9 Easy Tips for Online Safety

Staying safe online takes constant vigilance!  Clicking on links in your email, an app, or on a random website can lead to lots of problems.  But THINKING about it all the time is exhausting! Thankfully, there are a few shortcuts to ensure your online safety

Don’t give real answers:Internet Safety / Online Safety

Probably the most important thing to remember is that not everyone is entitled to real answers. Closely guard your personal information.  Who needs to know your birthday and why? Do you need to be at least 21 or 55?  Make up a birth date to fit those criteria! Do they want to know what your zip code is to show you the closest store to you?  Type in 80305 instead of 80302! No one except maybe your bank needs to know your mother’s maiden name. Come to think of it, most apps don’t even need to know your real name or email address.  Which brings us to tip #2…

Create a throw-away email address:

It’s easy enough to set up a new email using Gmail. Use a fake name. Forward the emails to your real address so if there is something important you’ll be sure to receive it.

WiFi:

When you’re using WiFi away from your home, office, or other trusted location, be very careful to ensure that it is a legitimate service. Always ask the coffee shop, or wherever you are, what the name of their WiFi is.  Be sure you are clicking on “Starbucks” and not “S1arbucks”.  (Did you see what I did there?) And, you should always connect to WiFi on your phone or tablet via a Virtual Private Network or VPN.

Online Safety with a VPN:

A Virtual Private Network helps ensure your online safety.  A VPN is encrypting software that masks your identity and location by hiding your IP address. Check out this article explaining what a VPN is and why you need one.

Banking:

If your bank gives you the option, you should check your balance online every day to make sure nothing nefarious is going on. (If they don’t offer online banking, I’d suggest switching banks.  After all, this is the 21st Century!) Another thing you should expect from your bank is a robust Fraud Department.  As a business, we’ve occasionally had to make online purchases from other countries.  The Fraud Department at our bank calls us each time to make sure it’s really us doing the transaction. I appreciate their diligence.

Online purchasing:

If you make a lot of purchases online, you should probably open a new debit card at your current bank just for those transactions. When you make a purchase, go to your bank account online and transfer enough funds into the account for that specific purchase. If your information is compromised, you can easily close that account.

Passwords:

Online Safety
Don’t use these passwords!

I know I’ve said this before. You can’t change your passwords often enough! Online safety starts with a secure password. Change your password on all of your apps and online accounts AT LEAST once a month.  Don’t reuse passwords.  Make sure they can’t be cracked. Use at least 12 characters.  So many rules!  Sign up for our free Guide to creating a secure and easy-to-remember password.

Location tracking:

Remember to check occasionally which apps are tracking your location. Yeah, you might have it locked down, but when you update the app, they may turn location tracking on again. Yes, you want the weather app to know where you are when you want to know how much snow you’re going to get.  Once you have your forecast and close the app though, they shouldn’t still be tracking where you are.

Online safety at Libraries, Hotel Business Suites, and Internet cafés:

Most of us can do just about everything we need to online with our phone or tablet. But there are times when we need to visit a library, internet café, or the “Business Suite” at a hotel. Be especially careful in these locations.  If you need to print an email, use your phone to email the document to your throw-away email account.  Then log in to that account instead of your real email.  If you do need to log into your real email, a financial account, or another secure app, change your password on that account as soon as you’ve completed your business. And use your phone or tablet to change your password, not the computer at the library or business suite.

Conclusion:

Online safety is a habit you can grow.  Be aware of what information you’re sharing and where you are sharing it.  What information can stay private?  You can do this!

Do you have additional suggestions?  Do you need more info or clarification?  Write a comment below!

Information about Geek For Hire, Inc.

I’ve created a Free Report on what to look for to protect yourself from “phishing” scams. Click here to receive it!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PCs for the past eighteen years. Angie’s List and the BBB rate Geek For Hire very highly.  You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3 support) to the Denver / Boulder / Front Range area as well as remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free and fast shipping.  With Prime, we have access to online streaming too. Prime is usually $119/year, but you can get a free 30-day trial by clicking on this link: Try Amazon Prime 30-Day Free Trial. As an Amazon Associate, we earn from qualifying purchases.

Please follow and like us:
error

Sim Card Swapping Scam – Three easy steps to protect yourself

I just heard about a new scam that I want to make sure you aware of as well.  It’s called the Sim Card Swapping scam. This is when someone decides to target you (who knows why – your status? your wealth? your position in your community?) and takes over your cell phone number.  From there, they can take over your social media, gain access to your financial accounts accessed via your phone, and any number of any other nefarious acts.

