pwned? 1 PAINLESS step To Find Out If Your Email Info Has Been Compromised

Have you heard of the term “pwned”? Last week Chris shared a news item with me about a recently discovered list of email addresses and passwords.  These are for sale on hacker websites.  If you are on this list or any of the other lists of stolen emails, you have been pwned. This list, “Collection 1”, consists of 772.9 million unique emails along with 21.2 million passwords.  You might wonder why there are so many more email addresses than passwords.  That is because so many people with multiple email addresses use the same password for everything.

Don’t do that!

A little history about the word “Pwned”:

The Urban Dictionary postulates that Pwned came into use after one of the designers for the game World of Warcraft typed “has been pwned” instead of “has been owned”. Another Urban Dictionary contributor says it is actually a commonly used chess term, where you use your pawn to check your opponent. Regardless of the various definitions, this term means “you are dominated”.

Have You Been Pwned? 1 Painless Step to Find Out:Wondering if you have been pwned?

Head over to Have I Been Pwned to find out if your email address is compromised.  Many people use different email addresses for work and home.  If you have multiple emails, be sure to check each of them.

This site will also tell you on which websites or apps the data breach has occurred.  (My email is compromised.)  I immediately changed the password for both accounts.  It also told me that the breach came from my Dropbox account.  I then changed my login information on Dropbox as well. Another breach occurred on my LinkedIn account so I changed my info there too.

5 Quick Steps to keep your information safe:

  1. Change your password on each account frequently. I change my passwords every 3-6 weeks.
  2. Change your password on financial accounts even more frequently – at least every two weeks.
  3. Never use the same password again!
  4. MOST IMPORTANT: Use a password that is hard to guess.  Make sure you use at least 10 characters.  You should use at least one of each of the following: an uppercase letter, a lowercase letter, a number, and a special character.  I always end with punctuation too.  Swap out letters for numbers or special characters. Lately, I’ve been using book titles to craft secure passwords.  So “The New Relationship Marketing” would become “th3NewRel@t1onshipMarket1ng;”  (Check it out.  It’s a great book by Mari Smith.)
  5. Next, always keep track of your passwords using a secure system.  I use a password protected spreadsheet. (Why don’t I recommend a cloud-based password manager?  I’ve recently heard of two people who lost access to their online password tracking system. They had to go to each of their emails and apps to change their passwords. Each One!)

Let me know if you have an effective tip for setting up great, secure passwords.

Please forward this to your colleagues who never change their passwords.

Information about Geek For Hire, Inc.

I’ve created a Free Report to protect you from “phishing” scams. Click here to receive it!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PCs for the past eighteen years.  His company is highly rated by both the BBB and by Angie’s List.  You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area as well as remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and online streaming. I haven’t tried the Kindle lending library yet.  I’ll try that next!  Prime is normally $119/year, but you can try it for 30 days for free by clicking on this link: Try Amazon Prime 30-Day Free Trial (Yes, we’ll get a small commission when you sign up.)

Been Pwned? How Do I Find Out If This Impacts Me?

2019 January 22 UPDATE: Based on recent news stories, the “been pwned” information has been updated here:

https://geekforhireinc.com/pwned-has-your-email-been-compromised/

 

 

Although this website has been around for a few years, I’ve only just found out about it.  It’s called Have I Been Pwned and it lets you know if your email address has been compromised in any way.

A little history about the word Pwned:

The Urban Dictionary postulates that Pwned came into use after one of the designers for the game Warcraft typo’d “has been pwned” instead of “has been owned”. Another Urban Dictionary contributor says it is actually a commonly used chess term, where you use your pawn to check your opponent. Regardless of the various definitions, the word essentially means that you have been owned or dominated.

Have I Been Pwned?been pwned?

Head over to Have I Been Pwned to find out if your email and other personal information has been hacked by bad operators.  They will also tell you on which websites or apps the data breach has occurred.  For example, I found out that my both my personal and business emails have been pwned.  I immediately changed the password for both accounts.  It also told me that the breach came from my Dropbox account.  I then changed my login information on Dropbox as well. Another breach occurred on my LinkedIn account so I changed my info there too.

What can you do to keep your information safe?

