk them over virtual face to virtual face.

Get More Information

0 Comments. How about being first?

This is a test of using existing images from the gallery to illustrate blog items.

Get More Information

Image of 2015 02 03 screenshot sharpbodies <h2>2020-04-09 - Test Item</h2>Image of sharpbodies mobile website 001 <h2>2020-04-09 - Test Item</h2>Image of browse vs buy <h2>2020-04-09 - Test Item</h2>
0 Comments. How about being first?

Every time of change is a time of opportunity

Sometimes the opportunities are harder to spot as in our current crisis. However, no matter how gloomy things look for small businesses, they exist. We can help each other identify actions to take while we are forced to operate at reduced or even zero capacity.

My working life dates back to 1969. I have observed business reaction to wars, shortages of energy, materials and personnel, three day weeks, crippling interest rates and myriad other smaller but nonetheless potentially damaging disruptions.

Some businesses have folded, never to be seen again, yet some have thrived once normality is restored. Together, we can increase chances of survival and even business gains by using the time to make sure we are ready for the recovery when it happens. The common thread among the businesses I have seen thrive post-crisis is that this is exactly what they did.

All of us have aspects of our business that can stand improvement. When busy with the 'day job' though, devoting the time required is hard to justify, with such efforts appearing to be 'non-work' or even 'anti-work'. With the constraints of everyday business being loosened, this is the perfect opportunity to grease the squeaky wheels, discard unprofitable business practices, products and services, freeing us to concentrate on getting the best value from our time when the crisis passes.

This is easy for me to say, sitting in the comfort and security of my office. Making it happen against a depressing backdrop can seem like a massive mountain to climb. That is where working together comes in. By getting together as a local nucleus of a business network group we can all bring some ideas to the table, which individually may make only a small difference, but when shared and combined with the input of fellow local business people in similar circumstances, can combine to become collectively far greater than the sum of the component parts.

As a thought starter, here are a few aspects of business that each of us may find profit in considering for the bright new day.

  • Marketing, promotion and sales effort.
  • Profitability.
  • Reciprocal business.
  • Travel.
  • Surroundings.
  • General efficiency.
I could go on and on, but am not here to offer my opinions, the most useful thing I can do is to get the discussion under way and let everyone be amazed at how much great advice they can get from and offer to those in the same boat.

I have plans for changes while things go a bit quieter, which should benefit my customers and my own business. I am happy to share these with all local business people in the overall conversation, during which I will undoubtedly pick up more.

So, how do we get together while the country heads for lockdown? For my own part, I have facilitated a bulletin board/online forum on the IN8 Networking site to last throughout the current crisis, and beyond if there is a demand. Anyone is free to join in the conversation, harvesting and contributing ideas, or commenting on those of others to improve/modify/customise to suit different trades. There are very few rules. Even if it just to chat informally with sympathetic local people, all input is welcome. The most important rule is that this is for self-help and group help. It is about sharing ideas and definitely not for advertising, not for me, not for anyone. Anyone who abuses it in such a way will be stripped of membership and blocked from re-joining. We are in this together, let's behave in a manner befitting the British Spirit! Good hwyl boys and girls…

0 Comments. How about being first?

Having spent much time searching for online payment providers that are more cost-effective than Paypal for our customers and for ourselves, we are delighted to have signed up as a Takepayments Partner.

If you haven't thought about accepting online payments through your web site, now may be a good time to start. Perhaps you are already doing so but feel it is time to move on from PayPal? On the grounds that the easier you make it for someone to do something, the more likely they are to do it, your online payments page could really come into its own.

It's now easier and more cost-effective than ever to add online payments. As we have recently teamed up as online payment integrators with Takepayments (formerly Payzone), your setup is going to be quick and efficient. Apart from signing the agreement, we take care of everything for you.

You don't have to have an online shop in order to take payments either. Integrated invoicing is a standard part of the Webinthebox® admin pages, just waiting to be set up. Using the invoice generator, you can automatically send out a link that pre-fills the payment form for your customer - all they need to add is their card details. If you don't use the invoice generator, you can still collect payments via your site, but the customer has to fill in their own details.

Click here for a demonstration. If you prefer to hear all about it from a human being, just call or drop us a line for a call back.

Get More Information

0 Comments. How about being first?

Accepting payments online can be the fastest way to get your invoices paid, on the grounds that the easier you make it for someone to do something, the more likely they are to do it.

We have at last found a viable alternative to PayPal for online, face to face and telephone payment handling. The nice people at Takepayments (formerly Payzone) got us set up in next to no time.

The whole process took less than 3 days to install a terminal in our office, which is portable so we can take it to shows with us, and to set up our online payment facility.

Takepayments don't charge a set up fee, their monthly rentals are very reasonable and the transaction charges are just 0.8% for debit cards and 0.9% for credit cards.