How does this scam work?

The process is relatively simple.  The scammer enters the physical store of your cell phone provider, or they call the toll free number, pretending to be you.  Then they provide a forged license or other personal information. The scammer will say they lost their phone.  They say they already have a new phone; they just need your service provider to transfer all of the information from the “lost” phone onto the SIM card of the new phone.

sim card swapping scam

…. and Boom!  Just like that, they have access to all of your contacts, their phone numbers, affiliations, birthdays, and any personal information you have about each contact.  They also have access to any apps you’ve allowed from your phone. Do you have the Dropbox app installed on your phone?  Now they have access to all of those documents as well.  How about Amazon? Does the Amazon app have your credit card information stored? Sounds like a fun shopping spree…

I called my local AT&T store in Boulder, where I’ve been a customer for years and spoke with one of their floor representatives.  When I asked him about the SIM card swapping scam, he wasn’t aware that it was a problem.  He said that as long as you have a photo ID with the correct address, you should be able to gain access to your account. That didn’t give me a lot of confidence! I then asked him about the PIN that we set up a few years ago.  He indicated that if an account has a PIN set up, they will ask the customer for that number in addition to verifying name, address, and photo. I then asked what the maximum number of digits were for the PIN which he said was six.

How to protect yourself from the SIM card swapping scam:

In all likelihood, the vast majority of the public won’t be targeted. But if you are known in the crypto-currency community, are wealthy, or have a high profile in your town I would recommend that you be extra vigilant.  Regardless, I would recommend doing several things right away:

  • First, enable 2FA or two-factor authentication. In the past, I’ve talked about two-factor authentication and why it is so important. Try not to use “text message” as an option to confirm your identity. Set it up so that they need to call a land-line with the code, or send the code to an email address that is not set up on your cell phone.
  • Next, talk to your cell phone provider and make sure you have a PIN set up.  Make sure it is a long as they will allow.  (Note to self: Change AT&T PIN from four digits to six!)
  • Then, log out of all of your Social Media accounts on your phone.  Set it up so that you need to log in each time.  Remember to log out every time! (This is something that Chris does.  He has never downloaded the Facebook app to his phone.  Instead, he accesses Facebook via Safari and logs in/logs out each and every time.)

Here are some articles to learn more about SIM card swapping:

Please share this on Facebook and Twitter!

Information about Geek For Hire, Inc.

I’ve created a Free Report on what to look for to protect yourself from “phishing” scams. Click here to receive it!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PCs for the past eighteen years. Angie’s List and the BBB rate Geek For Hire very highly.  You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3 support) to the Denver / Boulder / Front Range area as well as remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free and fast shipping.  With Prime, we have access to online streaming too. Prime is usually $119/year, but you can get a free 30-day trial by clicking on this link: Try Amazon Prime 30-Day Free Trial. As an Amazon Associate, we earn from qualifying purchases.

Please follow and like us:
error

pwned? 1 PAINLESS step To Find Out If Your Email Info Has Been Compromised

Have you heard of the term “pwned”? Last week Chris shared a news item with me about a recently discovered list of email addresses and passwords.  These are for sale on hacker websites.  If you are on this list or any of the other lists of stolen emails, you have been pwned. This list, “Collection 1”, consists of 772.9 million unique emails along with 21.2 million passwords.  You might wonder why there are so many more email addresses than passwords.  That is because so many people with multiple email addresses use the same password for everything.

Don’t do that!

A little history about the word “Pwned”:

The Urban Dictionary postulates that Pwned came into use after one of the designers for the game World of Warcraft typed “has been pwned” instead of “has been owned”. Another Urban Dictionary contributor says it is actually a commonly used chess term, where you use your pawn to check your opponent. Regardless of the various definitions, this term means “you are dominated”.

Have You Been Pwned? 1 Painless Step to Find Out:Wondering if you have been pwned?

Head over to Have I Been Pwned to find out if your email address is compromised.  Many people use different email addresses for work and home.  If you have multiple emails, be sure to check each of them.

This site will also tell you on which websites or apps the data breach has occurred.  (My email is compromised.)  I immediately changed the password for both accounts.  It also told me that the breach came from my Dropbox account.  I then changed my login information on Dropbox as well. Another breach occurred on my LinkedIn account so I changed my info there too.

