Bridget Miller - AIRS
Website Search
Research Papers
Articles
FAQs
Easy Profile - Search plugin
Courses & Exams
Pages
Specialized Search Engines
Events Calender
Upcoming Events
Bridget Miller

Bridget Miller

Don't think the police will help you find, let alone catch, cybercriminals if they make off with your corporate loot. And don't think this is only a problem for companies in other countries. South African businesses, like South Africans themselves, are increasingly being targeted.

The story of a local bank being taken for R300 million by cyber criminals who had 100 people withdrawing money from ATMs in Japan made the headlines. But South African companies, unlike their US counterparts, are not required by law to report cases of cyber theft so how much more have gone by unmentioned? The bank reportedly never got its cash back so it's still wise to secure your systems from attack; the more proactive the better.

The likelihood of cyber attackers plundering your vaults is already vast and growing daily. The threat landscape today is highly sophisticated but our defenses are typically outdated and reactive systems. That's because today's hackers are often young professionals who work for organized crime syndicates and in many cases, they target specific, high-value organizations.

A colleague of mine from our business partner, IBM, which supplies the i2 Enterprise Insight Analysis solution, worked with the Mexican secret service to combat drug cartels funding organized cybercrime, for example. The cartels have a well of finances the envy of many enterprises so they get the best skills, the best tools, and they have time on their side.

The i2 solution is a sophisticated, next-generation threat analysis solution used by the Mexican secret service, 32 out of 36 police organizations in the UK, including MI5 and MI6, the FBI, Israel's Mossad, various military units, and the police in South Africa. It has evolved to be relevant by helping catch bad guys for 26 years and is now commercialized and available for enterprises.

The reason you need it yourself instead of going to the police for help, when they already have this tool, is that they are under-resourced, just as their counterparts are elsewhere in the world. And they have much bigger physical world crime issues on their hands. They are good at kicking down doors. They're less experienced at hunting cybercriminals who lurk in basements behind packet sniffers, tapped cables, and who make man in the middle attacks on obscure data centers in Brussels back rooms.

But to get the cops to kick in a specific door you must be able to reliably tell them which one. That's what IndigoCube is doing with i2. And it is helping businesses understand their vulnerabilities at any given moment - as well as giving them the tools to investigate, rapidly find the perpetrators, and give law enforcement actionable insights.

Another fact of cyber attacks is that they almost never materialize out of the blue and they're almost never successful on the first attempt. They typically occur in stages. The crooks test your defenses, fail, and return with new approaches to defeat your static counters. They're fluid and you're not, the warning signs are usually there, and we would have seen them had we looked.

We need to keep tabs on insider fraud via structured transactional data, chatter in the deep Web in services such as Pastebin, unstructured data in our internal reports, and social media feeds where more human chatter occurs. We wrap that up in a dashboard that's easy and quick for executives to keep an eye on but into which they can drill as deep as they like to ascertain the precise facts.

Behind the dashboard, tiered security with intelligent analyses forms sophisticated barriers that help you pivot faster than the bad guys. Tier one firewalls have policies that zap IPs that originate from countries in which you don't operate. They trap known malware and vaporize it. They trap large attachments for human inspection. At tier two you correlate events. They take care of what's known as the 5km, one-minute card rule where a single bank card cannot be used to withdraw money from two different ATMs, 5km apart, within one minute of each other.

Once you've matured tier two you begin to create the intelligence I've spoken about. It's tier three, human-driven intelligence with automated help that visualises the associations to feed intelligent questioning. And the entire time it's updating the dashboard vulnerability scenario so the executives can see that cutting security personnel or other resources increases work in progress and cycle times, indicating problems, and demonstrating their exposure in light of legislation such as Protection of Personal Information (POPI) Act.

It's an approach that helps you find the crooks when they're still trying to access your systems and helps you feed law enforcement actionable intelligence they can use to kick down doors

keep your mobile employees connected wherever they call work with WAVE OnCloud push-to-talk service.

Source: This article was published itweb.co.za

After a long wait, Google is starting to roll out their new search console with a significantly updated UI and up to 16 months of data.

Having had one of my sites in the beta the last few months, I found myself relying on it even more.

It will be great to have this much data available for all websites in my Google Search Console account.

Even with the extended data in Google’s Search Console, the data is still normalized and averaged out over time; however, it is some of the best directional data available from any tool.

With appropriate filtering, you can find some really actionable insights that can’t be found anywhere else.

Here are some things you can start looking at right away as soon as you see the new Google Search Console in your account.

1. Brand Search vs. Non-Brand Search

Understanding the breakdown of your brand vs. non-brand is critical on many levels.

Excluding brand impressions and clicks from your search metrics reveals the true visibility of your SEO efforts.

Likewise, viewing only brand search over the 16 months now visible in Google Search Console can shed some valuable insights as to the strength of a brand.

This metric can answer important questions, such as:

  • Is the brand accruing more impressions over time?
  • Is CTR for the brand relatively stable?
  • Are there any variations of the brand that do not rank in a couple of positions?
  • And, when paired with data from Adwords performance, how is brand bidding impacting the CTR of an organic brand listing?

Filtering Brand Searches

You can search for your brand name by choosing Queries containing and typing it into the field.

Tip: The query you are filtering should not be the full brand name as it should also pick up common misspellings.

For example, I truncate monkey down to “monk”.

brand search example

Filtering Non-Brand Searches

Use the Queries not containing a filter to exclude the brand name from search and only see non-brand keywords.

2. Homepage vs. Non-Homepage

Similar to the brand search filter, viewing homepage vs non-homepage traffic can illuminate the effect of an SEO campaign.

While for many larger brands a major portion of traffic will land on the homepage, it is important that non-homepage pages are also ranking and receiving search traffic.

Filtering Homepage Only Searches

You can come up with a homepage-only search report by choosing “URL is exactly” and typing in your homepage URL in the field.

Comparing Non-Homepage Search Reports

You can also compare the traffic of two specific pages if you changed a URL during the last 16 months:

3. Brand Impact by Dimension

More than just clicks to the site, it is also important to look at the other dimensions of brand (and non-brand) traffic.