We have set up almost instant integration to give your web site an invoice payments page which gets you up and running fast, as well as payment integration with your online shopping cart. Give us a call or send an email to find out just how easy it can be to start taking payments online.

Get More Information

0 Comments. How about being first?

If your business is one that you carry on by visiting customers rather than vice versa, you should have set up areas of operation in your Google My Business record. These changed about a year ago from a distance from base calculation to a list of places. A couple of months back, Google started to delete the areas set up and replace them with their own idea (obviously not having the first clue about UK geography). They then restricted the number of locations to 20 and started filling in areas at random.

The most extreme cock up I have seen in this respect is this customer of ours who works throughout Essex. Google deleted all the Essex locations that we had painstakingly researched and entered for them, replacing them with a list that contained these areas. Defining an area within Google My Business now requires a lot more thought and planning than before, using just 20 locations, so choose wisely. As always, if you have any questions, please drop us a line or pick up the phone and we will be glad to talk it over.

Get More Information

0 Comments. How about being first?
0 Comments. How about being first?

This item came from Peter at Loughborough Student Lets. It purports to be from HMRC offering a tax refund.

The number shown looks like a London one, but when rolled over, reveals it to be an 0845 number, so obviously someone has something to hide.

Once again, it seems that the idea is for busy people to accidentlly hit the link when scrolling through, so once again, we urge the utmost vigilence, even when you know it is a scam and are heading for the delete button.

Get More Information

0 Comments. How about being first?

This attempt at scamming the general public purports to be from PayPal, stating that the recipient's account has been compromised and that it has been suspended pending reactivation.

The message displays a number that they want you to ring. My guess is that this is an offshore premium rate number that will cost a small fortune to connect to.

The scam is easy to spot as the from address is nothing to do with PayPal and when you roll over the number, the real target is revealed as being not the same as the displayed number.

However, even easy to spot can carry dangers. If you are in the habit of managing mail on a mobile phone, there is always the possibility of accidentally tapping the number and getting connected. If you see such a message, the safest bet is to delete it immediately.

Get More Information

0 Comments. How about being first?

This little chap is a frequent visitor to the mobile websmithy, so when it is a nice day, I work out there instead of in the office.

That way, I get lots of nice fresh air and am treated to the song of the swallow chirruping away at the top of his voice.

Human visitors are always welcome too. Even more so if they want to talk about their web sites. For all the technology at our disposal today with emails, conference calls and a plethora of mobile phone applications, we still believe that face to face meetings are the best way to learn about our customers' businesses and to interpret what they wish to promote.

Oh yes, and the coffee here is pretty darned good too, so drop in any time you would like to talk over your web site. We will be happy to see you and singing is optional.

Get More Information

0 Comments. How about being first?

In recent conversations I have often been asked why setting spam filters to block messages containing specific words or phrases in customers' email clients has not been effective.

In short, and to save having the same conversation over and over again, here is a summary of my response…

To prevent deletion of their junk mail by mail filters and spam traps, spammers go to great lengths to obfuscate the phrases or words in their message that would give away their true purpose. The image in this article compares the text that is displayed in a message window with the underlying code used to create it. Compare that to the user and code views of a genuine email in the additional images. Apart from the fact that I have mis-spelled Barney Rubble's name, this message shows no signs of being illegible to humans or spam filters.

Another way that spammers try to make sure their messages get delivered include 'spoofing' the recipient's own address as the sender. This is ridiculously easy to do and almost impossible to prevent. There is so much written about this online that it is not worth repeating here, simply searching for the topic will reveal a wealth of information. The thinking behind this is most likely that all of us at some time or another will 'whitelist' our own address so that we can make sure we receive emails from ourselves.

As the online spam filter in Apache SpamAssassin is based on a numeric evaluation of contributing factors, some spammers have evolved techniques of falsifying the spam score to a ludicrously low negative number. For example, Apache SpamAssassin by default quarantines every message with a score of 5 or more, whereas most of the messages in one particular category of scam have faked scores of -800 or more.

So, what can we do to cut down the torrent of spam? Taking the common sense precautions that have been outlined here in previous articles is going to help, as is installing and maintaining a rigorous spam filter on your local machine. However, if you are still being plagued by these messages using obfuscation techniques, we can implement a number of measures at server level for you. This will protect all the devices you use for managing emails and should last for some time before the next technological breakthrough on the part of the spammers, hackers and malware distributors makes an update necessary.

If you have any questions, please don't hesitate to call or click in the header of any page to send an email.

Get More Information

0 Comments. How about being first?

Recently, scam emails purporting to be from someone who has hacked the recipient's computer, gaining evidence of criminal behaviour have been increasing exponentially. The messages crudely attempt to blackmail recipients, implying that their contact list will receive this fictitious material. They even have their own name now, 'sextortion'. There are two kinds; one includes a password that may well have been used by the recipient at some point, the other merely implies that this information is held.

