Phishing Expedition’s – Keeping Safe During the Holidays

Several of our customers received a disturbing email over the past few days.  Once customer received one that said her email was being discontinued.  Another received one that said his bank account was being closed.  I even got one that said my SIM card was being deactivated so I would effectively be without cell service!  These are all “phishing expedition’s”.

Luckily I know the signs to look for to determine if an email is a phishing expedition or for real.Phishing Expedition

  1. Make sure the email is really from a trusted source.  If the email is from a friend, read it through before you click on any links.  Does the email sound like it was written by your friend?  Are you expecting an attachment or other link from them?  Always check when you receive an email with a link or other attachment before clicking.  Did your friend really send it?
  2. Before I click on a link in an email, I hover my mouse over the link to see where the click will take me.  When I hovered over the “Know More” link on the email I received, it goes to the website t.goddypuddy.IN/withLotsMoreTextFollowing. The “in” at the end of the website is a country code.  In the US, we are used to seeing .com, .biz, .net, or .gov.  In this case the .IN refers to  India.  So I know that the email originated in India. (Note that you can only do this on your computer, so don’t click on any links from your phone or tablet unless you know they are 100% safe!)
  3.  Does the body of the website match the Subject line?  In this case, the Subject is that my mobile number is being deactivated.  But the body of the email is completely unrelated talking about banks and the Supreme Court.
  4. If your friend or colleague says they didn’t send the message, tell them to change their password and run their virus scanner ASAP!

What else can you do to stay safe?

  • Put a note on your calendar to change your email passwords at least once a month.  Here are some tips to creating a strong password.
  • Be extra careful when surfing the web or viewing posts on Social Media. Malware is increasingly being spread that way.

Looking for more info on phishing expedition’s?  Here are some past blogs:

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fifteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area as well as remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and the online streaming. I haven’t tried the Kindle lending library yet.  I’ll try that next!   Prime is normally $99/year, but you can try it for 30 day for free by clicking on this link: Try Amazon Prime 30-Day Free Trial (Yes, we’ll get a small commission when you sign up.)

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Phishing Expeditions (Stay Safe Online!)

There’s another threat out there. It’s a Phishing Expedition. Several of our clients have already fallen for it.  It comes by way of an email which appears to be from a trusted friend or business associate.  They want you to take a look at a document on DropBox. It looks legit, plus, you’ve gotten documents from this email contact before.

So, you click on the link to look at the DropBox document. Except it’s not from your friend. And in that brief moment, you’ve given access of your entire email contact list to the Phishers.

As soon as you figure out what has happened, it is important to change the passwords for all of your email accounts

"Phishing" by Edwind Richzendy

“Phishing” by Edwind Richzendy

immediately. Here are some ideas for creating a really strong password.  You should also run your virus scanner.

How do you make sure this doesn’t happen to you?

  1. Before opening any attachments, make sure the email is actually from your contact.  Are you expecting a document or other attachment from them? Does the text of the email message and subject “sound” like what your contact would write? If not, give them a call to see if it’s really from them.  (If it’s not, tell them to change their password and run their virus scanner ASAP.)
  2. Put a note on your calendar to change your email passwords at least once a month.
  3. Be extra careful when surfing the web or viewing posts on Social Media. Malware is being spread that way as well.

Looking for more info on phishing?  Here are two past blogs:

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fifteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area as well as remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and the online streaming. I haven’t tried the Kindle lending library yet.  I’ll try that next!   Prime is normally $99/year, but you can try it for 30 day for free by clicking on this link: Try Amazon Prime 30-Day Free Trial (Yes, we’ll get a small commission when you sign up.)

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Is It Just Me, Or Is My Favorite App Down?

Does this happen to you too?  I head over to a certain app, whether for business or just goofing off, and I can’t log on!  I try again and again, being very purposeful entering my password.  I shut down the application and restart it.  I shut down my phone/laptop/tablet and restart it, but the problem persists.  What is going on?!

In some cases, it could be the application itself which is having the issue.  Their servers are not infallible, despite what they might claim.

Application down - WordPress 1 cropped

But WordPress can go down.  And so can Facebook, Twitter, Quickbooks Online, and many other.  To check the status of your app when you are having issues head over to any of these sites:

  • Down Detector – I like the visuals of their graph.  Very easy to understand.  Down Detector tracks Facebook, Netflix, AT&T, Verizon, eBay, Twitter, and many others: http://downdetector.com/
  • Down Right Now – I like the visuals of this site as well.  They mostly track Social Media and email sites: http://downrightnow.com/
  • Outage Report – Not only does this site provide a graph of down times, but they have a map to show where the outages are occuring.  In addition to Social Media and entertainment sites, this site also tracks online gaming apps: http://outage.report/

If you are experiencing difficulties getting on to one of your favorite apps, remember to check one of the above sites. and record your problem too.

 

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website.  Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area and remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and the online streaming. I haven’t tried the Kindle lending library yet, but I’m tempted!   Prime is normally $99/year, but you can try it for 30 day for free by clicking on this link: Try Amazon Prime 30-Day Free Trial (Yes, we’ll get a small commission when you sign up.)

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Sharing Your Social Media Identity with the Government

Every once in a while I read a story that makes me say:

WHAT?

Today was one of those days.  According to this article in arsTechnica, the US Customs and Border Protection is considering adding a new field to their Visa application process.  They will be asking visitors to the US to provide their Social Media Identity.  Apparently it won’t be a required field, but if you leave it blank, it will look very suspicious.

“The agency says travelers coming to the US…. won’t be forced to disclose their social media handles, but leaving it blank obviously could raise red flags.”

Additionally, the verbiage associated with the request is very nebulous.  According to the article:

‘Here’s what will be asked: “Please enter information associated with your online presence—Provider/Platform—Social media identifier.”‘

So, someone who is not paying attention may provide not just their ID, but might also provide their login and password info!

I have a couple of thoughts about this.

First, of course, is that anyone can find anything online, so adding a box on their form will just make the process a little easier for Customs to get your info.

Second, how will Customs keep this info safe?  How will they insure that someone can’t hack into their systems and capture the info – especially if some of those applications may contain ID’s and passwords?

why

Lastly, how will this help?  Call me cynical, but I don’t think someone entering the country with malicious intent is likely to be providing their “real” social media identity.

It is far too easy to set up multiple identities online.  Just look at me.  I’ve got an email for business, an email for personal stuff, an email for networking, and an email for signing up for stuff online.  It was easy to do this.  And once you have different emails, you can set up different social media accounts.

No, those folks will be providing their ”professional” social media account; the identity they use for LinkedIn to show that they are an upstanding citizen of their home country.  I fail to see how this new field on the visa application will keep out the “bad guys”.

What are your opinions about online privacy and multiple identities?  We’d love to hear your thoughts!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website.  Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area and remote service throughout North America.

Join Amazon Prime – Watch Thousands of Movies & TV Shows Anytime – Start Free Trial Now

Save

Save

Save

Save

Save

Save

Save

Save

Windows 10 Update

Upgrading to Windows 10?

We continue to see machines that have upgraded to Windows 10 with serious problems.  And, I continue to get asked if machines should be upgraded.

Here’s the scoop:

  • If you have a Windows 7 machine, don’t upgrade unless you have a serious business need.
  • If you have a Windows 8 machine, you should be okay to upgrade, although you may still experience some issues
  • If you have a Windows XP or earlier machine, don’t (DO NOT!) upgrade.  Consider purchasing a new machine with Windows 8 or 10 already installed.

If you’re planning to upgrade do this first:

  • Back up your data.  Use an external Hard Drive if you have one, or upload to the Cloud
  • Make sure you have a list of all the programs and applications that you use.
  • Make sure you know what all of your passwords are, especially if you have asked your computer to remember them for you.
  • Make sure you know what your WiFi Router password is.

Tired of the Win10 “Nag” message?

I asked Chris how to get rid of the message that pops up frequently reminding you to UPGRADE NOW! WHILE IT’S STILL FREE!.  Here’s what he said:

  • “The only reliable method I’ve found so far to prevent a machine from presenting the “Get Windows 10 Upgrade” (GWX) nag message is to rename the GWX folder which contains the upgrade program.
    • See a small window icon in the tray, to the left of the clock in the task bar.
    • Go to the folder: “C:\Windows\System32” /and/ the “C:\Windows\SysWOW64”
    • Rename the “GWX” folder to something else – such as: “_GWX”, if it exists in either folder.  Note that you will see a popup titled “Folder Access Denied” and the message “You’ll need to provide administrator permission to rename this folder”.  Click on the “Continue” button to proceed with renaming the GWX folder.
    • Reboot your machine.
    • See that the small window icon is not present, and note that it does /not/ reappear”

If you have any questions about upgrading, give us a call

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more at http://www.GeekForHireInc.com Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area.
Shop Amazon – Contract Cell Phones & Service Plans

Are You Thinking of Using a Password Manager?

I am of two minds when it comes to an online password manager.  On the one hand, I think it would be a great way to keep multiple passwords secure.  On the other hand, I worry about hackers gaining control of my data.

That being said, if your keyboard (or monitor) looks like this, it’s time to find another solution!

Is this your password manager?!

Luckily, there are several online password managers to choose from:

  • 1Password
  • Dashlane
  • LastPass
  • KeePassX
  • mSecure
  • Sticky Password

Most of these have the same or similar features.

