Category: Security

Backups Don’t Have to Be Hard or Confusing

diagram of cloud and mobile devices

Image courtesy of Pixabay

I love articles by How To Geek because they often cover basic information that my clients should know.  The articles are written very clearly but sometimes I make them even simpler by providing a shorter version and definitions of technical terminology.

I’ve talked about backups many times, so I think most of you will be able to understand this article as it is:  What’s the Best Way to Back Up My

If you know me at all, you will know that I recommend Chromebooks and Google Drive as the best solution for most people.  My second choice for simple and secure would be an Apple iPad and iCloud backup.

As they say in the article: “Everyone loses data at some point in their lives. Your computer’s hard drive could fail tomorrow, ransomware could hold your files hostage, or a software bug could delete your important files. If you’re not regularly backing up your computer, you could lose those files forever.  Backups don’t have to be hard or confusing.”

Please just make a decision and do it!  And check monthly to be sure it’s working.

If you need help, you can make an appointment here or call 760-348-8867.

Let us know what you use for backups in the comments below.

Thanks for reading and for sharing with others. 🙂

Enjoy!

Mardi

 

 

Google Password Checkup is Such Great News!

With the frequent news about security breaches, are you concerned that your passwords might be compromised?

Have you registered with https://haveibeenpwned.com/?

Are you feeling overwhelmed?

I’ve got great news for you!
Google Chrome Can Tell You if your passwords have been compromised!

Google has created an extension (software program) for its Chrome web browser that will alert you if a username and password is known to be unsafe.

The extension is called Password Checkup and it checks a database of 4 billion credentials that have been compromised (stolen and exposed) in various data breaches.

When the extension detects an insecure password, it will display a big red dialogue box telling you to immediately change your username or password.

Of course, allowing an extension to read all your usernames and passwords raises concerns about privacy.

Google is well aware of this and has designed an encryption system to keep all your information private and anonymous:

“We built Password Checkup so that no one, including Google, can learn your account details. To do this, we developed privacy-protecting techniques with the help of cryptography researchers at both Google and Stanford University. For a more technical description of these innovations, check out our security blog post.”

Here’s a short video tutorial on How to Install Password Checkup

Or follow these steps:

Click on the 3 stacked dots (upper right)
Hover over “More Tools”
Click “Extensions”
Click on the menu icon (upper left corner)
Click on “Open Chrome Web Store (lower left corner)
In the “search the store” box, type “password checkup”
Click on Install
Click the X to close the confirmation window

If Password Checkup lets you know that a password you use is unsafe:

Sign in to the account with the unsafe password.
Create a new, strong password for the account and any other accounts that use the same password.
If the site offers another security measure, like Two-Step Verification, consider setting it up.

Let me know how it goes by leaving a comment below

If you need help, you can schedule an appointment on my calendar here

I’m so excited to have a simple solution for keeping your passwords safe!
I hope you will forward share this tip with everyone you know.

Enjoy!
Mardi

P.S. I try to use as little Geek speak as possible, but you do need to understand a few terms.
I highlight them in bold so you can check yourself and look up the ones you don’t know.

Here’s a little self-test for you. How many do you know?
What is a web browser?
What is a browser extension?
Why does it matter if your account is taken over?
What is a dialogue box?
What does “account credentials” mean?
What does “compromised password” mean?

How To Make Your Technology Less Frustrating and More Fun This Year

“It’s that holiday time of year again, and that means it’s over the river and through the woods to…well, fix my family’s Wi-Fi and other tech problems.”  From: The Complete Guide to Giving Better Family Tech Support  by Jason Fitzpatrick
family-dinner-3407701_1280
Do you have someone in your family who takes care of your techie problems for you?

I was that person for my mother. In fact, she was the one who suggested that I start this tutoring business to help other retirement-age adults.

I often laugh and tell people, “I’m your person, when you don’t have access to any techie relatives or you don’t want to impose. ; )

I recently read a fun article by How to Geek. The Complete Guide to Giving Better Family Tech Support  and I realized that it’s time to remind you that, “a few times a year someone needs to make sure computers are up to date,photos are backed up, and the tech is humming along as it should, so you won’t be in a in a position to have people exploit your computers, lose your photos to a hard drive crash, or otherwise be miserable because you just didn’t know any better.  After all, you aren’t out there keeping up on all the tech news and reading how-to guides.”

image of computer with 2019 on the screenAnd, there’s another great article for the New Year… Lock Down Your Tech With These New Year’s Resolutions by Justin Pot.  It urges people to:

  • “Use a freaking password manager
  • Lock Down Important Accounts With Two-Factor Authentication
  • Backup Your Computer (Seriously)
  • Update (or Upgrade) Your Router
  • Clean Out Your Browser Extensions
  • Remove Unused Third-Party App Access From Google, Facebook, and Other Accounts
  • Encrypt Your Computers and Phone”

As I often say, “using technology is like driving cars, they need check ups from time to time, and you have to know the rules of the road for your safety and security.

sparkler-839831_1280No Worries…There Are Easy Ways To Get It All Done:

  • Read the two articles and follow their very clear instructions or
  • Send these tips to your “Family Tech Guru” so he or she can do it or
  • Hire me to teach you how to do it or
  • Hire me do it for you

Whatever you decide is fine, but  please make a decision and “get ‘er done” so you can have less frustration and more fun.

Wishing you a very happy new year and may your techie world be simple, easy and fun this year!

Enjoy!

Mardi

P. S. Please share this with your loved ones so they can get the help they need too.  Thanks!

How to Avoid Getting Scammed

This post was updated on October 20, 2018

Star Wars Gif,

Have you been receiving phone calls or been seeing websites that claim your computer is infected with a virus?

They are scams!  Clients call me quite often about these. Just this past week, I was working with a client when she received one and a couple of days later another client left me a message with a recording of it!  It’s actually pretty funny when you understand what’s going on!

So it’s time to for me to reminded you again, that neither Microsoft nor Apple is going to call you!  

Here is a link to an excellent page on Microsoft’s website that has everything you need to know about it.  Avoid Tech Support Phone Scams

Scam artists know how to scare people and get them rattled so they won’t think clearly and will react hastily.  They have been able to trick some pretty tech-savvy people.

These types of scams are not only stressful and expensive, but they cause considerable embarrassment. (Here is a video  from NBC News that explains how they work)

Here’s a recording of the calls being made to people here in the desert now.

The good news is that you can protect yourself with these Techie Tips:

Be aware that there are many variations on this type of scam.  It’s called Social Engineering.  They rely tricking people.  They use emails, fake websites and direct phone calls and they may claim that they are from Apple, Microsoft, the IRS, a Bank, Netflix, the FBI, AT&T etc., etc.. (there will me more…)

Here is the simple, easy way to handle all of these:  

    • Hang up the phone
    • Delete the email
    • Close the window (If the window won’t close, close the web browser if that doesn’t work, shutdown the computer and restart.

Do not call any number suggested

If you feel you must verify that it’s a scam, find the correct customer service number on your monthly billing statement and call the company directly or, If you look up the phone number on the internet, be sure that you are on the company’s website and not a fake look-alike site.)

If you get tricked by one of these scams, and allow access to your computer, don’t panic.  It will cost you $100 or more but it can be fixed.  You can:

  1. Take it to a repair shop for a complete check up and removal of any viruses or spyware.  (Let me know if you would like a referral.)
  2. Or you might just invest the money in a Chromebook instead.  (Call me for a free consultation to determine if a Chromebook is right for you.)

Note:  Running a scan with your antivirus software may not be adequate.  Each antivirus program has its strengths and weaknesses and you can’t depend on just one in a situation like this.  

The scammers may not have installed a virus.  They may have installed spyware, a keylogger (tracks the keys you use for typing passwords), or remote access software (to give them access to your computer any time they want).  Their goal may have been just to get you to pay for phony tech support but you can’t be sure. You should engage the services of a professional.

If you have passwords stored in a document on your computer, you may want to change all your passwords.  (Using a password manager will protect you from this complication.)

An even simpler solution to all of this is to use a Chrome OS computer and Gmail.  Gmail is very, very effective at sending scam emails to the Spam folder and Chrome OS does not allow scammers access to install spyware.

Some Chromebooks cost less than the price of a virus repair for a PC or Mac and you won’t have to pay annual fees for antivirus protection and backups.  Everything is done on “the cloud” so you can’t lose your files. Let me know if you want more information about Chromebooks.

I hope this Techie Tip has increased your confidence and alleviated any fears you may have had.  Now you can confidently and calmly,

  1. Delete scam emails,
  2. Close fake web pages,
  3. Hang up on scam phone calls.  (Feel free to give them a piece of your mind first if it will make you feel better.  Leo Laporte says, “Does your mother know that you’re doing this?”)
  4. Enjoy a peaceful techie life!