The teeny bit of good news if there is a password, is that it gives the possibility of identifying the source of the data that the scammer stole to get email addresses in the first place.

The advice that I have been offering to recipients of this disgusting torrent of abuse is as follows:

I would advise closing any online accounts that you no longer use. Yes, this may seem like closing the stable door after the horse has bolted, but these people are stealing information from somewhere, so at least you may stop it falling into any new sets of wrong hands. For online accounts that you need to keep, change the passwords. These should be different for each account and should consist of at least 8 characters, mixed upper case, lower case, number and punctuation. Why different for each one? Then, if another mail gets through with a password in it, the source of the leak can be identified. I know it is hard work, but using a different password for every online account is the only way that we can pinpoint those who are not taking adequate care of your personal data.

Next, get the contact details for your local police cyber crime unit, they should have one. Forward the email to them.

After that, go to bitcoinwhoswho.com and copy/paste the bitcoin account number into the search field. You will then get the opportunity to use the 'report scam' link. Choose 'sextortion' from the drop-down list and submit the form.

Finally, go to The Information Commissisoner's Office and use the online form to report this email.

With the volume of spam daily approaching 100 billion items, it is a huge task to cut down, but every little helps as they say.

If you don't have the time or inclination to make the reports, we can set up filters on an individual basis, targeting this kind of abusive email. Give me a call or send an email if you have concerns and would like to increase selective spam filtration.

Get More Information

0 Comments. How about being first?

In an attempt to round out the year, the scammers' effort for today involves impersonating Amazon. The message in question purports to warn you of an unauthorised login to your account, telling you to log in and update your passwords etc.. To put it another way, to give them all your vital personal information.

There are two major giveaways in this, despite the convincing look they have managed to achieve with the Amazon logos and layout. The first is the sending address, in which the sender has tried to spoof service@amazon.com, but didn't manage to hide the Indian address from which it really came.

Further down, if you roll over the graphic button that carries the link, an Indian web site shows up as the real destination of any clicks. See the supplementary image for more detail.

Not hard to spot, but at this time of year, there is often a backlog of emails to deal with and on occasion, busy people can get hoodwinked in this way. I am not sure whether I am more incensed by the sender's clumsy attempts, implying I may be stupid enough to fall for it, or by the implication that I am using a W*nd*ws system!

Have a happy and safe online new year one and all.

Get More Information

0 Comments. How about being first?

Just 57 years and 14 days after leaving the factory of Morris of Glasgow, my desk is lovely and shiny again. Still bearing the marks of elbows and coffee cups that have been a part of its past, now preserved by several coats of varnish, it is once again a thing of beauty and a joy to work at.

My aim with the varnish was to make the surface so glossy that if anyone puts a piece of paper on it, it will glide off again. The desk will be back in service again next month, so will let you know how that works!

Get More Information

0 Comments. How about being first?

I was lucky to find my desk on eBay, just ten miles from home a few years ago. I am very fond of it, and have been since I first set eyes on it then. All I knew was that it was "about 50 years old". It was in a decidedly lived in condition and has been used day in, day out ever since, getting more lived in by the hour. So, the time has come to give it some TLC. In taking out the drawers to sand and re-varnish the nice looking, striated veneer, it was great to see the maker's name in the top drawers, along with an ancient ink-stain to give atmosphere.

I was thrilled when I turned over one of the drawers and found an assembly ticket still there, showing that it was built on November 24th, 1961. Exactly 57 years from today. It was also great to find the initials of one of the workers who made it under the desktop. Needless to say, I am not going to touch that part, in order to preserve this lovely piece of history.

t was also great to find that Morris of Glasgow is still going as a furniture maker. It seems that their products have been well thought of for some 300 years. The company fitted out the Queen Mary, Queen Elizabeth and QE11 liners as well as producing huge amounts of office furniture for Britain in wartimes and for British Embassies all over the world.

Today has been full of lovely surprises.

Get More Information

0 Comments. How about being first?

Well, what else? The first coat of fresh varnish. After a thorough sanding with 120 grain AlO2 paper on an electric sander, the sanding was finished by hand using 240 grain paper on a rubber block.

The first coat of varnish has gone on now and will be followed by another in the morning. This isn't aimed at being a characterless, pristine restoration, just a new lease of life for a piece of furniture that is used and enjoyed every day. With almost as many scars as me, it should be allowed to wear them with pride.

Get More Information

0 Comments. How about being first?

The locals gathered at the websmithy to take the short journey to Highbridge's West Croft Farm.

Fifteen people visited two cider farms

Iin striking contrast, the morning was spent at a huge international producer while the afternoon was with a one man band.

Get More Information

0 Comments. How about being first?

The nice lady who had been beautifying the websmithy window boxes hasn't been well for a while, so since the last season's plants died down, they have been looking a bit barren.