Within Google Search Console you can see countries, devices, and then view the impressions, CTR, and rankings.

Deep dive into these reports to see if there are any outliers which deserve attention.

Here is how you would get the country (and filter it for specific countries)

Here is how you look at the device.

Within these reports, you can toggle on queries, CTR, impressions, and rankings.

4. Year over Year Data

As there is now 16 months’ worth of data in GSC, you can see YoY data for the last four months.

Look at clicks, impressions rank, and CTR by page and keywords.

Here is how to get 16 months of data:

You can also look at custom chunks of data with beginning and end dates.

Time period comparisons are also available. They are slotted into the dialog box for dates under Compare:

5. Pivot Tables

Google Search Console has an additional hamburger menu which allows you to create items to filter.

You can have multiple filters on at the same time and narrow down to specific scenarios.

Note: It’s hard to demo the power of this data without revealing sensitive data, so you will have to play with this menu on your own.

Here’s how to find that hamburger menu:

Now that you know how to dig through these reports, here are some key insights and action items that you should look for in your data.

  • Discover pages that have a relatively low CTR, but a high-ranking position. (Note: There is no hard and fast rule here on what constitutes an outlier, but as you dig through your data you should notice pages worth attention.) These pages will likely have some sort of mismatch between their meta description/search snippet and a user’s query. You can and should try to address this by updating the title, meta description, and/or on-page content.
  • Sort queries by impression count and ensures that you are effectively optimized for these queries. If you are not ranking high, these keywords could present new traffic opportunities for SEO campaigns.
  • Within the Sort by query impression, filter by country. Discover if there are countries with high performance you have not focused on and consider doing some international specific SEO efforts to get even more of this traffic.
  • Filter the clicks and impression reports by the device to discover if there are potential engagement issues on mobile devices or vice everywhere there is better performance on mobile than desktop.
  • Sort queries by position and looks for keywords ranking on the cusp of the first page of Google search results (Position 8 or 11, depending on the query). These are keywords that if you put a little bit of SEO effort behind should see outsized returns.

Conclusion

Once the new Google Search Console is fully released, SEO pros should see that this new version is light years ahead of the old one when it comes to finding actionable insights.

In the meantime, there are a few things to note:

  • It doesn’t seem like there is a way to download reports yet, but the Google blog posts about the new Google Search Console mention API availability.
  • Rather than checking boxes to add dimensions into a report, you just click on the name of the actual dimension.
  • The new Google Search Console is blazing fast compared to the old one and will make finding data a joy!

 Source: This article was published searchenginejournal.com By Eli Schwartz

If you’re wondering how to find email addresses, you’ve come to the right place.

We’ve all been there: you know who you want to contact — now if only you could find their email address.

Ugh. The dreaded search.

Bonus: Find out when the emails you send are being opened. And clicked.

Some might resign themselves to mindless Googling. Or try the old Rapportive guess-and-check “trick” that’s been circulating the Internet for years.

Please don’t do that. 

Not when you could be wrapping up your email address search in under 30 seconds flat.

We did some digging to build a complete list of the best free tools and tactics to quickly find email addresses by name, using publicly available information.

How To Find Email Addresses

1. Clearbit – Super Accurate Email Finder That Lives In Your Inbox

This Outlook and Gmail Chrome extension find email addresses in less than five seconds, and we’ve found that it’s accurate 97% of the time. Just plug in someone’s company name with either their first name or job title. Once Clearbit identifies an address for you, you can one-click compose an email to that person.

Click here to try Clearbit for yourself.

clearbit-gmail-extension

2. SellHack – Search Up To 10 Emails For Free Per Month

Sell Hack is a handy browser extension that checks publicly available data sources to find someone’s email address. The free plan will let you search up to 10 emails per month on Chrome, Firefox, or Safari.

Click here to see SellHack in action.

Email Address Search

3. Head reach – Search by Name, Company, or Website

Head reach allows users to search for prospects by name, company, website, or by using the ‘advanced search’ option where you can search by job position (easy access to decision makers). Once you find your prospect, click “find (name)’s emails and social profiles” and they’ll be added to your contacts. Head reach also includes a log for easy access to all of your searches.

Click here to try Head reach.Email Address Search4. Find that – “The Yellow Pages of Email”

Find that is a quick and easy way to search and discover how to find email addresses that you’re looking for. This database includes several diverse plans. Whether you keep it simple with the free plan (includes 15 monthly credits) or get the whole team involved (their team plan runs for $149 per month with over 3,000 credits).

See Find that for yourself.

how to find email addresses

5. Voila Norbert – Quickly Find And Verify Someone’s Email

Search by first name, last name, and company domain. Norbert pings the mail host to confirm the correct email address, giving you 50 free searches per month.

Click here for more on Voila Norbert. 

how to find email addresses

While simple to use — you don’t need to install a plugin — Norbert does not check for catchall addresses, and it limits the number of queries users can conduct (SMTP servers could block the service if pinged too frequently). In our own unscientific test, Norbert was able to correctly identify three out of five email addresses.

Email Address Search

6. FindThatLead – Get People’s Email With Just One Click

A great source for account-based sales. With FindThatLead, you can search by company URL to find leads.

Click here to try FindThatLead.

how to find email addresses

Their free plan includes 10 credits per day (300 per month), a Chrome extension, and access to their Google Spreadsheet Add-on that lets you upload a .CSV with names and domains so you can find emails in a snap.

Tired of copying and pasting emails? Save yourself time; create an email template.

7. Email Hunter – Find Email Addresses In Bulk By Company Domain 

Another great source for account-based sales. Punch any company domain in and you’ll quickly get a list of all publicly available email addresses associated with it. You can search up to 100 domains for free each month, and plans start at $39/month if you’re interested in searching more.

Click here to see Email Hunter for yourself. 

how to find email addresses

8. Toofr – How to Find Email Addresses By Person or Company

Toofr lets you look up email addresses by typing in your recipient’s name and company. With the free plan, you can access the top choice email addresses (as well as access to their title, headshot, and profile URL for an extra credit) and other guesses for emails ranked by confidence. 30 credits included.

Click here to try Toofr.

how to find email addresses

You can also search by company (“Get Emails”) or find email format patterns (“Get Company Data”).