5 Quick Steps to keep your information safe:

  1. Change your password on each account frequently. I change my passwords every 3-6 weeks.
  2. Change your password on financial accounts even more frequently – at least every two weeks.
  3. Never use the same password again!
  4. MOST IMPORTANT: Use a password that is hard to guess.  Make sure you use at least 10 characters.  You should use at least one of each of the following: an uppercase letter, a lowercase letter, a number, and a special character.  I always end with punctuation too.  Swap out letters for numbers or special characters. Lately, I’ve been using book titles to craft secure passwords.  So “The New Relationship Marketing” would become “th3NewRel@t1onshipMarket1ng;”  (Check it out.  It’s a great book by Mari Smith.)
  5. Next, always keep track of your passwords using a secure system.  I use a password-protected spreadsheet. (Why don’t I recommend a cloud-based password manager?  I’ve recently heard of two people who lost access to their online password tracking system. They had to go to each of their emails and apps to change their passwords. Each One!)

Let me know if you have an effective tip for setting up great, secure passwords.

Please forward this to your colleagues who never change their passwords.

Information about Geek For Hire, Inc.

I’ve created a Free Report to protect you from “phishing” scams. Click here to receive it!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PCs for the past eighteen years.  His company is highly rated by both the BBB and by Angie’s List.  You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area as well as remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free and fast shipping.  With Prime, we have access to online streaming too. Prime is usually $119/year, but you can get a free 30-day trial by clicking on this link: Try Amazon Prime 30-Day Free Trial. As an Amazon Associate, we earn from qualifying purchases.

Please follow and like us:
error

Been Pwned? How Do I Find Out If This Impacts Me?

2019 January 22 UPDATE: Based on recent news stories, the “been pwned” information has been updated here:

https://geekforhireinc.com/pwned-has-your-email-been-compromised/

 

 

Although this website has been around for a few years, I’ve only just found out about it.  It’s called Have I Been Pwned and it lets you know if your email address has been compromised in any way.

A little history about the word Pwned:

The Urban Dictionary postulates that Pwned came into use after one of the designers for the game Warcraft typo’d “has been pwned” instead of “has been owned”. Another Urban Dictionary contributor says it is actually a commonly used chess term, where you use your pawn to check your opponent. Regardless of the various definitions, the word essentially means that you have been owned or dominated.

Have I Been Pwned?been pwned?

Head over to Have I Been Pwned to find out if your email and other personal information has been hacked by bad operators.  They will also tell you on which websites or apps the data breach has occurred.  For example, I found out that my both my personal and business emails have been pwned.  I immediately changed the password for both accounts.  It also told me that the breach came from my Dropbox account.  I then changed my login information on Dropbox as well. Another breach occurred on my LinkedIn account so I changed my info there too.

What can you do to keep your information safe?

  1. Change your password frequently. I change my passwords every 3-6 weeks.
  2. Never use the same password again!
  3. MOST IMPORTANT: Use a password that is hard to guess.  Make sure you use at least 10 characters.  You should use at least one of each of the following: an uppercase letter, a lowercase letter, a number, and a special character.  I always end with punctuation too. Lately, I’ve been using book titles to craft secure passwords.  So “The New Relationship Marketing” would become “th3NewRel@t1onshipMarket1ng;”  (Check it out.  It’s a great book by Mari Smith.)
  4. Next, always keep track of your passwords using a secure system.  I use a password protected spreadsheet. (I’ve recently heard of two people who lost access to their online password tracking system. They had to go to each of their apps and change their passwords!)

Let me know if you have a great tip for setting up great, secure passwords.

Here’s some more reading on the whole pwned subject:

Please forward this to your colleagues who never change their passwords.

Information about Geek For Hire, Inc.

I’ve created a Free Report to protect you from “phishing” scams. Click here to receive it!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PCs for the past eighteen years.  His company is highly rated by both the BBB and by Angie’s List.  You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area as well as remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and online streaming. I haven’t tried the Kindle lending library yet.  I’ll try that next!  Prime is normally $119/year, but you can try it for 30 days for free by clicking on this link: Try Amazon Prime 30-Day Free Trial (Yes, we’ll get a small commission when you sign up.)

 

Please follow and like us:
error

Security Summit Thoughts – Hack-Proof Your Mac or PC

Last week I attended Microsoft’s “Virtual” Security Summit.  I have the word virtual in quotes because I didn’t have to travel anywhere.  My son and I watched the live streaming video in our living room! While I like the buzz of meeting new people, staying at home and learning new things has its advantages as well.  The Summit was primarily targeted towards management of large enterprise firms, I did pick up a few nuggets of information that will help the average person with the security of their machine as well.