So, in the spirit of Rememberance Sunday, marking a century since the end of WW1, I have replaced them with some poppies. I just grabbed 20 to start things off but they do look a bit sparse. So if anyone is passing the websmithy here in Tintern and would like to plant their own poppy there, I will count up after Armistice Day and donate an additional quid for every one that has been added.

Get More Information

1 Comment. Join in the conversation.
The Village Websmit: Thank you!
There were 20 poppies added to our window box of remembrance by generous passers by. That means that we bung an extra £20 into the Poppy Appeal kitty. Not a huge amount, but every little helps and we hope that it does some good.

This minor variation on the scam emails theme is worthy of mention only in that the subject line implies that it is a response from someone to an email of yours.

Very clumsily executed, there are several dead giveaways in the addresses of both sender and recipient, indicating that this was sent to a stolen list as blind carbon copies, which is not what you would expect if it was a genuine reply.

There is an image file attached, which is almost certain to be host to malware in its headers, so the only response to this is deletion.

Get More Information

1 Comment. Join in the conversation.
Fred Fernackerpan: Scammers are everywhere
Sometimes easy to spot

More and more customers are getting emails attempting to extort money that the would be scammer wishes to be paid into a bitcoin account.

The picture shows the current account statement of one of these scumbags that I traced through BitCoin WhosWho. As you can see from the balance, he is not a very successful extortionist.

While our own police undoubtedly have the technology to trace this to the next level, sadly they are too bone idle and intent on persecuting motorists, their traditional soft target. Bitter? Me? Never!

Anyway, the important thing that all of us can do is to use the BitCoin WhosWho site https://www.bitcoinwhoswho to report the wannabe scammers. Just copy the bitcoin walled id out of the offending email. Go to that web site, enter the wallet id and search. You will then see the details like this screenshot and click on the yellow 'report scam' box in the top right corner of the page.

If enough people are aware of this and report the scams, the less likely we are to get more of these disgusting emails.

Get More Information

0 Comments. How about being first?

I got this one today. It claims in the email that I have purchased tickets through Tesco Clubcard to Thorpe Park, which can be downloaded by following the link.

Obviously this is a scam, as hovering over the link reveals an address that is nothing to do with Thorpe Park, Tesco, or anyone else that you may recognise.

Also the sender is a spurious looking email address, probably the inadvertent tool of the scammers by having poor security and getting embroiled in a botnet.

One interesting thing is that the email contained my correct name and business email address, so obviously this hacker has stolen a fairly high quality database, and is attempting to make it look authentic.

Get More Information

0 Comments. How about being first?

This isn't a league table as such because it only includes customers whose business class has enough members that I can find one who updates weekly, one monthly and one not at all. You may find the comparison of response rates interesting. Figures are from April to October 2018.
Business TypeResponseCycle
Motorcycle online spares shop167Enquiries inc 119 online salesweekly
Pub with restaurant and B&B in quiet rural location71Enquiriesweekly
Builder with an average ticket value between £10K and £0.5M61Enquiriesweekly
Motorcycle specialist parts online shop - average value £300 - £1K52Enquiries inc 27 online salesquarterly
Pub with restaurant and B&B in quiet rural location47Enquiriesmonthly
Therapist41Enquiriesmonthly
Motorcycle shop with an average ticket value between £30 and £5K41Enquiriesbiannually
B&B in quiet town location41Enquiriesmonthly
Pub with restaurant in busy town38Enquiriesnever
Plumber with an average ticket value between £100 and £10K35Enquiriesmonthly
Motorcycle shop with an average ticket value between £30 and £5K30Enquiriesnever
B&B in quiet village location19Enquiriesnever
Builder with an average ticket value between £10K and half a million15Enquiriesnever
Pub with restaurant in small town13Enquiriesnever
Plumber with an average ticket value between £100 and £10K12Enquiriesnever
Fitness coach12Enquiriesnever
Therapist8Enquiriesnever

Put in more effort, get out more business, it's simple

The figures shown only reflect site visitors who have used the online form to make an enquiry. Telephone contact, direct emails and personal callers are additional to the figures shown.

If you would like to elevate your response level, regular updating is by far the best way. Talk to us about the options from 100% DIY to 100% done for you.

Get More Information

0 Comments. How about being first?

This month, a couple of the new sites produced here are strongly linked to making people happy.

For anyone with a family occasion, wedding or celebration coming up, you can make all sorts of people happy with the lovely floral arrangements from White Hart Flowers in Tiptree, Essex. Visit their new site.

And what cider enthusiast wouldn't be happy with some of West Croft Farm's award winning Janet's Jungle Juice? Like all West Croft ciders, this is made using only apples grown in the farm's own orchards and the most traditional methods. Visit the online shop.