9. Email Permutator+ – Create a List of Potential Email Addresses

With Email Permutator+, get started by submitting your recipient’s name and email domain:

how to find email addresses

Copy the email addresses to your clipboard and paste them into the recipient line of an empty email. Hover over each email in the list. The legitimate address will display a social profile that matches the person you’re looking for.

Click here to try out Email Permutator+.

how to find email addresses

Tap Into Your Network

10. Conspire – Ask For An Introduction, Backed By Data

One of the coolest email tools we’ve come across recently is Conspire, an app that analyzes your contact list to identify mutual acquaintances who can introduce you to the person you want to reach.

Conspire connection

Simply sign up with your existing email account and search for the person or company you’re interested in emailing. Conspire will churn out a relationship graph showing who has the strongest ties to that person across your extended network, based on factors like frequency, speed, and the length of time they have corresponded.

It even offers prewritten email templates to make your request that much easier. (Although we’d be remiss if we didn’t recommend copying and pasting the text into a Yesware template so you can track what happens after sending.)

Conspire Email Introduction

Click here to try Conspire.

By the way, if you’re looking for more email templates to introduce yourself or make new connections, you might want to check out the 18 free ones we offer in our latest email course.

11. LinkedIn Connections – Export Email Addresses To Google Contacts

Just because you’re connected with prospects on LinkedIn doesn’t mean you have their email addresses in your Google Contacts List.

The good news is that hidden away in LinkedIn’s advanced settings is the ability to export your connections, giving you up-to-date email address in your inbox.

How To Export LinkedIn Connections

You can also use Zapier to sync new LinkedIn Connections to your Gmail Contacts as they come in.

Email Search Tactics

12. Google ‘Em – How To Use Search Operators To Find Emails

Sometimes it really is that easy. Try these basic queries first:

  • [name] + email (or) email address
  • [name] + contact (or) contact information (or) contact me

If that doesn’t work, it’s time to get creative with Google search operators. Try running a search of their company website, like so:

  • site:companywebsite.com + [name] + email
  • site:companywebsite.com + [name] + contact

13. Advanced Twitter Search – The (at) (dot) Approach To Finding Any Email

People get asked for their email on Twitter all the time. You can use Twitter’s advanced search to find the last time your contact responded to such a request:

  1. Search for the terms (at) (dot) in “All these words” under the ‘Words” section
  2. Enter their Twitter handle in “From these accounts” under the “People” section

how to find email addresses

Pro tip: Don’t waste your time searching for the word “email.” You’ll just end up combing through a long list of tweets on the topic of email, and not their actual email address.

Over To You – How Do You Reach The Right People, At The Right Address, At The Right Time? 

Now you know how to find email addresses in seconds.

What tools do you use to find email addresses missing from your contact list?

Source: This article was published yesware.com By Bernie Reeder

Investigative reporting requires that you create a plan. Typically, it's a series of four lists of things you need to do, along with an initial schedule. The lists will change — and often grow — and the schedule may change, but you need to start with a plan to keep yourself organized.

List 1: Research

The first list includes the documents and databases you need. Often, these will include annual reports, budgets, audits or regulatory reports. You might need minutes of meetings, the text of laws or a chronology. The more documents you include, the better. The documents will give you context and point you to human sources.

List 2: Interviews

List the people you need to interview, including experts, advocates, officials, residents, witnesses or victims. Each interview will give you different viewpoints and information.

List 3: Places

Identify where you can observe, take notes and photos, capture audio or video, and talk to people who are there. Depending on your story, you might need to visit a toxic waste dump, a cemetery, an airport or a government office building. Plan for your safety, too. Will you need someone to go with you? Do you need to provide advance notice or get approvals for your visit? Include this in your plan.

List 4: Presentations

Outline the graphics, photos, videos and audio you will need for the presentation of the story. You must start planning how you will present your story before you start reporting. You might have only one chance to talk with a source or visit a place, so you will need to be prepared to get video, photos or audio on your first encounter.

Schedule and Priorities

One schedule will be the master schedule: a working roadmap of the entire investigation from start to finish — probably covering a period of weeks or months. A second set of schedules will map out each week's activities.

Looking at your lists and schedules will help you establish your priorities, which will determine the order in which you go about your reporting and writing.

Taken from Introduction to Investigative Reporting, a self-directed course by Brant Houston at Poynter NewsU. You can also apply by June 20 for our four-week seminar, The Deep Dive: Investigative Journalism That Matters.

Take the full course

Have you missed a Coffee Break Course? Here's our complete lineup.

Source: This article was published poynter.org By Vicki Krueger

Wednesday, 03 January 2018 12:42

THE WORST HACKS OF 2017

2017 WAS BANANAS in a lot of ways, and cybersecurity was no exception. Critical infrastructure attacks, insecure databases, hacks, breaches, and leaks of unprecedented scale impacted institutions around the world—along with the billions of people who trust them with their data.

This list includes incidents disclosed in 2017, but note that some took place earlier. (Speaking of which, you know it's a heck of a year when Yahoo reveals that it leaked info for three billion accounts, and it's still not a clear-cut winner for the worst incident.) The pace has been unrelenting, but before we forge on, here’s WIRED’s look back at the biggest hacks in 2017.

Crash Override and Triton

Security doomsayers have long warned about the potential dangers posed by critical infrastructure hacking. But for many years the Stuxnet worm, first discovered in 2010, was the only known piece of malware built to target and physically damage industrial equipment. But in 2017, researchers from multiple security groups published findings on two such digital weapons. First came the grid-hacking tool Crash Override, revealed by the security firms ESET and Dragos Inc., which was used to target the Ukrainian electric utility Ukrenergo and cause a blackout in Kiev at the end of 2016. A suite of malware called Triton, discovered by the firm FireEye and Dragos, followed close behind and attacked industrial control systems.

Crash Override and Triton don't seem to be connected, but they have some similar conceptual elements that speak to the traits that are crucial to infrastructure attacks. Both infiltrate complex targets, which can potentially be reworked for other operations. They also include elements of automation, so an attack can be put in motion and then play out on its own. They aim not only to degrade infrastructure but to target the safety mechanisms and fail-safes meant to harden systems against attack. And Triton targets equipment used across numerous industrial sectors like oil and gas, nuclear energy, and manufacturing.

