Most people I know outside the corporate world have experience with PDFs -- Adobe's Portable Document Format files -- as users or consumers of the technology. They can read PDFs, but aren't sure how to create them.
Fortunately, there isn't any big secret or mystery to PDFs. But before I tell you how to create your own on the cheap, let me explain why there's even a need for this file format.
Let's say you create a nice looking, highly formatted document, like a newsletter, announcement or flyer. You put graphics in certain places and use fonts that you bought or downloaded from somewhere. If you only want to print the document yourself and distribute it on paper, there's no problem. But what if you want to distribute it electronically, maybe by e-mail or putting it on the Web?
- If you created the document in Word, you can distribute the Word document, but what if the people viewing the document don't have your fonts? They'll see other fonts substituted, and your formatting work goes down the drain.
- If you created the document in PowerPoint or Publisher, or non-Microsoft applications, you not only risk the font substitution problem, but not everyone has PowerPoint installed and even fewer have Publisher installed. And who wants to read a document in Publisher, anyway? And yes, there are even a few computers that don't have Word installed on them.
That's where PDFs come in. A PDF is like a snapshot of your document. It includes fonts, layout, graphics and everything else you put in your document. Anyone can read PDFs using Adobe Reader (the software formerly known as Adobe Acrobat), available for free at
Adobe's Web site. So what you intend people to see is exactly what they see -- no guessing required. This is also important for bringing documents electronically to a print shop for digital or offset printing, since the print shop might not have the application you used to create the document.
The problem is that while Adobe Reader is free, it's just that: a reader designed to display PDFs, but not create or edit them. To create PDFs, you need separate software to do the conversion. Almost all PDF conversion software will work with your "regular" software when you print. That is, to convert a document to PDF, select
File/Print (
Ctrl +
P), then choose the PDF converter as though it's a printer. Instead of printing, the converter will create a PDF.
Typically, people create PDFs using Adobe Acrobat. Once a regular document has been distilled (i.e. converted) to PDF, Acrobat lets you edit it in many ways, such as modifying font embedding, making minor text changes, inserting or editing hyperlinks, rearranging pages, cropping, renumbering pages, adding digital signatures and security, creating automated reading orders, inserting bookmarks and much more. You can't beat it for the number and flexibility of features.
If you have $300 to $400 to spare for the standard or professional version (or $1200 for the whole Adobe Creative Suite), then go for it. But if your budget is a little tighter, there are many third-party and shareware options available. Here are a few, all of which offer free trials:
For $30 or $50 (standard and pro version), you can buy the Adolix PDF Converter (
www.adolix.com). It will do a decent job of converting documents to PDF and compressing them, too. It has basic post-conversion editing features, such as open/modify security, rearranging pages and merging documents.
Win2PDF (
www.win2pdf.com) will convert documents for $35 or $69 (also for standard and pro versions), but its post-production editing is limited. You can set passwords and change document titles, but not much else.
While most PDF converters still require Adobe Reader to view or print PDFs, pdfFactory and pdfFactory Pro (
www.pdffactory.com) let you preview and print directly from the application. The Pro version costs $100, but you'll also want the FinePrint utility for better editing. Spring for the extra ten bucks and get them as a $110 package.
On price alone, it's hard to beat pdf995 and pdfEdit995 (
www.pdf995.com), from a company called
Software995. Guess how much they charge for their products? As the product names imply, you'll need one program to do the conversion and another to edit. They don't have many options, but their output is good. If you only need quick-and-dirty conversion, it's hard to argue with twenty bucks.
Actually, there is one argument with twenty bucks: it's called "free"...but there's a big catch. If you need to create PDFs for the sole purpose of sending documents to your local Staples for their quick print service, download their EasyPrint software from
www.staples.com/easyprint. It offers zero editing capability and requires Adobe Reader to view and print. The catch is that every page gets a Staples copyright notice running up the right side. When you send the document to Staples, they remove the watermark.