Get More Information

0 Comments. How about being first?

Since introducing the cookies policy splash panel as a no-cost upgrade for all our GDPR compliant customers, a number have asked for custom colours.

The original panel was made to stand out in accordance with the ePrivacy Directive (Cookies Law), using neutral colours that would show clearly regardless of the site background colour. That way it was possible to add the required panel to all sites with just one set of files, enabling the cost to be kept to zero.

However, as the demand for a more 'corporate' looking item to satisfy this law has become so strong, there is now a customisation service available to all our customers.

The option involves setting up the background colours and font colour to those used on the site in question, reducing the font size and the panel's opacity and changing the location to the bottom of the viewer window rather than the top.

For just £30 with order, you can customise this aspect of your web site and look more corporate within hours.

Get More Information

0 Comments. How about being first?

Sussex artist, Patsy Moore hadn't had time to update her web site for a couple of years while life took her in different professional directions.

However, now all is calm again and Patsy can return to her first love, painting on a more full time basis.

To showcase her original work and to sell limited edition giclée prints, we gave the web site a top to bottom facelift, with new layouts and pages to display Patsy's work in a fitting way, geared up to the wider aspect ratio of modern screens, and working better with mobile phones.

Visit Patsy's site to buy original or limited edition art. Best of all, rather than installing an impersonal online shop, all transactions are made directly with the artist responsible for the works you will be buying. I think that adds something rather nice to the experience myself.

Get More Information

0 Comments. How about being first?

Going back to basics coule be the watchword for today's scammer. With a minimalist approach, purporting to have some payslips attached from somebody called Amanda Right from the domain tax-service-gov.uk. This feeble attempt at spoofing a government department obviously relies again on people being too busy to check it out and opening the attached document, which is naturally full of malware.

The spelling of the name is a fairly straightforward giveaway, I have met very few people with the surname Right, so that is suspicious. Looking up the domain on Nominet's whois service reveals that it is again, surprise, surprise registered through GoDaddy to an individual who couldn't be verified through third party sources. Heigh ho, since starting to write this, another version of the same message has plopped into my inbox...

Get More Information

0 Comments. How about being first?

I had about four of these today. It seems that the scammers have gone all minimalist on the wording, preferring now to pretend to be any company you may or may not have heard of. The mail purports to contain an invoice, which of course is linked to some spurious site.

The give-away in this one is easy again, it is the from address that bears no resemblance to any domains that may be owned by the company they wish us to believe is sending us invoices.

A variation on this theme offers to open a world of new information from a household name company through following a link. Again, the 'from' addresses are the tell-tale sign and have nothing to do with the company being spoofed.

Get More Information

0 Comments. How about being first?

Today's would-be scammer made a number of fundamental mistakes, which are fairly obvious, as are their clumsy attempts at making the message look genuine.

Firstly, the address isadora@curinga.com.br isn't, i am guessing, one that Fedex would use to send mail from. The attempt to cover this was to use a publicly visible Fedex address in the reply-to field. Likewise, a fictitious, but possibly real fedex.com address in the signature is an easy thing for anyone in the world to type in.

Also, specifying multiple recipients for what purports to be a unique message gives the game away big time.

Finally, rolling over the link reveals the uri to belong to flywheelstudios.com, and that it is a link to a Windows executable (.exe) file.

All in all, this is definitely a 'close but no cigar' attempt to distribute malware, or phish for information, but my guess is that they rely on people being too busy to take due care. Not all attempts are this shabby or easy to spot, so again, suspect everything and trust no-one. It is a jungle out there!

Get More Information

0 Comments. How about being first?

You can now choose what kind of information you receive from the Village Websmith. The Information Comissioner's Office wants us all to have 'granular' contact lists, which allow members to choose what they do or don't receive in terms of publicity and information broadcasts. To make sure you only get the most appropriate, we have segmented our mailing list into four sections, of which you can choose one, some or all.

Online Security. Routinely, when there is a security concern online, or a new angle of scamming is spotted, members of our online safety mailing list get to hear about it as soon as we become aware. We hope that this helps to keep people safe onlline.

News Snippets. When we have snippets of news that will help to improve the performance of, or reponse to web sites, our newsletter mailing list members get to hear about it first. The factors that can have an effect on web site return on investment are widespread and varied, so it pays to keep up to date.

Special Offers. Like all businesses, every now and then, we strike lucky on a deal and like to pass on the savings to make our own offerings even more attractive. If you've an eye for a bargain, sign up to our 'special offers' mailing list.

Invitation List. Going somewhat against the grain of the web industry, the key to getting on with our customers is spending face to face time with them, hearing about their business, what they want to achieve online and what they want to promote. To make this possible, everywhere is local for someone. You will be more than welcome aboard our mobile office, or at one of our coffee shop surgeries. For detailed timetable information in advance, subscribing to our 'invite to local events' list will make sure you are among the first to know when and where you can talk over your web presence with a real, live human being.