Not every electric grid intrusion or infrastructure probe is cause for panic, but the most sophisticated and malicious attacks are. Unfortunately, Crash Override and Triton illustrate the reality that industrial control hacks are becoming more sophisticated and concrete. As Robert Lipovsky, a security researcher at ESET, told WIRED in June, "The potential impact here is huge. If this is not a wakeup call, I don’t know what could be.”

Equifax

This was really bad. The credit monitoring firm Equifax disclosed a massive breach at the beginning of September, which exposed personal information for 145.5 million people. The data included birth dates, addresses, some driver's license numbers, about 209,000 credit card numbers, and Social Security numbers—meaning that almost half the US population potentially had their crucial secret identifier exposed. Because the information Equifax coughed up was so sensitive, it's widely considered the worst corporate data breach ever. For now.

Equifax also completely mishandled its public disclosure and response in the aftermath. The site the company set up for victims was itself vulnerable to attack, and asked for the last six digits of people's Social Security numbers to confirm if they were impacted by the breach. Equifax also made the breach response page a standalone site, rather than part of its main corporate domain—a decision that invited imposter sites and aggressive phishing attempts. The official Equifax Twitter account even mistakenly tweeted the same phishing link four times. Four. Luckily, in that case, it was just a proof-of-concept research page.

Observers have since seen numerous indications that Equifax had a dangerously lax security culture and lack of procedures in place. Former Equifax CEO Richard Smith told Congress in October that he usually only met with security and IT representatives once a quarter to review Equifax's security posture. And hackers got into Equifax's systems for the breach through a known web framework vulnerability that had a patch available. A digital platform used by Equifax employees in Argentina was even protected by the ultra-guessable credentials "admin, admin"—a truly rookie mistake.

If any good comes from Equifax, it's that it was so bad it may serve as a wake-up call. "My hope is that this really becomes a watershed moment and opens up everyone’s eyes," Jason Glassberg, co-founder of the corporate security and penetration testing firm Casaba Security, told WIRED at the end of September, "because it's astonishing how ridiculous almost everything Equifax did was."

Yahoo

Yahoo disclosed in September 2016 that it suffered a data breach in late 2014 impacting 500 million accounts. Then in December 2016, the company said that a billion of its users had data compromised in a separate August 2013 breach. Those increasingly staggering numbers proved no match for the update Yahoo released in October that the latter breach actually compromised all Yahoo accounts that existed at the time, or three billion total. Quite the correction.

Yahoo had already taken steps to protect all users in December 2016, like resetting passwords and unencrypted security questions, so the revelation didn't lead to a complete frenzy. But three billion accounts exposed is, well, really a lot of accounts.

Shadow Brokers

The Shadow Brokers first appeared online in August 2016, publishing a sample of spy tools it claimed were stolen from the elite NSA Equation Group (an international espionage hacking operation). But things got more intense in April 2017, when the group released a trove of NSA tools that included the Windows exploit "EternalBlue."

That tool takes advantage of a vulnerability that was in virtually all Microsoft Windows operating systems until the company released at a patch at the NSA's request in March, shortly before the Shadow Brokers made EternalBlue public. The vulnerability was in Microsoft's Server Message Block file-sharing protocol and seems like a sort of workhorse hacking tool for the NSA because so many computers were vulnerable. Because large enterprise networks were slow to install the update, bad actors were able to use EternalBlue in crippling ransomware attacks—like WannaCry—and other digital assaults.

The Shadow Brokers also rekindled the debate over intelligence agencies holding on to the knowledge of widespread vulnerabilities—and how to exploit them. The Trump administration did announce in November that it had revised and was publishing information about the "Vulnerability Equities Process." The intelligence community uses this framework to determine which bugs to keep for espionage, which to disclose to vendors for patching, and when to disclose tools that have been in use for awhile. In this case, at least, it clearly came too late.

WannaCry

On May 12, a type of ransomware known as WannaCry spread around the world, infecting hundreds of thousands of targets, including public utilities and large corporations. The ransomware also memorably hobbled National Health Service hospitals and facilities in the United Kingdom, impacting emergency rooms, medical procedures, and general patient care. One of the mechanisms WannaCry relied on to spread was EternalBlue, the Windows exploit leaked by the Shadow Brokers.

Luckily, the ransomware had design flaws, particularly a mechanism security experts were able to use as a sort of kill switch to render the malware inert and stem its spread. US officials later concluded with "moderate confidence" that the ransomware was a North Korean government project, and they confirmed this attribution in mid-December. In all, WannaCry netted the North Koreans almost 52 bitcoins—worth less than $100,000 at the time, but over $800,000 now.

NotPetya and BadRabbit

At the end of June, another wave of ransomware infections hit multinational companies, particularly in Ukraine and Russia, creating problems at power companies, airports, public transit, and the Ukrainian central bank. The NotPetya ransomware impacted thousands of networks and led to hundreds of millions of dollars in damage. Like WannaCry, it partially relied on Windows exploits leaked by the Shadow Brokers to spread.

NotPetya was more advanced than WannaCry in many ways, but still had flaws like an ineffective payment system and problems with decrypting infected devices. Some researchers suspect, though, that these were features, not bugs, and that NotPetya was part of a political hacking initiative to attack and disrupt Ukrainian institutions. NotPetya spread in part through compromised software updates to the accounting software MeDoc, which is widely used in Ukraine.

In late October a second, smaller wave of destructive ransomware attacks spread to victims in Russia, Ukraine, Turkey, Bulgaria, and Germany. The malware, dubbed BadRabbit, hit infrastructure and hundreds of devices. Researchers later found links in how the ransomware was built and distributed to NotPetya and its creators.