Much of this discussion may be moot before long. Microsoft plans on building PDF conversion into Office 2007, release date still unknown. As they say in sports, "just wait until next year!"
That's phishing as in strange, bogus e-mail messages. We've all seen them, we get some e-mail message from a bank we've never done business with, maybe from eBay or PayPal or some financial institution and with a dire warning, it says something to the effect of "Your account may have been compromised" or maybe "Someone tried unauthorized access" or maybe even "We seem to have lost your ID and password" and "Please, in the next 24 hours, you must log in and verify your information, and if you don't, your account may be suspended". And conveniently, there is a link for you to click so can and give them the information they want.
Phishing seems to be replacing spam as the e-mail scourge of the Internet. I'd like to tell you how to recognize these sorts of scams and up what to do or what not to do when you receive them. First of all, about 99.9% of messages like these are scams and you can safely delete them. Especially messages that look like they came from a bank where you've never even had an account. I often get these messages with return addresses pointing to banks with which I've never done business and having notices like "Please log in and in and confirm your accounts". These are obviously nonsense.
But what about a message that looks like it came from a bank where you have made deposits? These scammers' goal is identity theft, and they want still your identity so that they can steal your money or steal other people's money and make it look as though you're the one who's done it. Is it any coincidence at all that the banks that seems to be the most common that are sending these out or that or her being spoofed are the large banks? Such as Bank of America, Citibank, and so on, because they have the most depositors, the biggest target area.
But here are a few things that you should recognize when you get some of these. Number one: the Web address. You should know what the address is of any bank where you do business. If you buy and sell on eBay, if you use PayPal to send or receive money, you should know what the address is. For example, PayPal's legitimate address is www.paypal.com. If you see anything that says something like BillingPayPal.com or SignInPayPal.com or anything like that, you know that it's a scam. Also, you should look for the first part of the address, especially if it's a bank. The first part of the address shouldn't simply be http:// it should be https:// -- that S stands for security. That's not something that you can fake.
When you get a link to click in an e-mail like that, just do not click it. Any legitimate bank knows what it's doing and will not have any links in their e-mails for you to click. I will get once a month a notice for my bank that says my statement is available for viewing online, but they just tell me to go to their Web site -- that means that I can either type the address in manually in the browser's address bar or I could click it in my favorites list. Many banks will tell you that if you receive a message that looks like it's from them and it has a link, that means it's a spoof.
Now here's the scary part. Even if you manually type the address of some financial institution, it could still be fake! The way the spammers do it is they can plant a Trojan horse on your machine that actually redirects what Web address goes to what server. There is a system called DNS --Domain Name Service. It allows friendly names like www.eBay.com to connect to the actual server address, which is really just a string of numbers. But nobody wants to remember long strings of numbers, so DNS is there so you don't have to think about them. It's kind of like an automatic dialer on a telephone.
If a Trojan that changes the DNS addresses gets planted on your machine, when you type in what is a real address, you can be redirected to the server of one of these criminals. It's not even so much that you type it in, but they're expecting that you'll click on their link. For Windows users, there's a file on your system in your Windows folder called Hosts (no file extension). You might want to look at this file in your Windows folder and if you see it's been modified recently. It's a text file, so you can open it in Notepad (select Start/Run, or press
So when you go to the Web site of a financial institution, how do you know if it's real or not? One thing you should immediately look for in the lower right corner of your browser -- Firefox or Internet Explorer or any other -- is a little padlock icon, and it should be in the locked position. And this is something that cannot be faked. That icon should be on the status bar; if it's on the Web page itself, it's meaningless. Anybody with a basic knowledge of creating Web pages can put all sorts of padlocks and security-looking graphics on a site, but in the status bar of the browser, it's another story.
And here's one other problem with links in an e-mail. It's very easy to type the name of a financial institution and link it to something else for example, the text could say www.citicorp.com but when you click it, it goes to some scammer's Web site. (Here's an example of a bogus link that goes to our own site: www.WrongAddress.com.) So you always want to make sure of what you're looking at in the address bar of your browser. Also look at the end of the address bar of the browser. There'll be little padlock icon, just like on the status bar, and that's something that a scammer cannot forge.