  1. Change your password frequently. I change my passwords every 3-6 weeks.
  2. Never use the same password again!
  3. MOST IMPORTANT: Use a password that is hard to guess.  Make sure you use at least 10 characters.  You should use at least one of each of the following: an uppercase letter, a lowercase letter, a number, and a special character.  I always end with punctuation too. Lately, I’ve been using book titles to craft secure passwords.  So “The New Relationship Marketing” would become “th3NewRel@t1onshipMarket1ng;”  (Check it out.  It’s a great book by Mari Smith.)
  4. Next, always keep track of your passwords using a secure system.  I use a password protected spreadsheet. (I’ve recently heard of two people who lost access to their online password tracking system. They had to go to each of their apps and change their passwords!)

Let me know if you have a great tip for setting up great, secure passwords.

Here’s some more reading on the whole pwned subject:

Please forward this to your colleagues who never change their passwords.

Information about Geek For Hire, Inc.

I’ve created a Free Report to protect you from “phishing” scams. Click here to receive it!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PCs for the past eighteen years.  His company is highly rated by both the BBB and by Angie’s List.  You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area as well as remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and online streaming. I haven’t tried the Kindle lending library yet.  I’ll try that next!  Prime is normally $119/year, but you can try it for 30 days for free by clicking on this link: Try Amazon Prime 30-Day Free Trial (Yes, we’ll get a small commission when you sign up.)

 

Security Summit Thoughts – Hack-Proof Your Mac or PC

Last week I attended Microsoft’s “Virtual” Security Summit.  I have the word virtual in quotes because I didn’t have to travel anywhere.  My son and I watched the live streaming video in our living room! While I like the buzz of meeting new people, staying at home and learning new things has its advantages as well.  The Summit was primarily targeted towards management of large enterprise firms, I did pick up a few nuggets of information that will help the average person with the security of their machine as well.

First tip for Security:Security

Make sure the user permissions on your account are set to “Standard User” and not “Administrator”. This cuts down on the chance that viruses or other malware can be easily installed on your machine. This also protects a random bad operator from installing a bitcoin mining operation on your machine.  You provide the computer and electricity, they get the benefit.  If anyone has ever installed the SETI program on their machine, it would work similarly to that.  (The “Search for Extra-Terrestrial Intelligence” program gave the opportunity for ordinary computer users like Chris Eddy to allow SETI to use some of their computer operating power.)

Next:

Make your machine harder for the bad guys to get access to. Use a very secure password, set up two-factor authentication wherever you can. Install updates to your Operating System as soon as they are available.

Finally:

Use good security practices. Patti Chrzan, head of Microsoft’s cyber-security fraud division said this:

“90% of all cyber crime starts with a phishing email”

A reminder that the phishing email is an attempt to get access to your personal information, like your birthday or password.  A phishing email might also install a virus, ransomware, or other malware.

Being hyper-alert of every click, and every email you open puts you way ahead of the average person. Even if the email seems legit, never click on a link in an email from a corporation until you have confirmed its legitimacy.  Call the company to confirm that your account has been hacked, or your password was changed, or a large purchase was made.  Never take the word of an email at its face value!

The highlight of my day was when Microsoft retweeted my comment:

security

Just because you have an antivirus installed, does not automatically make you secure. You must have good personal systems in place too.

Past blogs you may find helpful:

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fifteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area as well as remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and the online streaming. I haven’t tried the Kindle lending library yet.  I’ll try that next!   Prime is normally $99/year, but you can try it for 30 day for free by clicking on this link: Try Amazon Prime 30-Day Free Trial

(Any links to products or services in this post may be affiliate links. If they are, we may receive a small commission when you click on it. Rest assured, your price will be the same!)

3 Tips to Creating a Secure & Strong Password

Last week, I wrote about the DDoS attack which occurred on October 21st.  That attack shut down many websites and apps, especially for users on the East Coast.  I recommended that you use a very secure and strong password. Please don’t use one of these most common passwords!