WikiLeaks CIA Vault 7 and Vault 8

On March 7, WikiLeaks published a data trove of 8,761 documents allegedly stolen from the CIA. The release contained information about alleged spying operations and hacking tools, including iOS and Android vulnerabilities, bugs in Windows, and the ability to turn some smart TVs into listening devices. Wikileaks has since released frequent, smaller disclosures as part of this so-called "Vault 7" collection, describing techniques for using Wi-Fi signals to track a device's location, and for persistently surveilling Macs by manipulating their firmware. WikiLeaks claims that Vault 7 reveals "the majority of [the CIA] hacking arsenal including malware, viruses, trojans, weaponized 'zero-day' exploits, malware remote control systems and associated documentation."

At the beginning of November, WikiLeaks launched a parallel disclosure collection called "Vault 8," in which the organization claims it will reveal CIA source code for tools described in Vault 7 and beyond. So far, Wikileaks has posted the code behind a hacking tool called "Hive," which generates fake authentication certificates to communicate with malware installed on compromised devices. It's too early to say how damaging Vault 8 may be, but if the organization isn't careful, it could wind up aiding criminals and other destructive forces much like the Shadow Brokers have.

Honorable Mention: Uber Hack

2017 was a year of diverse, extensive, and deeply troubling digital attacks. Never one to be outdone on sheer drama, though, Uber hit new lows in its lack of disclosure after an incident last year.

Uber's new CEO Dara Khosrowshahi announced in late November that attackers stole user data from the company's network in October 2016. Compromised information included the names, email addresses, and phone numbers of 57 million Uber users and the names and license information for 600,000 drivers. Not great, but not anywhere near, say, three billion compromised accounts. The real kicker, though, is that Uber knew about the hack for a year, and actively worked to conceal it, even reportedly paying a $100,000 ransom to the hackers to keep it quiet. These actions likely violated data breach disclosure laws in many states, and Uber reportedly may have even tried to hide the incident from Federal Trade Commission investigators. If you're going to be hilariously sketchy about covering up your corporate data breach, this is how it's done.

 Source: This article was published wired.com By LILY HAY NEWMAN

Wednesday, 06 December 2017 17:30

12 Ways to Find Someone's Personal Email Address

Give me someone's name, and I'll find their personal email address. Sure, it may take some extensive digging and sleuthing, but I'll find you eventually. And I'm not paying to root you out or buying your private info from a lead gen company (though sometimes that would be easier). This is just good old fashioned, organic searching, scanning and scouring the Internet like a Web gumshoe. And not stopping until I ferret out that personal email.

How to find someone's email address [Summary]:

  1. Google Name + "Email"
  2. Google Name + Place of Work
  3. Search LinkedIn
  4. Search their company website
  5. Use Google's site search operator
  6. Use advanced Google search operators
  7. Try some "kitchen sink" queries
  8. Check social media profiles
  9. Check their personal blog
  10. Check Whois
  11. Check people search sites
  12. Message via Twitter or LinkedIn

We'll look at each of these methods in a little more detail, but first:

Why is it important to use someone's personal email address?

If you're sending out an important email that you really want to be taken seriously and improve your chances of getting an actual response, you need to go directly to the source. Sending an important, personal email to the info[at]companyX.com, or dumping it into a "Contact Us" form is a virtual black hole.

This is especially true if you're trying to get in touch with someone you don't know or you've never contacted before. Primary examples of this include:

  • Applying for a job
  • Any form of outreach, like a link request, interview request for your blog, if you're seeking media coverage for a story, etc.

What's more, by taking this extra step and getting directly to the source, you show real initiative and will distinguish yourself from the candidates applying for that same job or requesting that same link.

12 Tips and Tricks to Find Anyone's Email Address

Now, when I say "personal" email address, I'm not talking about a Gmail, Hotmail or AOL account exclusively. I'm also referring to their personal company email address, Web hosting domain email, blogger mail account, or any Web property email address I can find. Because of the depth and breadth and ubiquity of content sources on the Web, you can find contact information for pretty much anyone who has an email address, even if they don't actively promote it on their website. All you have to do is search and keep refining your searches until you strike pay dirt.

Let the Hunt Begin

1) Basic Name Queries by Googling Emails

You can start your sleuthing by running a generic search query for someone's name. But understand that this approach probably won't get you very far, unless the person you're seeking has a unique name, like say Jets WR Jerricho Cotchery. However, if that person's name is at all common, you'll need to add some distinguishing modifiers. Think of it as engaging in the long tail of name searching.

Some initial modifiers you should incorporate to narrow and refine your search are:

  • [name] + email (or) email address
  • [name] + contact (or) contact information (or) contact me

2) Name Queries with Personal Modifiers

Now, if that doesn't work, get even more granular and add any personal information you may have already or uncovered about this person in your initial search, such as:

  • [name] + "home town"
  • [name] + "company they work for"

You can even mix and match all the above modifiers. If you succeed here, terrific. Mission accomplished. But all too often, this is only the initial stage of your research, as this method yields results less than 10 % of the time. To really find who you're looking for, you'll need to go corporate.

Hunting for Company Email Addresses

3) Business Networking Search Queries

One of the best resources for finding direct contact information is through a company email network. Anyone working for an organization has an in-house email. Now, typically if you're searching for someone's direct email for a job interview, link outreach or media coverage, you likely know where they work or conduct business already. But if you're still in the dark, ZoomInfo and LinkedIn are pretty fertile grounds for harvesting personal information.

You can either search the websites internal engine or run queries in Google, like so:

  • [name] + LinkedIn
  • [name] + ZoomInfo

Notice the quick success I had with a probe of ZoomInfo.

4) Basic Company Name Queries

Now, once you get a place of business from their profile, you should visit the company website and start running queries, using the person's name in the hope that you'll find any indexed document with their email address. Most times, generic name searches yield citations (like so-and-so pitched a gem for the company softball team), not actual email addresses. So again, get more specific with modifiers.

  • [name] + email
  • [name] + contact

Adding these modifiers will really boost your chances of finding your target.

5) Basic Company Search Operators

However, if you're still coming up short, you'll need to roll up your sleeves. This is when I break out my super-sleuth hat and get creative with Google search operators. In the majority of cases, Google information retrieval yields more results than a company's internal search. If you're not familiar with search operators, read this.