Also look at the content of the message. If the message says something like "Dear depositor" or "Dear valued customer" rather than your name, that's probably a giveaway that it's not authentic.
Also look at the quality of the writing. A lot of these scams come from overseas, where the authors do not speak English as their native language. There are often spelling errors and grammatical errors. You might think, "Hey, I'm not the best speller in the world and I make grammar mistakes all the time." But banks that send e-mails to their customers don't send from just some guy or gal sitting at their desk, sending out messages to 10 million depositors from their personal Outlook account. Banks have people whose full-time jobs it is to read and write and edit these messages, and they will catch spelling and grammar mistakes before the e-mails go out. What amazes me is that the scammers don't even think to press F7 to do a spell check -- if English is not their native language, why would they not use a spell checker? I saw one the other day that looked almost real. It was supposedly from my bank, but they had the word "useful" spelled with two ll's, so I knew it wasn't real.
Also consider what they're saying and how they're saying it. If it's a breathless message with a false sense of urgency, you know they're trying to get you to click that link and type in your information before you have a chance to hit the Delete key. A real bank will not give you that sort of breathless warning, like you might get from some of these bogus virus warning messages.
Some of the scammers have found that they can use a publicly available databases like Yahoo or Google, where they actually can find your address, and I've gotten some that refer to me by name, and even have my home address. At first I wondered how these guys know who I am by address, and then I realized they all it takes is a simple Web search. So even if it doesn't say "Dear customer" or "Dear depositor", even for those referred to by name or by address, it still is very possibly a scam.
Some thieves will tell you that there's been some change on your account and they want to verify it. It is possible that you recently changed your password or maybe you did buy or sell something on eBay or you did something else online. Maybe you used your credit card number, and it just so happens that you get an e-mail about that particular bank or credit card and you want to see if the thing is legitimate. Maybe you don't even consider that it's a scam, because you've done something recently. Beside the fact that you still should not click a link like that in an e-mail, when you're on the site, look at what information they are asking for.
A regular bank will simply ask for user ID and password, but some of these will ask all sorts of information -- not only ID and password, but your mother's maiden name, your Social Security number or your bank routing number. Any page that asks you for information like that, you know is not legitimate. Especially if you get a page that asks for all this type of information at once you know is not real.
Keep in mind that when you get one of these messages that says, "Sorry, but we lost your information..." banks do not lose your information. You and I may have lost information here and there, but we're just regular people doing other things. Banks have full-time professional security people whose job it is to make sure that customer information is not lost, and if anything is accidentally deleted, they have backups, and backups of backups at secure data centers and sitting under a mountain somewhere (maybe here). So your bank will never tell you "Sorry we lost your ID and password". That simply isn't going to happen.
Because phishing attacks are becoming so common and increasing so much, some technical help is on the way. Internet Explorer 7.0, which is due out soon, will have some anti-phishing features, such as a little, green light on pages that are safe. Firefox, made by the Mozilla foundation, will also have some security features in future versions. Microsoft Outlook, Safari and Entourage on the Mac, will also have some features that will help. For example, links in e-mail messages are disabled by default, though this is a little silly, because that defeats a large purpose of the Internet. Though the average person doesn't e-mail links to credit card sites and banks. But even when these features are available and active, they are there to help you -- don't rely on them as crutches.
So beware and be vigilant and understand what it is that you're receiving by e-mail, and to assume that just because an e-mail looks like it comes from a trusted source or financial organization, doesn't mean that it really is. It's very easy to spoof the From field or the Reply To field in an e-mail message. Anybody with the most simple knowledge of e-mail software like Outlook could make that spoof. So have fun, be safe and we'll see ya' next time.
POSTED BY Bob Flisser, co-author, www.nerdybooks.com AT 12:11 PM 0 comments