First tip for Security:Security

Make sure the user permissions on your account are set to “Standard User” and not “Administrator”. This cuts down on the chance that viruses or other malware can be easily installed on your machine. This also protects a random bad operator from installing a bitcoin mining operation on your machine.  You provide the computer and electricity, they get the benefit.  If anyone has ever installed the SETI program on their machine, it would work similarly to that.  (The “Search for Extra-Terrestrial Intelligence” program gave the opportunity for ordinary computer users like Chris Eddy to allow SETI to use some of their computer operating power.)

Next:

Make your machine harder for the bad guys to get access to. Use a very secure password, set up two-factor authentication wherever you can. Install updates to your Operating System as soon as they are available.

Finally:

Use good security practices. Patti Chrzan, head of Microsoft’s cyber-security fraud division said this:

“90% of all cyber crime starts with a phishing email”

A reminder that the phishing email is an attempt to get access to your personal information, like your birthday or password.  A phishing email might also install a virus, ransomware, or other malware.

Being hyper-alert of every click, and every email you open puts you way ahead of the average person. Even if the email seems legit, never click on a link in an email from a corporation until you have confirmed its legitimacy.  Call the company to confirm that your account has been hacked, or your password was changed, or a large purchase was made.  Never take the word of an email at its face value!

The highlight of my day was when Microsoft retweeted my comment:

security

Just because you have an antivirus installed, does not automatically make you secure. You must have good personal systems in place too.

Past blogs you may find helpful:

Information about Geek For Hire, Inc.

I’ve created a Free Report on what to look for to protect yourself from “phishing” scams. Click here to receive it!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PCs for the past eighteen years. Angie’s List and the BBB rate Geek For Hire very highly.  You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3 support) to the Denver / Boulder / Front Range area as well as remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free and fast shipping.  With Prime, we have access to online streaming too. Prime is usually $119/year, but you can get a free 30-day trial by clicking on this link: Try Amazon Prime 30-Day Free Trial. As an Amazon Associate, we earn from qualifying purchases.

 

Please follow and like us:
error

3 Tips to Creating a Secure & Strong Password

Last week, I wrote about the DDoS attack which occurred on October 21st.  That attack shut down many websites and apps, especially for users on the East Coast.  I recommended that you use a very secure and strong password. Please don’t use one of these most common passwords!

Use a Strong Password! Not these Common Passwords Source: http://i.imgur.com/FImcPiG.png
The Most Common Passwords
Source: http://i.imgur.com/FImcPiG.png

How to create a Strong Password:

It occurred to me that you may need some guidance to create a really secure and strong password. Here are some tips:

  1. First, the more characters in your password, the more secure it will be. According to mSecure, a four-character password can be cracked in under a minute, while an eight-character password can be cracked in five months.  A nine-character password can take up to 10 years to crack.  Notice I said “up to”.  Just using lots of characters doesn’t work if the password is easy to guess.  That’s why you also need:
  2. Next, think Complexity. Using a eight-character password like “password”, “Password”, or even “PasswØrd”, is too easy to guess.  Even a nine-character password like “password1” is relatively easy to crack.  The same goes for “Admin”, “administrator”, and “12345678”. These are common passwords that a lot of people use.  In order to make a password more complex, add symbols, capital letters, and numbers.  Using symbols or numbers in exchange for letters makes the password easier to remember.  For example swap out your “o” for an “Ø”, your “a” for “@”, or your “e” for a “3”.  You can even use a password generator like passwordsgenerator.net to generate a truly unique password.  I like this one because I can set the number of characters and whether or not I can use special characters like @#%& for a particular website.  Above all, when you go to enter your log in credentials:
  3. Finally, you must remember that very strong password!  Some ideas include a favorite book, your best friend’s name from second grade, or your grandparent’s street address. Just remember to add some additional complexity to make it even more secure.  For example, “Newport” can become “517Newport”, “NewpØrt”, or “Newport100”.  If you must write down your passwords, keep it in a secure place.  I use a password protected spreadsheet.

Please make it a point to use a secure and strong password on all of your internet connected devices.  Change it today!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website.  Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area and remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and the online streaming. I haven’t tried the Kindle lending library yet, but I’m tempted!   Prime is normally $99/year, but you can try it for 30 day for free by clicking on this link: Try Amazon Prime 30-Day Free Trial (Yes, we’ll get a small commission when you sign up.)