Please share this with your friends and encourage them to sign up for Techie Tips, so they can be safe and fully enjoy technology like you.   They can sign up here:

Enjoy!

Mardi

Holiday Shopping Safety Tips

This week I received an email from a client about the “UPS Package Delivery Failure” email scam.  He wanted to know if it was a real threat or just a phony scare.  It’s a real threat, it’s been going around for years, and I want everyone to be aware of it.

These scam emails say that a package delivery company was unable to deliver a package and include instructions for things you need to do, that will steal private information or install a virus on your computer.

The main thing you need to remember is that a delivery company will not ask you to print anything or submit information.  If an email asks you to do that, delete it immediately and call the company directly to see if they are trying to communicate with you.

Here is a link to an excellent article on Snopes that explains all the details.

Package Delivery Failure Virus

And while we’re on the subject, now is a good time to review some other safety tips for internet commerce.

Here is a link to good information from the Google Safety Center.

Online Shopping Safety

My “simple, easy and fun” solution is to
Be conscious that there might be hazards
Take time to look at things carefully
Trust your instincts and
When in doubt, ask me

Wishing you a peaceful and joy-filled holiday shopping season,
Mardi

More on the Equifax Debacle

In response to my last post about the Equifax debacle, one of my students sent me a link to this interesting article by Adam Levin, co-founder of Credit.com

I was curious how my student happened to find this, and I thought it was interesting that he is on the credit.com newsletter list because one of his doctors experienced a data breach and the doctor is provided him with credit monitoring by credit.com.

To keep things simple for you, I will quote the info that I found most useful but I encourage you to read the entire article, especially if you are a victim of the Equifax breach.

  • There are problems with freezing your credit report
  • The potential problems for those compromised go beyond credit cards and taxes
  • You can sue Equifax if your data was compromised
  • Tips for protecting yourself from now on

The Problem with Freezing Your Credit Report

“The New York Times reported still more bad news in the wake of the Equifax announcement.

The credit freeze service the credit bureau offered (originally offered for a fee until it finally decided to provide it for free for 30 days) generated PINs that were based on the time and date the PIN was created. These PINs are required to release the freeze whenever you need to grant access to your credit files in connection with a loan, an apartment rental, or a job application (where permitted by law). Unfortunately, they’re laughably easy for a hacker to guess before then.

The bigger problem is that a freeze needs to be in place at all three reporting agencies in order to be effective. As credit expert John Ulzheimer told the New York Times, putting a freeze on your credit with only one reporting agency is ‘like locking one of three doors in your house and leaving the other two unlocked. You’re hoping the thief stumbles on the locked door.'”

Types of Fraud to Be Aware Of

“…the threat goes way beyond maxed-out credit cards, fraudulent credit applications, and tax-refund fraud. With Department of Motor Vehicle information also in play, the risks are elevated. A fake ID made out in your name could cause you to get arrested for an outstanding warrant. In the realm of identity-related fraud products, a fake driver’s license is a luxury item for sure, but it’s still one that could hurt you if a scammer provides your information on a fake license the next time they’re pulled over for speeding or collared for a crime.

And then there’s the serious risk of medical-identity fraud. Consumers could see delays in prescription fulfillment because of fraudsters using their health care information. Worse, consumers may not be covered for health care expenses until they are able to prove they are who they claim to be using the same information that the crooks used—a frustrating and often complicated process.”

Legal Remedies

“One can only assume there will be lawsuits galore. In fact, one enterprising person has already automated the process. A robot lawyer is on the case, allowing consumers to automatically file a claim against Equifax in small claims court.

According to the Verge, consumers are still able to join class action suits while pursuing a small claims court remedy.

‘Even if you want to be part of the class action lawsuit against Equifax,’ the Verge reported, ‘you can still sue Equifax for negligence in small claims court using the DoNotPay bot and demand maximum damages. Maximum damages range between $2,500 in states like Rhode Island and Kentucky to $25,000 in Tennessee.'”

Protecting Yourself Now

“While it’s okay to hope that your services and vendors will do things right, you need to stay vigilant. And this should go without saying: if you can change privacy and authentication settings on a product or service, do it. If that’s not possible, perhaps you should consider finding a new vendor or service.

The easiest way to protect yourself, in my opinion, is by using a system called the “Three Ms.” The Three Ms is the centerpiece of my book, Swiped: How to Protect Yourself in a World Full of Scammers, Phishers and Identity Thieves, and the approach continues to be the best way to keep your personally identifiable information from being used in identity-related crimes.