To opt in to any or all of our mailing list segments, visit our contact page and take your pick.

Get More Information

0 Comments. How about being first?

That is right. Your bespoke web site is built just for you, you pay nothing for its creation or hosting. We maintain, promote and update the site for you, posting items regularly to your blog, calendar and other pages for SEO. We promote through social media and all other outlets at our disposal, then filter out spam, leaving only valid enquiries to come through from your site.

We agree a value per enquiry with you at the outset and invoice you monthly for that rate multiplied by the number of enquiries generated. All you have to do is convert them to sales.

Call us now for more information or click in the header of any page to send us an email, then we can get together and create a package just right for your business.

Get More Information

0 Comments. How about being first?

To make visiting the Village Websmith mobile office a more pleasurable experience, there's been a change of colour scheme. From the dark colours of its party bus origins, the change has made the interior much lighter and brighter, so you can look at your web site on the large screen in greater comfort.

The aim is to make a trip to Essex later on this month, so if you would like to find out if your web site is " Just the Ticket" give us a call or click in the header of any page to email for details of the timetable.

Here's hoping to welcome you aboard!

Get More Information

0 Comments. How about being first?

Another variation on the phishing theme came in today, there were two, one purporting to be from Santander and the other from Bank of Scotland. In the Bank of Scotland version, the sender has got a long name and job title that push the obviously spurious originating domain out of the field of view in most email clients.

The safest way to check such an email address is to highlight it by right clicking, then copy and paste it into a text editor. Then you can check the domain via the appropriate whois links (see the recent blog item on this subject).

Again, there is a Word document attached that you are exhorted to open. Of course, under no circumstances should you do this until you have verified the authenticity of the message. In this case, the originating domain was secure-bankofscotland.co.uk, which, unsurprisingly was registered through GoDaddy by a person whose identity could not be verified. Luckily, GoDaddy has spotted this one and it has been suspended for abuse. However, this is no cause for complacency as the malware will be in the document attached, rather than through a link to the domain.

The second variation, shown below in the image, was supposedly sent by security@alert.info. However, rolling over the links that the message asks you to follow to reset your unspecified password, show that the domain is mosakmail.com. This is clearly an attempt to harvest addresses for unsolicited mail, probably including malware distribution.

As always, vigilance and a healthy degree of scepticism are the best allies in keeping safe on line, so the advice is to take nothing at face value and never be in too much of a hurry to give suspect messages a thorough investigation.

A third variation is purporting to come from HMRC, stating that you owe a large sum of money in tax arrears. The tactic I believe is to make recipients follow the link in a moment of anger with the response " I most certainly do not!", which is an understandable gut reaction. Unfortunately, as soon as you do, it is a lifetime too late to go back and take a more cautious approach. In fairness to HMRC, they are publishing guidelines as to how you can recognise genuine communications from them. Worthwhile advice from HMRC can be seen here, and the page makes interesting reading.

Stay safe out there and as always, if you have any concerns, questions or problems please don't hesitate to call or email.

Get More Information

0 Comments. How about being first?

OK, they've tried the banks where you may have an account. How about the ones where that is unlikely but somebody may want to pay you from there?

I got this today, purportedly from Danske Bank. OK, I have friends in Denmark, but there is no reason for any of them to be sending me money. Customers there? No. Instant alarm bells then.

Comme d'habitude as our cousins across the channel might say, I researched the domains of any suspicious emails. As usual, the domain was registered for a year, the minimum term, by an individual whose details couldn't be verified through publicly available sources. As usual again, GoDaddy was the registrar. They seem to have fallen in with a bad crowd.

In this case, the email address was the only sign of a domain name. Very often, such phishing attempts will have links in the body of the message too. Rolling over these, but not clicking them should reveal the target in your mail client's info panel. Make a note and check them too.

Here are some useful links for verifying domain names:

There are many more owing to the massive proliferation of domain types but those should handle most common spam sources. After all, even they can work out that you are not going to believe that HMRC is going to have a domain name registered in Russia!

Get More Information

0 Comments. How about being first?

So here we stand, six days into the Brave New World of GDPR. Has a lot changed? Not really. My mailbox is still full of the same old promotional emails from the same old people. I still get the same types of spam messages, emanating from Russia, Vietnam, China and anywhere else.

What the bureaucrats never seem to get into their thick skulls is that when people are breaking existing laws, the introduction of new ones is not going to make a blind bit of difference to the culprits. All it will do, has done and is doing, is to make it more difficult for the law-abiding to comply.

I am sure that the ICO will proudly go about blowing its own trumpet, citing the number of decent, honest business people it has criminalised in recent time, while the giant corporations who squander our details willy-nilly via the cloud will sail majestically on, untroubled by little John Bull and his sabre-waving.