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Please follow and like us:
error

DDoS? And Why YOU May be to Blame

Last week, many websites and apps were severely compromised, especially on the East Coast. Apps like Twitter, Reddit, Spotify, AirBnB, and Netflix slowed to a crawl or were shut down altogether.  A DDoS attack was launched against Dyn, a New Hampshire company that provides DNS routing.

Level3 Outage map on 24Oct16 Screen Shot by Geek For Hire, Inc.
Level3 Outage map on 24Oct16
Screen Shot by Geek For Hire, Inc.

What did you just say?

  • DDoS = A “Distributed Denial of Service” occurs when hundreds of thousands of messages are sent to specific internet addresses with the intent to overload that service and shut it down. (In this case, the intent was to take down Dyn in order to affect many websites and not just one.)
  • DNS = The Internet’s Domain Name System translates the URL’s we enter, like www.google.com, into “the numerical IP addresses needed for the purpose of locating and identifying computer services and devices.” (From wikipedia)

In the past, most DDoS attacks were focused on a particular website.  Last Friday, the attack was focused on a company which the NY Times calls “one of the Internet’s giant switchboards”, which had a devastating impact.

So, how is this MY fault?

Do you have a surveillance camera on your front door? A wireless printer? A “smart” refrigerator”? All of these are connected to the internet with their own numerical IP address.  The “bad guys” can run through a list of IP address to see which addresses can easily be compromised.  Once they’ve identified these devices, they can use them to add to their arsenal to send the messages that create the attack.

I still don’t get it.  How is this MY fault?

Do you use a password on all of your internet connected devices? Is it secure? A password of “admin”, “123456”, or “password” is NOT secure!  Have you ever been out looking for free WiFi, and something like “HP-M475-5E3F78” was presented as an available WiFi that you could connect to?  That is what happens when someone does not put a password on their printer.  There are literally millions of WiFi connected devices in the US.  How many of those are vulnerable to participating in these types of attacks?

Please make it a point to use a secure password on all of your internet connected devices.  Change it today!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website.  Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area and remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and the online streaming. I haven’t tried the Kindle lending library yet, but I’m tempted!   Prime is normally $99/year, but you can try it for 30 day for free by clicking on this link: Try Amazon Prime 30-Day Free Trial (Yes, we’ll get a small commission when you sign up.)

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Please follow and like us:
error

Sharing Your Social Media Identity with the Government

Every once in a while I read a story that makes me say:

WHAT?

Today was one of those days.  According to this article in arsTechnica, the US Customs and Border Protection is considering adding a new field to their Visa application process.  They will be asking visitors to the US to provide their Social Media Identity.  Apparently it won’t be a required field, but if you leave it blank, it will look very suspicious.

“The agency says travelers coming to the US…. won’t be forced to disclose their social media handles, but leaving it blank obviously could raise red flags.”

Additionally, the verbiage associated with the request is very nebulous.  According to the article:

‘Here’s what will be asked: “Please enter information associated with your online presence—Provider/Platform—Social media identifier.”‘

So, someone who is not paying attention may provide not just their ID, but might also provide their login and password info!

I have a couple of thoughts about this.

First, of course, is that anyone can find anything online, so adding a box on their form will just make the process a little easier for Customs to get your info.

Second, how will Customs keep this info safe?  How will they insure that someone can’t hack into their systems and capture the info – especially if some of those applications may contain ID’s and passwords?

why

Lastly, how will this help?  Call me cynical, but I don’t think someone entering the country with malicious intent is likely to be providing their “real” social media identity.

It is far too easy to set up multiple identities online.  Just look at me.  I’ve got an email for business, an email for personal stuff, an email for networking, and an email for signing up for stuff online.  It was easy to do this.  And once you have different emails, you can set up different social media accounts.

No, those folks will be providing their ”professional” social media account; the identity they use for LinkedIn to show that they are an upstanding citizen of their home country.  I fail to see how this new field on the visa application will keep out the “bad guys”.

What are your opinions about online privacy and multiple identities?  We’d love to hear your thoughts!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website.  Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area and remote service throughout North America.

Join Amazon Prime – Watch Thousands of Movies & TV Shows Anytime – Start Free Trial Now

Save

Save

Save

Save

Save

Save

Save

Save

Please follow and like us:
error
Tagged

Change Your Password!