So what you'll do now is search Google, using the Google Search Operator Query "site:companywebsite.com" as your root and sprinkle in modifiers, like so:

  • site:companywebsite.com + [name] + email
  • site:companywebsite.com + [name] + contact

6) Advanced Company Search Operators

Pretty much every organization has a unique, yet uniform company email addresses structure, which you can leverage in your search efforts, using advanced search operators. For example, at WordStream our email structure is “first initial + This email address is being protected from spambots. You need JavaScript enabled to view it.">This email address is being protected from spambots. You need JavaScript enabled to view it.." But since each company has their own format, you'll need to play around with a host of possible email address structures using the root search operator.

Note: Use the standard format here "@," I'm using [at] so as not to activate hyperlinks.

  • site:companywebsite.com + ken.lyons [at] companyname.com
  • site:companywebsite.com + kenlyons [at] companyname.com
  • site:companywebsite.com + klyons [at] companyname.com
  • site:companywebsite.com + ken [at] companyname.com
  • site:companywebsite.com + ken_lyons [at] companyname.com

It's important to mention here that the information you're seeking with these queries will be bolded in the meta tags text snippets, like so:

Find anyone's email site search operators

An example search engine results page (SERP) with results displayed
for site-search operation results 

I'd say this method yeilds results 80% of the time for me.

7) Random Kitchen Sink Queries

However, if you're still coming up short, you can drop the company search operator root and pound away with random combinations of the above suggestions. 99% of the time, this is very effective. For example, here's a random query I ran for a faculty member at Boston University (note: name is blurred for privacy):

Find anyone's email search by email domain

Notice my query: "BU [person's name] @bu.edu." It's kind of nonsensical, but nevertheless this query combination succeeded where the other techniques failed, yielding this person's email address. Point being, at this stage, I throw everything at the wall to see what sticks.

Even More Options to Find an Email Address

8) Social Networking Profile Queries

Another avenue you can explore for personal information are social media profiles. I've had the most success with social sites like Twitter. And chances are that employing the original basic queries that I mentioned above will display if this person has a Twitter profile.

  • [name] + Twitter

9) Personal Website or Blog Search Operators

Very often, my Web sleuthing reveals a personal website that I didn't know existed. Also, people include their personal websites or their blogs on their Twitter or LinkedIn profiles. This provides you a whole new channel to explore to find contact info for them. If you do find a personal site or blog, there's often have a contact page or even their email address listed right on the site somewhere. Even still, I prefer a direct line to that person. So if you've explored the site and come up short, navigate back out to Google and run some advanced search operators.

  • site:personalblog.com + [name] + email
  • site:personalblog.com + [name] + contact
  • site:personalblog.com + ken.lyons [at] personalblog.com
  • site:personalblog.com + kenlyons [at] personalblog.com
  • site:personalblog.com + klyons [at] personalblog.com
  • site:personalblog.com + ken [at] personalblog.com
  • site:personalblog.com + ken_lyons [at] personalblog.com

10) Whois Search

If you're still coming up empty after a deep dive of their personal website or blog, go to Network Solutions and run a Whois search for their domain registration data for an email address. 60% of the time, you'll find a personal email address here.

11) People Search Sites

Another resource for finding personal contact information are websites such as 123PeopleSearch, Intelius, and PeopleSmart. I've had great luck in the past using this type of free people search to locate the hard-to-find, and some sites allow you to search across multiple countries for personal contact info.

However, your mileage may vary from one search provider to another, and these days, it's getting harder and harder to find reliable, up-to-date information on these sites. As the Web has matured, many of these sites have either gone out of business or offer sub-par results. Sure, you might luck out, but be prepared for a mixed bag in terms of results.

It's always worth checking free people search sites as part of your research, but relying solely on sites like this is a mistake. 

12) If All Else Fails

Okay, if all else fails, you may have to resort to alternative, less "direct" methods like emailing your target through LinkedIn, or @-ting them on Twitter and asking them to follow you back so you can DM them and ask for contact information (if they're willing). For me, these are usually last-ditch efforts, which I've resorted to only a handful of times after if I've exhausted all of the other options I detailed in this post. But even though I prefer to send an email to someone's personal account, shooting them an unsolicited LinkedIn message to me is still far better than an info[at]companyX.com black hole.

Point being, 99% of the time if you're dogged, persistent, relentless and love the thrill of the chase like me, then ain't nothing gonna' stop you from finding the personal contact information you seek.

Happy email hunting!

Source: This article was published wordstream.com By Ken Lyons

BOISE - The internet as we know it today could soon be changing. You’ve probably noticed over social media lately the talk about net neutrality. The Federal Communications Commission will vote next month on whether or not to lift regulations regarding the internet.

Net neutrality was a principle passed by the FCC in 2015 during the Obama administration. It seeks to provide free and open access to the internet; it ensures websites and services all have the same access to consumers.

“Internet service providers must treat data and services on the internet equally in terms of access,” Shad Jesson with the Office of Information Technology at Boise State University said.

Although, it could soon be changing. FCC commissioner Ajit Pai announced a plan he says will put an end to the federal government’s “micromanaging of the internet.”

“I have shared with my colleagues a draft order that would abandon this failed approach and return to the longstanding consensus that served consumers well for decades,” Pai said in a statement.

The lifted regulations would allow internet service providers the ability to prioritize and allow faster access to some sites over others.

“For example, Verizon now owns Yahoo. So conceivably Verizon could put Yahoo front and center as the search engines, the main gateway to internet service. Perhaps it would be more difficult for you to get to Google,” Jesson said. “Perhaps they may charge you to purchase a tier to get to other search services or other services offered by Google, Facebook, and Apple. Competitors of Verizon."

Internet providers could also charge companies like Google, Apple, or Amazon to have priority access to their internet subscribers.

The proposal would also allow internet service providers to bundle websites together and charge subscribers more money for access to certain sites and services, much like what we see with TV providers and certain channels.

“A provider could charge you more money than you're paying today to access Amazon Prime, Netflix, Hulu, high-bandwidth streaming services, but it's also possible that they could charge you less than you're paying today if all you're doing is checking email and going to Google once in a while,” Jesson said.

Arguments in favor of the new regulations say it helps foster innovation and spark competition.