Criminal elements will continue to capitalise on this laxity by gleefully hoovering up all the spilt data and putting it to their own use. Thiefbots will continue to scour the internet looking for innocent security oversights and stealing personal information for identity theft activities while the authorities turn a blind eye to those big enough to defend themselves legally, or devious enough to make their detection difficult.

In short, we have been told a pack of lies as usual by those who cling desperately to power, who feel that holding a post is more important than performing its duties. We have been sold a pup in the form of ill conceived, badly thought through, hastily cobbled together legislation that does nothing to address the real issues, just gives the government another licence to print money, wrested from the hands of decent people whose shoes they are not fit to clean.

IN the last eleven months of working on this aspect, I thank all our customers who took the initiative and upgraded their sites to show policies that comply with the new legislation, and look forward to meeting the new ones, whose sites will comply from day one. For those not yet compliant, it is still not too late, and could save a good deal of time, trouble and cost in future, so if you would like to talk it over, feel free to call at any time or send an email.

Get More Information

0 Comments. How about being first?

Having received an email from people purporting to be Companies House, I was naturally suspicious. Firstly, I have seen such phishing attempts before, and was correctly suspicious then for similar reasons. Take a look at the screenshots below to see what has been attempted.

The first thing that made me stop and think was the email address that this came from. The real companies house has an address that is companieshouse.gov.uk. In this address, the dot before 'gov' has been replaced by a hyphen. My guess is that the scammers rely on people being too busy to notice small details like that.

Having formed suspicions over the email address, it takes only a moment to go to nominet.uk, click on the whois link and find out more about the domain. As it turned out, this email was sent on its first day of registration, the domain was only registered for a year, through GoDaddy by an organisation that could not be verified through publicly available data sources. Now, I know that our government is nothing more than a collection of crooks, but even they aren't that shabby. This is obviously a spurious domain set up just for the purpose of pretneding to be someone else.

As a matter of routine, I recommend rolling over every link and address in an email that asks you to confirm details, update your account or open a document. If there is even a flicker of doubt from one of them, then delete the message immediately.

Shortly after receiving the spurious Companies House email, I got a message from PayPal asking me to take part in their survey. There were striking similarities in that the emaiul address was attached to a domain with a hyphen in its name, survey-paypal.com, which was enough to raise suspicion. This time, being an international top level domain (.com), it was ICANN who I turned to for whois information (http://www.whois.icann.org). On this occasion, PayPal showed up as the registrant of the domain, so it looks like this one is legitimate. I still didn't take part in the survey though, as if PayPal or anyone else wants my marketing advice, they can sign a contract and pay the going rate like everyone else, but it is always interesting to have a genuine email that looks like spam rather than vice versa.

Take a look at our Contact Page where you can sign up to receive priority notifications of the security issues that we find, as well as general news and information about how to make the most of your web presence.

Get More Information

0 Comments. How about being first?

It is now the last day before GDPR comes into effect. Over the last weeks we have been looking at the ways you can make it easy for your business to comply. Mostly, this is about good housekeeping and common sense security measures that most businesses will employ anyway. The only difference is that these have to be formalised in statements and policies.

As we stand on the brink of this brave new world, today, let's have one last look around the room before locking the door and going on holiday. OK, that was a cheap shot at an analogy, but it works for me.

By now, everything should be in place to protect the information of anyone who deals with your business from prying eyes and cyber criminals. Have you:

  • Established the legal bases upon which you hold records?
  • Contacted all existing mailing list members to confirm their consent to contact?
  • De-duplicated your database to ensure that a single deletion is enough to remove any given person?
  • Set up a single, central data source, so that personal data are available to, but not stored on, your mobile and portable devices?
  • Got all the necessary policies and statements showing on your web site?
  • Implemented similar policies in your office, covering devices at home and in vehicles?
  • Nominated a Data Protection Officer/Responsible Person to handle enquiries?
  • Made sure that your backup regime is sufficient for business continuity without storing personal data beyond its delete by date?
  • Checked the physical security of all devices that hold personal data?
  • Made contingency plans to erase devices remotely in case of theft or loss?
  • Ensured that all paper records are held in a secure environment?
  • Put in place a programme of secure destruction for all paperwork records once their purpose has been served?
  • Set up a password change and creation policy to protect the information in your care?
  • Scheduled automatic review and removal/obfuscation routines for expired data?
  • Trawled through your email boxes to remove all out of date personal information?
As always, we are happy to help if you have any questions or concerns at this late stage. Just pick up the phone or click in the header of any page to send us an email.

Get More Information

0 Comments. How about being first?

It is now week 7 of our ten week run up to GDPR compliance and time to start making sure that our databases contain only the information that we have consent, or a solid legal basis for keeping or using.