In the last few days, we’ve had a bunch of calls from customers who have had their email hacked.  They are hearing from friends and clients that their email is sending out spam.  Some of them have been aggravated with us because they feel like their anti-virus should have protected them.  (Security software can’t protect you if someone else already has your password information.)

Here’s the deal.  Several years ago, LinkedIn was hacked.  Login credentials were stolen from approximately 117 million LinkedIn accounts!  Although this happened in 2012, one of the “bad guys” has recently decided to sell the credentials.

LinkedIn

According to this article from Tech Crunch:

Now, according to a new report from Motherboard, a hacker going by the name of “Peace” is trying to sell the emails and passwords of 117 million LinkedIn members on a dark web illegal marketplace for around $2,200, payable in bitcoin.

117 million LinkedIn emails and passwords from a 2012 hack just got posted online

CNN:Money adds their two cents:

Companies typically protect customer passwords by encrypting them. But at the time of the 2012 data breach, LinkedIn hadn’t added a pivotal layer of security that makes the jumbled text harder to decode.

Put on the defensive, LinkedIn is now scrambling to try to stop people from sharing the stolen goods online — often an impractical task. The company is also invalidating all customer passwords that haven’t been updated since they were stolen.

LinkedIn said it’s reaching out to individual members affected by the breach. This particular hack affects a quarter of the company’s 433 million members.

http://money.cnn.com/2016/05/19/technology/linkedin-hack/

Since many people use the same password on their other online accounts, the hackers can potentially access other accounts as well.

Our advice?  Change your passwords for LinkedIn and other social media sites today.  If you use the same passwords for other online sites, change the passwords for your email and banking accounts too.  (If you didn’t have a LinkedIn account prior to 2013, you should be safe.  This time.)

Changing your passwords on a regular basis is always a good idea!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website.  Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area and remote service throughout North America.

Join Amazon Prime – Watch Thousands of Movies & TV Shows Anytime – Start Free Trial Now

 

 

 

Please follow and like us:
error

The Scariness Increases

Ransomware

Chris forwarded a link to me the other day about some scary “malvertising”.  For those of you who didn’t have Senor Garcia for High School Spanish, “mal” is a Latin prefix meaning “bad”.  Other words you might be familiar with include “malware” and “malicious”.  And that’s what this is: Malware that looks like advertising, but really contains malicious code.

I can hear you saying: “But I know how to be careful and not click on stuff that looks suspicious!”  And that’s the issue right there.  These are “advertisements” that appear on highly respected websites.  ARS-Technica warns us that:

“Mainstream websites, including those published by The New York Times, the BBC, MSN, and AOL, are falling victim to a new rash of malicious ads that attempt to surreptitiously install crypto ransomware and other malware on the computers of unsuspecting visitors, security firms warned.

The tainted ads may have exposed tens of thousands of people over the past 24 hours alone, according to a blog post published Monday by Trend Micro. The new campaign started last week when “Angler,” a toolkit that sells exploits for Adobe Flash, Microsoft Silverlight, and other widely used Internet software, started pushing laced banner ads through a compromised ad network.”

Another technical site, MalwareBytes, mentions some other websites, including Newsweek, Realtor.com, and NFL.com.

And, the malware that is being downloaded isn’t your run-of-the-mill virus.  In many cases it is Ransomware, which takes all of your files and encrypts them with a special key.  You then need to pay a ransom to get the encryption key to get your data back.

This is not a message you want to see popping up on your screen!

Ransomware Image - source: http://arstechnica.com/security/2016/03/big-name-sites-hit-by-rash-of-malicious-ads-spreading-crypto-ransomware/
Ransomware Image – source: http://arstechnica.com/security/2016/03/big-name-sites-hit-by-rash-of-malicious-ads-spreading-crypto-ransomware/

What is our advice?

  1. Use an adware blocker like AdBlock Plus
  2. For some websites, they won’t show you ANY content unless you agree to see their ads.  In that case, never click on an advertisement.
  3. If you really are interested in a product or service that is being offered, go to the company’s site directly.
  4. Keep your data backed up to an external source.  And back it up at least once a month – more often if you are working with ever-changing and precious data.

If you need help getting rid of any malware, or learning how to regularly back up your data, give us a call!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PC’s for the past fourteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more at http://www.GeekForHireInc.com Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and the online streaming. I haven’t tried the Kindle lending library yet, but I’m tempted! Prime is normally $99/year, but you can try it for 30 day for free by clicking on this link:  Try Amazon Prime 30-Day Free Trial

Please follow and like us:
error