“Additionally, as a result of my proposal, the Federal Trade Commission will once again be able to police ISPs, protect consumers, and promote competition,” Pai said in a statement.

The new regulations would require providers to disclose to subscribers if they’re blocking, slowing down, or prioritizing sites.

“We don't yet know what they're going to do. All we know is these rules will give them much more freedom to make decisions about how you access the internet compared to how you do that today,” Jesson said.

Source: This article was published ktvb.com

Friday, 17 November 2017 11:31

The Wonderful World of Search Engines

Search engines are a sourcers best friend, but how do you know when to use what search engine and what type of search to perform? A search will pull up almost anything you ask it to do as long as you know how to ask the right questions. The key to a successful search query is knowing what’s available and knowing exactly what you want without having to pour over pages and pages of useless results. Using search engines to find your ideal candidate will help cut out all of the noise by using them correctly.

Using search engines to find your ideal candidate

Not all searches or search engines are made equal. Understanding the fundamentals of search engines and when to use which one is critical when it comes to finding candidates in the most efficient way possible.  

Understanding the power of a Google Search

We all probably use this search engine several times a day, but do you know how to leverage a search to pinpoint what you’re looking for? There are two popular types of search strings that most sourcers are using when it comes to using Google. Both Boolean and X-ray searches will give you a boost in your searching endeavors.

Boolean involves using terms like AND OR NOT in your Google search to limit or broaden what you’re looking for. So, searching for “copy editors” -jobs -Nashville would exclude the term jobs and the results of candidates who live in Nashville, while (“copy editors” OR writers) would give you candidates with editing skills as well as those who may only have writing skills.

Check out some helpful hints from Google:

Common search techniques

Search social media

Put @ in front of a word to search social media. For example: @twitter.

Search for a price

Put in front of a number. For example: camera $400.

Search hashtags

Put in front of a word. For example: #throwbackthursday

Exclude words from your search

Put - in front of a word you want to leave out. For example, jaguar speed -car

Search for an exact match

Put a word or phrase inside quotes. For example, "tallest building".

Search for wildcards or unknown words

Put a * in your word or phrase where you want to leave a placeholder. For example, "largest * in the world".

Search within a range of numbers

Put .. between two numbers. For example, camera $50..$100.

Combine searches

Put “OR” between each search query. For example,  marathon OR race.

Search for a specific site

Put “site:” in front of a site or domain. For example, site:youtube.com or site:.gov.

Search for related sites

Put “related:” in front of a web address you already know. For example, related:time.com.

X-ray allows you to utilize a more powerful search engine (like Google) to search a website (like LinkedIn) whose search function may not be as thorough. You can give it a Google to see how to format your X-ray search. site:linkedin.com/in

search.png

Custom Search Engines

Another benefit to using Google over other search engines is their ability to provide a custom search engine. If you’re tired of writing out the same string of criteria time and time again, Google has provided this type of search engine that allows you to set up and refine your search in one easy location.

{youtube}Qd9z48Bo8ZA{/youtube}

Bing Matters!

Google may be the most popular choice when choosing a search engine, but it’s important also to give others a chance as well. Results from each of these sources will be displayed differently and can bring up different results that allow you to see what another may have failed to show you. Make sure you check out the Boolean and X-ray functions of whatever search engine you are using as they may need to be formatted differently.

The reason we pick out Bing as a contender is that all of your popular platforms such as Yahoo, Altavista, and MSN all run off Bing’s search engine (Fun Fact circa 2010). There are some nuances to understand when working with Bing that doesn’t necessarily work when it comes to Google. For instance:

inurl: is something that works well in Google, but doesn’t work in Bing search engine because it was deemed as a “mass data mining tool” back in 2007. It’s long since been retired in Bing and never seen again. Instead, you’ll want to use a more friendly search string such as intitle:recruitment. This type of search string is going to look for the letters “recruitment” in either the title a web page. It also works in Google and most other search engines. This allows you to search for specific titles within a certain website using Bing’s search engine.

Take a look at the X-ray Search in Bing (PRO TIP – In Bing, you have to use the parentheses):

bing.png

Others

DuckDuckGo – The key feature of DuckDuckGo is that it’s a private search engine and doesn’t track your search history, like Google.

Dogpile – Dogpile has been around for decades and is still an excellent metasearch engine that all sourcers should consider.

Yandex – From Russia, with tons of love, this is one of the most popular and widely used search engines in the world!

Search engines are beautiful things. But learning to use them beyond looking up a single term is imperative if you want to remain a productive and efficient sourcer. Let the search engine do the brunt of the work for you, so you can focus on honing in on finding that perfect fit for the job. We know which is your favorite, but humor us anyway, Google or Bing? Go!

Source: This article was published sourcecon.com By Shannon Pritchett

Research is essential to collect facts and statistics about a company’s customers, employees and competitors. On the basis of these numbers, companies are able to make better managerial decisions. The collected statistics are organized into reports and the management team uses them to take action. A good research mechanism is essential, irrespective of the size of the company and its client base. Research is imperative for staying competitive in the market.

Significance

A business is able to make knowledgeable decisions because of research. In the research process, the company is able to obtain information about key business areas, analyze it, develop a strategy and distribute business information. Reports, provided to the top management, often include information on consumer and employee preferences and all the available routes for sales, marketing, finance and production. Management uses this information to decide the best strategy. Research is a prerequisite at all stages and phases of business operations. Initial research is required to gauge whether getting into the given type of business would be profitable and whether there is demand for the proposed product.

Function

By conducting business research, the organization ascertains what its customers want and then takes steps to prepare a product meeting those desires. Research also helps determine whether a product is accepted in the market. Research aids expansion into new markets.

Methods of Data Collection

There are two ways organizations typically collect data.

One is primary data collection from your immediate consumers, who provide feedback on your products. You can also invite customers to offer opinions on future products. To gain this information, an interviewer asks the customer to provide views on how the company can modify the existing product to satisfy his needs better. The interviewer uses surveys and questionnaires to collect and record data. This method is helpful for gaining insight about a company’s particular merchandise.

The second method is secondary data collection, which uses data that has already been printed over the Internet and in magazines and journals. This is predominantly useful in gauging the broad market scenarios.