Use a Strong Password! Not these Common Passwords Source: http://i.imgur.com/FImcPiG.png
The Most Common Passwords
Source: http://i.imgur.com/FImcPiG.png

How to create a Strong Password:

It occurred to me that you may need some guidance to create a really secure and strong password. Here are some tips:

  1. First, the more characters in your password, the more secure it will be. According to mSecure, a four-character password can be cracked in under a minute, while an eight-character password can be cracked in five months.  A nine-character password can take up to 10 years to crack.  Notice I said “up to”.  Just using lots of characters doesn’t work if the password is easy to guess.  That’s why you also need:
  2. Next, think Complexity. Using a eight-character password like “password”, “Password”, or even “PasswØrd”, is too easy to guess.  Even a nine-character password like “password1” is relatively easy to crack.  The same goes for “Admin”, “administrator”, and “12345678”. These are common passwords that a lot of people use.  In order to make a password more complex, add symbols, capital letters, and numbers.  Using symbols or numbers in exchange for letters makes the password easier to remember.  For example swap out your “o” for an “Ø”, your “a” for “@”, or your “e” for a “3”.  You can even use a password generator like passwordsgenerator.net to generate a truly unique password.  I like this one because I can set the number of characters and whether or not I can use special characters like @#%& for a particular website.  Above all, when you go to enter your log in credentials:
  3. Finally, you must remember that very strong password!  Some ideas include a favorite book, your best friend’s name from second grade, or your grandparent’s street address. Just remember to add some additional complexity to make it even more secure.  For example, “Newport” can become “517Newport”, “NewpØrt”, or “Newport100”.  If you must write down your passwords, keep it in a secure place.  I use a password protected spreadsheet.

Please make it a point to use a secure and strong password on all of your internet connected devices.  Change it today!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website.  Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area and remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and the online streaming. I haven’t tried the Kindle lending library yet, but I’m tempted!   Prime is normally $99/year, but you can try it for 30 day for free by clicking on this link: Try Amazon Prime 30-Day Free Trial (Yes, we’ll get a small commission when you sign up.)

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

DDoS? And Why YOU May be to Blame

Last week, many websites and apps were severely compromised, especially on the East Coast. Apps like Twitter, Reddit, Spotify, AirBnB, and Netflix slowed to a crawl or were shut down altogether.  A DDoS attack was launched against Dyn, a New Hampshire company that provides DNS routing.

Level3 Outage map on 24Oct16 Screen Shot by Geek For Hire, Inc.
Level3 Outage map on 24Oct16
Screen Shot by Geek For Hire, Inc.

What did you just say?

  • DDoS = A “Distributed Denial of Service” occurs when hundreds of thousands of messages are sent to specific internet addresses with the intent to overload that service and shut it down. (In this case, the intent was to take down Dyn in order to affect many websites and not just one.)
  • DNS = The Internet’s Domain Name System translates the URL’s we enter, like www.google.com, into “the numerical IP addresses needed for the purpose of locating and identifying computer services and devices.” (From wikipedia)

In the past, most DDoS attacks were focused on a particular website.  Last Friday, the attack was focused on a company which the NY Times calls “one of the Internet’s giant switchboards”, which had a devastating impact.

So, how is this MY fault?

Do you have a surveillance camera on your front door? A wireless printer? A “smart” refrigerator”? All of these are connected to the internet with their own numerical IP address.  The “bad guys” can run through a list of IP address to see which addresses can easily be compromised.  Once they’ve identified these devices, they can use them to add to their arsenal to send the messages that create the attack.

I still don’t get it.  How is this MY fault?

Do you use a password on all of your internet connected devices? Is it secure? A password of “admin”, “123456”, or “password” is NOT secure!  Have you ever been out looking for free WiFi, and something like “HP-M475-5E3F78” was presented as an available WiFi that you could connect to?  That is what happens when someone does not put a password on their printer.  There are literally millions of WiFi connected devices in the US.  How many of those are vulnerable to participating in these types of attacks?

Please make it a point to use a secure password on all of your internet connected devices.  Change it today!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website.  Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area and remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and the online streaming. I haven’t tried the Kindle lending library yet, but I’m tempted!   Prime is normally $99/year, but you can try it for 30 day for free by clicking on this link: Try Amazon Prime 30-Day Free Trial (Yes, we’ll get a small commission when you sign up.)

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Sharing Your Social Media Identity with the Government

Every once in a while I read a story that makes me say:

WHAT?

Today was one of those days.  According to this article in arsTechnica, the US Customs and Border Protection is considering adding a new field to their Visa application process.  They will be asking visitors to the US to provide their Social Media Identity.  Apparently it won’t be a required field, but if you leave it blank, it will look very suspicious.

“The agency says travelers coming to the US…. won’t be forced to disclose their social media handles, but leaving it blank obviously could raise red flags.”

Additionally, the verbiage associated with the request is very nebulous.  According to the article:

‘Here’s what will be asked: “Please enter information associated with your online presence—Provider/Platform—Social media identifier.”‘

So, someone who is not paying attention may provide not just their ID, but might also provide their login and password info!