And they are simple:

1. Minimize your exposure. Don’t authenticate yourself to anyone unless you are in control of the interaction, don’t overshare on social media, be a good steward of your passwords, safeguard any documents that can be used to hijack your identity, and freeze your credit.

2. Monitor your accounts. Check your credit report religiously, keep track of your credit score, and review major accounts daily if possible. (You can check your credit report for free at Credit.com.) If you prefer a more laid-back approach, sign up for free transaction alerts from financial services institutions and credit card companies, or purchase a sophisticated credit- and identity-monitoring program,

3. Manage the damage. Make sure you get on top of any incursion into your identity quickly, and enroll in a program where professionals help you navigate and resolve identity compromises—oftentimes available for free, or at minimal cost, through insurance companies, financial services institutions, and HR departments.”

“…Equifax is not the first, nor will it be the last, breach of note. Being prepared and alert is still the best remedy, because breaches have become the third certainty in life—right behind death and taxes.

A final tip: check with your insurance company, financial services institution, or employer. You may already have access to identity protection and resolution services, which is your best bet when it comes time to navigate the identity theft quagmire.

Many thanks to Adam Levin and credit.com for this helpful information.

I invite you to post comments or questions below and I will respond.

Enjoy your day in any case!

To receive my Techie Tips emails and notifications about online classes and free webinars sign up here

Equifax Data Breach

I hate to trouble you with bad news, but you need to be aware of this.

Equifax, one of the three major credit reporting bureaus, has revealed that an estimated 143 million U.S. customers may be affected by a data breach carried out by criminal hackers. It includes names, Social Security numbers, birth dates, addresses, and driver’s license numbers. Additionally, credit card numbers for approximately 209,000 U.S. consumers and dispute documents with personal information for approximately 182,000 consumers may have been accessed.

Many thanks to Kim Komando who has written an excellent article which you can read here for all the details. My simple and easy version for you is…

Equifax is sending direct mail alerts to customers whose information was included in the data breach. Keep an eye out for the notice in your mailbox.

The company has created a website, www.equifaxsecurity2017.com, to help consumers check if any of their information has been affected. However, the tool requires you to provide your last name and last six digits of your Social Security number to initiate the check. I question if it is a good idea to give information to a company that just experienced the largest credit bureau data breach in history.

You can call Equifax’s dedicated customer care number 866-447-7559 to check but, judging by the magnitude of the breach, there will probably be long wait times. Let me know if you try that and how it goes so I can let others know.

If you use the website tool and are found to have been affected by the breach, you will be offered a chance to use Equifax’s own credit monitoring program, TrustedID Premier, free of charge for one year. However, you will have to agree to its Terms of Service and buried in the fine print is this a specific arbitration clause that waives your ability to participate in a class action lawsuit against Equifax.

Considering the extent of the stolen information, I doubt that one year of free credit monitoring is enough. With Social Security numbers involved, the threat of identity theft for those affected will assuredly be lifelong.

Kim suggests that you put a credit freeze on your accounts and she provides excellent instructions on how to do that here.

Other Important Steps To Take If You Are Affected

Scammers use the information they’ve stolen to target victims with other scams. If your data was compromised, please take extra caution and watch out for the following schemes:

Keep an eye on your bank accounts – You should already be checking your bank accounts online or your paper statements for suspicious activity. It’s even more critical now. If you see anything that seems strange, report it immediately.

Beware of phishing scams – Scammers will try and piggyback on data breaches like this. They will create phishing emails, pretending to be from the affected company, hoping to get victims to click on malicious links that could lead to more problems. They are tricky so call me if you suspect anything.

I hope you are not affected by this. (If you are, let me know.)

As always, if you have any questions or if you suspect a scam, feel free to call me and leave a message. I will get back to you just as soon as I can.

In any case, I hope you enjoy your day,

Mardi

What to Do With An Old Computer

When I saw this astonishing video I realized that I should address this issue in my Techie Tips.   

Screenshot 2017-09-09 at 11.06.45 AM

When clients ask me what to do with their old computers, I recommend recycling them at Best Buy.  It’s quick and easy.  You just drop them off at the customer service desk.  

Many times, my people like to donate them to a charity or give them to a friend or relative.

In any case, you need to protect the data on your hard drive if you have any sensitive information on it that you would not want criminals to see.

How It Works

You cannot actually erase data on a drive.  When you delete something, the space on the drive gets marked as “vacant” or “writable” so new data can be written over it.  The original information is still there until it’s overwritten and can be found with specialized software.