  • Manage passwords over multiple devices
  • Generates ultra strong passwords
  • Stores banking and other sensitive information
  • Most are free but do have an annual or monthly fee for certain upgrades
  • Some utilize the iPhone fingerprint to confirm your identity

Even with a secure password manager, you still need to be careful of “spoofing”, where a fraudulent web page is displayed to trick you into providing your super-secure password key as described in this article:

Which password manager do you use?  What are its best features?  What don’t you like? Let us know in the comments below!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more at http://www.GeekForHireInc.com  Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area and remote service throughout North America.

 

How To Keep Your Online Presence Safe During the Holiday Season

With the holidays coming up, people are doing lots of online shopping.  It is very important to keep your online presence safe!  Last week I heard the Amazon website may have been hacked and user IDs and passwords may have been compromised.

Now is the time to change your password for all of your online accounts.  Especially accounts where you have credit card or other financial information stored!

When you change your password, make it a STRONG password!

Use each type of character that the website allows. For example, some websites only allow you to use letters, capital letters, and numbers.  Others allow you to use special characters like “@”, or “&”, or “#”.  Always use the special characters unless the website doesn’t allow you to. One of the best ways to make a strong password is use a word that is familiar to you and change some of the letters.  For example, you can change “a” to “A” or “@”.  You can change “o” to “O” or “0”.  An “s” can become “5” or “$”.  You get the idea.  It’s also important to use a long password.  Most websites require eight characters, but you should use at least 16 characters wherever the website allows you to.  Adding a date to your familiar word will add another eight characters to your password

Here are the steps to follow:

  1. Use letters and capitals
  2. Use numbers
  3. Use special characters
  4. Replace letters with capitals, numbers, and special characters
  5. Make the password at least 16 characters long, or as long as the website will allow you

So a good strong password could be “1_lIk3-$un5ets_1215” instead of “Ilikesunsets”

When you change your password, make it a UNIQUE password!

Use a different password for each site.  When you use the same password on multiple sites it makes it that much easier for hackers to get into your accounts on other sites as well.  Each site where you have stored credit card information or other financial information should have a different and unique password.  So, yes, you’ll need a different one for Amazon and eBay.  And, you’ll need a different one for Fidelity and  Charles Schwab.

What’s the best way to do this?  Add two or more characters to your strong password to indicate which site it is for.  For example, you could use  “1_lIk3-$un5ets_F1d”, or  “1_lIk3-$un5ets_eby”

Phishing is also a holiday issue!

Phishing is where someone tries to trick you into giving them your sensitive and private information.  Generally, they’ll send you an email.  (They might also call you on your phone.)  They tell you that there is an issue with your Amazon or Charles Schwab account and you need to update your password immediately.  The email looks legitimate and you are tempted to click on the “Log into your account now!” button.  Even if it is a legitimate email, you should always go directly to the official website and log on from there.

 

Do you already use strong passwords?  What tricks do you use?  How do you remember them all?  Share your tips with your fellow readers in the comments below!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more at http://www.GeekForHireInc.com  Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area and remote service throughout North America.

Outsmarting The Hackers

Hackers are getting smarter and are finding it easier to log into your email, bank and social media accounts.  For that reason, it is so important to regularly change your passwords on all of your accounts.  If you think any of your accounts may have been hacked, change your password recovery email as well.

Some people have a hard time remembering their passwords.  I’ve found that it is a good idea to use a couple of different words which are significant to you, but change it up a bit.   Use numbers, symbols, and capital letters to make the password harder to guess, but easy for you to remember.  As an example, using the word ““PASSWORD””, I’ll show you how easy it is to change a common word into a secure password for you:

  • P@55w0rd! –  Capitalize the first letter, change the ““a”” to  the @ symbol, change the two S’s to 5’s, change the “o” to a zero, and add an exclamation on the end.
  • P@55W0rd! – – Capitalize the first letter, change the “a” to  the @ symbol, change the two S’s to 5’s, Capitalize the “W”, change the “o” to a zero, and add an exclamation on the end.
  • !P@55w0rd! – – Start with an exclamation point, Capitalize the first letter, change the “a” to  the @ symbol, change the two S’s to 5’s, change the “o” to a zero, and add an exclamation on the end.

When you use this system, you can change it monthly by adding the date.  For example, add “April”, or “04” to the end.

It’s also better to use more than one word.  Sometimes when Chris is setting up a new password he will use the title of a nearby book.  For example, Mark Reisner’s “Cadillac Desert” is on my desk right now.  Using Chris’ system, my new password could be:

  • CadillacDesert – with the first letter of each word capitalized and no spaces.
  • Cadillac Desert – with the first letter of each word capitalized and one space between the two words.
  • Cadillac_Desert – with the first letter of each word capitalized and the underscore symbol between the two words.
  • C@dill@cDesert – with the first letter of each word capitalized and the “a” turned into the @ symbol.

You get the idea!  Play around with some possible passwords for you.  Once you have a few that work and that you can easily remember, it will be easy to change it up on a regular basis and to keep your online life that much more secure!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website.  Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area and remote service throughout North America.