I have a couple of thoughts about this.

First, of course, is that anyone can find anything online, so adding a box on their form will just make the process a little easier for Customs to get your info.

Second, how will Customs keep this info safe?  How will they insure that someone can’t hack into their systems and capture the info – especially if some of those applications may contain ID’s and passwords?

why

Lastly, how will this help?  Call me cynical, but I don’t think someone entering the country with malicious intent is likely to be providing their “real” social media identity.

It is far too easy to set up multiple identities online.  Just look at me.  I’ve got an email for business, an email for personal stuff, an email for networking, and an email for signing up for stuff online.  It was easy to do this.  And once you have different emails, you can set up different social media accounts.

No, those folks will be providing their ”professional” social media account; the identity they use for LinkedIn to show that they are an upstanding citizen of their home country.  I fail to see how this new field on the visa application will keep out the “bad guys”.

What are your opinions about online privacy and multiple identities?  We’d love to hear your thoughts!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website.  Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area and remote service throughout North America.

Join Amazon Prime – Watch Thousands of Movies & TV Shows Anytime – Start Free Trial Now

Save

Save

Save

Save

Save

Save

Save

Save

Tagged

Change Your Password!

In the last few days, we’ve had a bunch of calls from customers who have had their email hacked.  They are hearing from friends and clients that their email is sending out spam.  Some of them have been aggravated with us because they feel like their anti-virus should have protected them.  (Security software can’t protect you if someone else already has your password information.)

Here’s the deal.  Several years ago, LinkedIn was hacked.  Login credentials were stolen from approximately 117 million LinkedIn accounts!  Although this happened in 2012, one of the “bad guys” has recently decided to sell the credentials.

LinkedIn

According to this article from Tech Crunch:

Now, according to a new report from Motherboard, a hacker going by the name of “Peace” is trying to sell the emails and passwords of 117 million LinkedIn members on a dark web illegal marketplace for around $2,200, payable in bitcoin.

117 million LinkedIn emails and passwords from a 2012 hack just got posted online

CNN:Money adds their two cents:

Companies typically protect customer passwords by encrypting them. But at the time of the 2012 data breach, LinkedIn hadn’t added a pivotal layer of security that makes the jumbled text harder to decode.

Put on the defensive, LinkedIn is now scrambling to try to stop people from sharing the stolen goods online — often an impractical task. The company is also invalidating all customer passwords that haven’t been updated since they were stolen.

LinkedIn said it’s reaching out to individual members affected by the breach. This particular hack affects a quarter of the company’s 433 million members.

http://money.cnn.com/2016/05/19/technology/linkedin-hack/

Since many people use the same password on their other online accounts, the hackers can potentially access other accounts as well.

Our advice?  Change your passwords for LinkedIn and other social media sites today.  If you use the same passwords for other online sites, change the passwords for your email and banking accounts too.  (If you didn’t have a LinkedIn account prior to 2013, you should be safe.  This time.)

Changing your passwords on a regular basis is always a good idea!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website.  Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area and remote service throughout North America.

Join Amazon Prime – Watch Thousands of Movies & TV Shows Anytime – Start Free Trial Now

 

 

 

The Scariness Increases

Ransomware

Chris forwarded a link to me the other day about some scary “malvertising”.  For those of you who didn’t have Senor Garcia for High School Spanish, “mal” is a Latin prefix meaning “bad”.  Other words you might be familiar with include “malware” and “malicious”.  And that’s what this is: Malware that looks like advertising, but really contains malicious code.

I can hear you saying: “But I know how to be careful and not click on stuff that looks suspicious!”  And that’s the issue right there.  These are “advertisements” that appear on highly respected websites.  ARS-Technica warns us that:

“Mainstream websites, including those published by The New York Times, the BBC, MSN, and AOL, are falling victim to a new rash of malicious ads that attempt to surreptitiously install crypto ransomware and other malware on the computers of unsuspecting visitors, security firms warned.

The tainted ads may have exposed tens of thousands of people over the past 24 hours alone, according to a blog post published Monday by Trend Micro. The new campaign started last week when “Angler,” a toolkit that sells exploits for Adobe Flash, Microsoft Silverlight, and other widely used Internet software, started pushing laced banner ads through a compromised ad network.”

Another technical site, MalwareBytes, mentions some other websites, including Newsweek, Realtor.com, and NFL.com.