Just in case there is any doubt that the Information Commissioner's Office is targeting businesses of all sizes and in all sectors, take a look at the list of recent actions taken under existing data protection laws on the ICO web site. All it takes is one complaint to start an investigation, then regardless of whether any blame attaches or not, a lot of time is used in the process.

The only way to make sure you don't suffer such disruptions is by being like Caesar's wife, beyond reproach. Thus any information in your database which is not there for a very good reason must be deleted or obfuscated. This applies to all data sources used in a business, not just the web site. In earlier news items, we looked at the benefit of cutting down the number of places in which data are kept, and this is one very good reason to do just that. The less data sources you have in use, the less likely it will be to overlook something that has no place there.

The first contacts to be removed must be the ones who didn't tick the box to sign up for your mailing list in the first place, when they enquired or bought from your site. For those that bought, there is a solid legal basis for keeping their information as we all have a legal obligation to the tax man to keep records of sales. What must not happen is for this group to receive promotional information. Flagging them in the database allows the records to be held while any broadcast email function in use can be programmed to miss out those contacts who have not opted in.

For all Village Websmith customers with GDPR compliant sites, that process will be handled automatically. Customers are labeled in the database separately to acceptance of GDPR policies and opting in to mailing list. Other data sources will need to be examined carefully to make sure that the records for the tax man don't get mixed up with mailing list members.

The final clean up should be scheduled for the eve of GDPR implementation, when anyone who hasn't taken the positive action to opt in must be obfuscated or deleted. Again, for Village Websmith customers, this will be taken care of automatically to ensure cleanliness of the database of enquiries from their web sites. There is still time for one more broadcast email asking current mailing list members to reaffirm their consent to contact. The ICO website has very clear and specific information about what constitutes consent and the ways in which it may be obtained, so is worth a read if you haven't already asked the people in your database.

Get More Information

0 Comments. How about being first?

I don't know much about flowers, not what they are called nor how to grow them. Don't ever ask me to look after your garden while you go away, you would probably come home to a small desert!

However, I can appreciate the appearance of flowers and here in Tintern, we are spoilt for choice as spring bursts forth everywhere. A short walk along the river bank and peering into the gardens opposite is all it takes to see a kaleidoscope of colours and varied shapes.

Luckily, I am not entirely without skills at making things grow. Take business for example. With over 40 years of experience in sales, promotion and marketing roles, I can bring that extra something to small business web sites in terms of content that helps them get found and helps them get the attention of their audience. Pop in to the websmithy, smell the flowers, drink the coffee and do your business a power of good in the process.

Get More Information

0 Comments. How about being first?

I went out this morning to get some photographs of spring flowers to brighten up a few blog stories. However, walking through Tintern, one is constantly reminded that this place has been here a very long time. Old stone walls abound, the Abbey itself is over a thousand years old in parts, and there is industrial history all around.

This old vine against a weathered fence struck me as an example of contrasting textures, ancient and not so ancient, surrounded by new growth of nature's most vibrant season.

The spring flowers are lovely here, but there is beauty all around in Tintern. Pop down and have a chat about your web site by all means, but how about staying a while to smell the flowers and feel the weathered stone and wood?

Get More Information

0 Comments. How about being first?

As it is now just under a month until implementation of GDPR, it may be a good time to think about sending out a broadcast email to get reaffirmation of consent to contact from as many people in the mailing list as possible. This has the added bonus of helping to identify any entries that are beyond their usefulness, such as when customers have moved away, retired, or even died...

Why now? Well, it is never too early to start asking people to opt in, and many businesses started the process back in the autumn. As all businesses have to go through a similar exercise, starting early before everyone else gets their emails sent out, can help yours get a more sympathetic reception, and can prevent it being deleted along with the avalanche of others asking for a similar response. It is easy to see that the time for action is upon us as even banks, local MPs, Facebook and Instagram are starting to take the impending implementation seriously.

Acting early also means that you can get a second 'bite at the cherry' and follow the first email up with another one close to the eve of the new legislation.

As a Village Websmith customer, your Webinthebox® site has the capability to send broadcast emails very simply built into the admin pages. Response and opting in or out is also very simple through the data protection policy statement pages.

As always, we are happy to help plan, organise and execute a campaign, whether it is for a special purpose like this database cleansing exercise, or for regular newsletter mailshots to keep your customers interested. As the old saying goes "Never forget a customer, never let a customer forget you".

If you have any questions about organising a broadcast email campaign, just call us on the number shown or click in the header of any page to send us an email.

Get More Information

0 Comments. How about being first?
Use of cookies. Mouse over here for details.

Use of cookies on this web site: Neil Hesman T/A The Village Websmith collects no personally identifiable data in cookies. However, a number of social media and search engine companies place tracking cookies without our consent or co-operation. If you wish to avoid tracking, please read our cookies policy, where you will find links to resources that will help you set your browser accordingly.
Show Cookies Policy
Accept & Continue
Join Mailing List