Considerating a Consultant

Conducting research involves cost and time. The organization must weigh the pros and cons before hiring consultants to conduct research. Consultants must be made fully aware of what the organization is looking for from the research.

Advantages

The primary benefit to business research is that the organization is able to learn more about consumer choices and preferences. Research provides information on the product features that lure customers and flaws in the product or marketing that contribute to slow sales. Research helps the organization fix problems and cash in on the strengths. Research also contributes to a company’s ability to clearly identify the customer demographics and target demographic, including age, gender, monthly income of the household and educational levels. Research mitigates business risks and can help increase demand and sales.

Source: This article was published bizfluent.com By Suchi Moorty

Ever been frustrated with your Web search results? Sure, we've all been there! In order to search the Web more effectively, there are a few basic skills that you need to learn to make your searches less frustrating and more successful. In this article, we'll go over the top ten most basic Web search shortcuts that will make your searches more successful by bringing back relevant results the first time you use them. 

These are tried and true web search methods that will work in virtually any search engine and directory.Here are a few basic web search skills you need to have in order to have truly successful web searches. All of these tips can be used by anyone regardless of skill level. 

Use quotes to locate a specific phrase

top ten search tips

Probably one of the number one things that have saved me some serious Web search time over the years is the simplest - and that's searching for a phrase by putting it in quotes.

When you use quotation marks around a phrase, you are telling the search engine to only bring back pages that include these search terms exactly how you typed them in order, proximity, etc. This tip works in almost every search engine and is very successful in bringing back hyper-focused results. If you're looking for an exact phrase, put it in quotes. Otherwise, you'll come back with a huge jumble of results. 

Here's an example: "long haired cats." Your search will come back with these three words in proximity to each other and in the order you intended them to be, rather than scattered willy-nilly on the site.

Use Google to search within a site

top ten search tips

If you've ever tried to use a website's native search tool to find something, and haven't been successful, you definitely are not alone! You can use Google to search within a site, and since most site search tools just aren't that great, this is a good way to find what you're looking for with a minimum of fuss. This is a great way to easily find what you're looking for. Simply use this command within Google's search bar to search within a site: the word "site", then a colon, then the URL of the website you'd like to search within. For example; site:websearch.about.com "how to find people" plugged into Google will bring back search results only from this domain that are related to finding people online

Find words within a Web address

top ten web search tips

You can actually search within a Web address using the "inurl" command via Google; this allows you to search for words within the URL, or Uniform Resource Locator. This is just another interesting way to search the Web and find Web sites that you might not have found by just entering in a query word or phrase. For example, if you only want to find results from sites that have the word "marshmellow" in their URL, you would plug this query into Google's search bar: inurl:marshmellow. Your search results will only contain websites with that word in their URL. 

Use basic math to narrow down your search results

top ten search tips

Another Web search trick that's deceptively simple is using addition and subtraction to make your search results more relevant. Basic math can really help you in your search quest (your teachers always told you that someday you would use math in real life, right?). This is called Boolean search and is one of the guiding principles behind the way most search engines frame their search results. 

For example, you are searching for Tom Ford, but you get lots of results for Ford Motors. Easy - just combine a couple of Web search basics here to get your results: "tom ford" -motors. Now your results will come back without all those pesky car results.

Limit your searches to a specific high level domain

top ten search tips

If you'd like to limit your searches to a specific domain, such as .edu, .org, .gov, and more, you can use the site: command to accomplish this. This works in most popular search engines and is a great way to narrow your searches to a very particular level. For example, say you only wanted to search U.S. government-related sites for something. You could limit your search results to only government sites simply by typing site:.gov "my query". This will bring back results only from sites that are in the .gov high-level domain. 

Use more than one search engine

top ten search tips

Don't fall into the rut of using one search engine for all your search needs. Every search engine returns different results. Plus, there are many search engines that focus on specific niches: games, blogs, books, forums, etc. The more comfortable you are with a good variety of search engines, the more successful your searches are going to be. Check out this list of search engines for a wide variety of what you can use the next time you're looking for something. 

It's easy to skim the surface of your favorite search engine and only use the most prominent features; however, most search engines have a wide variety of advanced search options, tools, and services that are only available to those dedicated searchers that take the time to search 'em out. All of these options are for your benefit - and can help make your searches more productive.

In addition, if you're just starting out learning how to search the Web, it's easy to be overwhelmed with just the sheer amount of information that is available to you, especially if you're searching for something very specific. Don't give up! Keep trying, and don't be afraid to try new search engines, new Web search phrase combinations, new Web search techniques, etc.

Find a word on a Web page

top ten search tips

Say you're looking for a specific concept or topic, perhaps someone's name, or a business, or a particular phrase. You plug your search into your favorite search engine, click on a few pages, and scroll laboriously through tons of content to find what you're looking for. Right?

Not necessarily. You can use an extremely simple web search shortcut to search for a word on a webpage, and this will work in any browser you might be using. Here we go:

CTRL +F, then type in the word you're looking for at the bottom of your browser in the search field that pops up. Simple as that, and you can use it in any Web browser, on any website.

Widen the net with a wildcard search

top ten search tips

You can use "wildcard" characters to throw a broader search net in most search engines and directories. These wildcard characters include *, #, and ? with the asterisk being the most common. Use wildcards when you want to broaden your search. For example, if you are looking for sites that discuss trucking, don't search for the truck, search for truck*. This will return pages that contain the word "truck" as well as pages that contain "trucks", "trucking", "truck enthusiasts", "trucking industry", and so on.

Be specific

top ten search tips

 The more narrowed down you can get your Web searches from the beginning, the more successful your Web search usually will be. For example, if you were searching for "coffee", you'd get way more results back than you could use; however, if you narrowed that down to "roasted Arabica coffee in Detroit Michigan", you'd be more successful.

Source: This article was published lifewire.com By Wendy Boswell

Page 1 of 13

airs logo

AIRS is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Subscribe to AIRS Newsletter

Receive Great tips via email, enter your email to Subscribe.
Please wait

Follow Us on Social Media

Read more content?
Register or Login as "AIRS Guest"
Enjoy Guest Account
or

x
Create an account
x

or