And, the malware that is being downloaded isn’t your run-of-the-mill virus.  In many cases it is Ransomware, which takes all of your files and encrypts them with a special key.  You then need to pay a ransom to get the encryption key to get your data back.

This is not a message you want to see popping up on your screen!

Ransomware Image - source: http://arstechnica.com/security/2016/03/big-name-sites-hit-by-rash-of-malicious-ads-spreading-crypto-ransomware/
Ransomware Image – source: http://arstechnica.com/security/2016/03/big-name-sites-hit-by-rash-of-malicious-ads-spreading-crypto-ransomware/

What is our advice?

  1. Use an adware blocker like AdBlock Plus
  2. For some websites, they won’t show you ANY content unless you agree to see their ads.  In that case, never click on an advertisement.
  3. If you really are interested in a product or service that is being offered, go to the company’s site directly.
  4. Keep your data backed up to an external source.  And back it up at least once a month – more often if you are working with ever-changing and precious data.

If you need help getting rid of any malware, or learning how to regularly back up your data, give us a call!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more at http://www.GeekForHireInc.com Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and the online streaming. I haven’t tried the Kindle lending library yet, but I’m tempted! Prime is normally $99/year, but you can try it for 30 day for free by clicking on this link:  Try Amazon Prime 30-Day Free Trial

Are You Thinking of Using a Password Manager?

I am of two minds when it comes to an online password manager.  On the one hand, I think it would be a great way to keep multiple passwords secure.  On the other hand, I worry about hackers gaining control of my data.

That being said, if your keyboard (or monitor) looks like this, it’s time to find another solution!

Is this your password manager?!

Luckily, there are several online password managers to choose from:

  • 1Password
  • Dashlane
  • LastPass
  • KeePassX
  • mSecure
  • Sticky Password

Most of these have the same or similar features.

  • Manage passwords over multiple devices
  • Generates ultra strong passwords
  • Stores banking and other sensitive information
  • Most are free but do have an annual or monthly fee for certain upgrades
  • Some utilize the iPhone fingerprint to confirm your identity

Even with a secure password manager, you still need to be careful of “spoofing”, where a fraudulent web page is displayed to trick you into providing your super-secure password key as described in this article:

Which password manager do you use?  What are its best features?  What don’t you like? Let us know in the comments below!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more at http://www.GeekForHireInc.com  Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area and remote service throughout North America.

 

Protect Yourself from Phishing Attacks!

Many of you know that I take frequent road trips. That’s why my vehicles have the EZ-Pass device on them. EZ-Pass automatically collects tolls on highways and bridges on the East Coast. (FYI, FasTrak is used on the West Coast. Here in Colorado we use ExpressToll.) When this article crossed my news feed, I was particularly interested.

“Phishing Scam Alert: There is a phishing email* being sent to drivers across the nation claiming they owe money for unpaid E-ZPass tolls.  This is not an email from The Toll Roads, the Transportation Corridor Agencies, E-ZPass or E-ZPass tolling agencies. E-ZPass is used to collect tolls electronically on the East Coast; FasTrak is used to collect tolls electronically on the West Coast.

ezpass logoIn fact, during the fourth quarter of 2015, phishing attacks saw a huge increase. As expected, financial institutions took the biggest hit, although any company is vulnerable.

Wikipedia has a good definition:

“Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.”

Remember that most phishing attacks come via email, so it is very important to remain vigilant about what links you click in the emails you receive. Even when an email looks legitimate, with accurate looking logos and links, if you have any doubt, don’t click!

Social Media is becoming another prime target for phishing. In fact, according to Ian Trump of LogicNow:

“One in five phishing attempts is made through social media. Some of these will be unsophisticated attempts to snare anyone who might miss-click, but others will be more targeted and try to fool people with specific information, attempting to drive the user to a fake website where they will enter their username and password. A compromised social media account has the potential to wreak further havoc, especially given the habit for people to use the same password over and over again for both work and personal accounts.” More info in this article.

Whenever you receive an email saying you owe an organization money, or they need to confirm your information, or anything that makes you wonder if it’s for real, be especially careful. Never click the link on the email. Instead, head to the website you’ve used before to check out the authenticity of the message. If you find that it is a phishing attempt, notify the company too.

Have you been exposed to phishing attacks? How did you handle it? Let us know in the comments below!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more at http://www.GeekForHireInc.com Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area