Some people assume that they can reformat their hard drives, but that just erases the directory that the computer uses to find the files.  It doesn’t delete the files.  The physical bits and bytes still exist.  With regular use, the data  will get overwritten, but it’s a random process and you won’t know which files have been overwritten and which haven’’t.

A “full format” will overwrite the drive with zeros but it’s still possible to recover data with specialized software.

The Solution

DBAN is a free software that overwrites the drive multiple times.  I found a comment online by a Tech who said that after 20 passes, nothing can be recovered.  He swears by it 100%.  I looked up DBAN and it has a disclaimer that it’s not “certified safe.”  I imagine certification would be important in situations where there is legal liability — where you are responsible for someone else’s sensitive data.  If you are willing to install the software and do 20 passes this might be a good solution for your needs.

The most common recommendation is to remove the hard drive from the computer and smash the disks or memory chips with a hammer (wear safety glasses.)  I did that with my old PC laptop and I thought it was fun but you might not share my enthusiasm for taking things apart to see what’s inside.  

I told Angel Sanchez at NYPC Repair (on Hwy 111 in Palm Desert near the Red Barn) that a lot of my clients would probably not want to deal with removing the hard drive and he said you are welcome to bring your computer into the shop and they will take it out and smash it for you with no charge!  Isn’t that great!  Love NYCP Repair!

In Summary

Now you know the whys, the hows and simple solutions.  Your choice will depend on your level of comfort about the security of your files.  For most of us, it isn’t an issue but if it is, you know what to do.

As always, let me know if you have any questions or need help.  

Enjoy!

Mardi  

P.S. If you have found this information helpful, please support my mission to make technology simple, easy and fun for mature adults.  Share this post with others and encourage them to sign up to receive all my Techie Tips via email.   They can sign up here  Thanks!

Get control of passwords the simple, easy way with Keychain

use keychain to login to websites automatically

Apple’s Password Manager Rocks!

Apple’s password manager is one of the many reasons that I recommend buying Apple computers. I know they seem expensive but when you see the value, you will find a way. I just bought a Refurbished MacBook Pro for only $475 and I love it almost as much as my Chromebook!

Safari offers to remember your passwords and log you in and, when you create a new account, it suggests a complex, secure password.

It works the same on your mobile devices too.

(There may be times when a website doesn’t allow autofill, for example, at public terminals or when a site has been coded to specifically block autofill)

Here’s How It Works

When you login to an account, Safari asks you if you want it to remember the password and you just click on “Yes”.

If it doesn’t ask, check the Preferences

  • Click Safari
  • Click Preferences
  • Click Passwords
  • The check box next to “Autofill user names and passwords” needs to be checked
  • Close the window by clicking the red dot.

Note: this is where you can go to see a list of your sites and their passwords too.

To see your passwords

  • Click Safari
  • Click Preferences
  • Click Passwords
  • Check the box next to “show passwords”
  • Enter your Admin/Owner password
  • Select the site for which you want to see the password.
  • Close the window.

Safari Autofill

Safari will autofill, forms on websites with account and credit card information and your contact information.

  1. Click Preferences
  2. Click Autofill to verify that these options are checked or to uncheck them if desired

It’s convenient features like these that make Apple products such a pleasure to use.

If you have questions about buying a computer or if you need help with Keychain or other apps, just call or send me an email and we’ll set up a time to get together — in person or via remote access.    Enjoy!

You Can Be A Hoax Slayer

Displaying Displaying pasted image 0

Friday, I received a call from a client about a phishing scam that was very convincing. It’s time to review the guidelines again.

“Be wary of ANY message that claims that you must click a link or open an attachment to upgrade account details, rectify a supposed account issue, or implement new ‘security’ measures. If you receive a suspect message, do not click on any links or open any attachments that it contains. Instead, login to your account by entering the address into your web browser or via an official account application.”

This particular scam was pretending to be from Microsoft Outlook Team but there are others for Facebook, Yahoo, dating sites, and more.

Here is a great resource for you: Bookmark http://www.hoax-slayer.com It has information about email, social media and internet scams. Many thanks to Brett for his voluntary service on our behalf.

Please share this with the people you care about and encourage them to call me whenever they have a question or need help with their techie tools and toys. My passion and mission is to help you and your loved ones more fully enjoy the many benefits of computer technology while keeping it it simple, easy and fun. Thanks!

Enjoy!
Mardi

%d bloggers like this: