Tech – for Everyone

Tech Tips and Tricks & Advice – written in plain English.

Yahoo: Your Personal Info Stolen

If you use Yahoo! mail (or your ISP uses Yahoo Mail) you need to read this news item.

* Yahoo breach; at least 500 million accounts affected

According to a company statement, stolen information may have included names, email address telephone numbers, birth dates, hashed passwords and, in some instances, encrypted or unencrypted security questions and answers.Read more..

[ I think it’s safe to mentally remove the “may have” from that.. ]

Please forward this on to your friends and loved ones who use Yahoo! Mail. Tell ’em they need to change their passwords, and beware of suspicious “phishing” emails that sound like they know you..

And if you don’t know what “phishing” is by now.. please stop using the Internet.

Today’s quote:The best argument against democracy is a five-minute conversation with the average voter.” ~ Winston Churchill

Copyright 2007-2015 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.


>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<


All we really have, in the end, are our stories.
Make yours great ones. Ones to be proud of.

September 23, 2016 Posted by | advice, cyber crime, e-mail, hackers, Internet, News, privacy, security | , , , , , , , , , , | Leave a comment

12 Scams of Christmas (and Yahoo, too)

Folks, as we approach the Holidays, please be aware, and remind your friends and family, that we are now in the peak scam, ripoff, fraud, and – of course! – phishing season. The vermin are happily and busily creating phony online stores, and filling our Inboxes, Faceboook, and Twitter with bait and lures of all types.

Holiday shoppers can expect cybercriminals to be out in force this season,” said Michael Kaiser, executive director of the National Cyber Security Alliance. “Shoppers should be alert to scams and other attempts to lure them to provide personal and financial information that could lead to data loss or the infection of an Internet connected device. We encourage everyone to STOP. THINK. CONNECT. and make sure they have taken security precautions, understand the consequences of actions and behavior and enjoy the benefits of holiday shopping online.

McAfee has released a list of the most popular scams on the Internet during the holiday season. You can see them here: 12 Scams of Christmas

We should/can take steps to increase our safety, security and confidence online with these simple tips:

  • Keep a Clean Machine: All the devices you use for shopping – including smartphones and tablets – should have up-to-date software including security software, operating systems and other key programs and apps.
  • When in Doubt, Throw it Out: Links in email, tweets, posts, and online advertising are often the way cybercriminals compromise your computer. If it looks suspicious, even if you know the source, it’s best to delete it.
  • Think Before you Act: Be wary of communications that offer amazing deals that sound too good to be true, implore you to act immediately – including indicating a problem with an order or payment—or ask you to view the website or an account via a provided link.
  • Protect your Personal Information: Be alert to the kinds and amount of information being collected during transactions. Information requested should only be enough to complete the transaction. Only fill out required fields on checkout forms. Check the website’s privacy policy.
  • Use Safe Payment Options: Credit cards are generally the safest option. They allow buyers to seek a credit from the issuer if the product isn’t delivered or isn’t what was ordered. Credit cards may limit the monetary amount you will be responsible if your account is compromised. Never send cash through the mail or use a money-wiring service.
  • Make Sure the Site is Legitimate: This includes a closed padlock on your web browser’s address bar or a URL address that begins with shttp or https. Check reviews of sites you have never used before.
  • Keep a Paper Trail: Save records of your online transactions, including the product description, price, online receipt, terms of the sale, and copies of any email exchange with the seller.

Yes, great deals can be found. I am not saying don’t shop online — but I am saying now is the time to double-up on your “paranoid common sense”. Nobody’s protecting you; there’s no “Internet police”. But there are *scumbuckets* intent (focused like a laser beam) on stealing from you. Thousands and thousands (and thousands!) of them.

This looks suspicious to me too

Um… But I don’t have an Am Ex Merchant Account…

There’s a whole stack of other depressing news, too. But I’ll spare you. I’ll just say – again – let’s be careful out there. Be well, at your earliest easement.

Update: I’m on my third day of Yahoo Mail uh, um, ‘technical difficulties’ (which they first called “routine maintenance”). I’m not alone. Yahoo forced to acknowledge Yahoo Mail problems in worst failure yet

After a public UI and technical failure with its October redesign, Yahoo Mail miraculously gets worse as it goes. And then, Yahoo acknowledges delivery failures stretching back to November 25.Read more..

Do you Yahoo? It’s a good (and valuable) read even if you don’t.

Today’s quote: “When the pupil is ready, the teacher appears.” ~ ?

Copyright 2007-2013 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.


>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<


All we really have, in the end, are our stories.
Make yours great ones. Ones to be proud of.

December 12, 2013 Posted by | advice, cyber crime, how to, Internet, News, security, social networking, tech | , , , , , , , , , , , , | 1 Comment

Life in the slow lane

It is a summer Friday, and I’m putt-putt-ing along in ssllooww-motion. It is terribly nice to take a vacation once in a while. I hope you all have had some time off, to enjoy the longer days and warmer weather, too.

* I have had several clients call me recently after suddenly being no longer able to log in to their email accounts, or had received emails from friends saying, “Hey! Quit spamming me!“. In each case, a spammer had “hijacked” their email accounts. Affected were Yahoo! Mail, AOL, and Earthlink. (Yes, I have clients still using AOL..) All of those clients use AT&T as their ISP..
And AT&T uses Yahoo! Mail (and owns Earthlink)..
And Yahoo! has had several major “hacks” of the user database(s).

IT_trafficIn the cases where they just suddenly could no longer log in, the service provider had shut down the account to stop the spamming, they (my clients) had to contact the service provider’s tech support, prove they were really themselves, and have their passwords reset. In the other cases, they had to log in and change their passwords to lock the spammer out.

Hacker spammers. A few bad apples really do spoil the whole barrel. It’s past time we put some teeth into CAN-SPAM, and made it international. Dontcha think? Day before yesterday, a woman told me she’s reverted to snail mail and the telephone. Doesn’t trust email anymore. Wonder how many others…?

* Changes are in the wind:

Do you remember Rehteah Parsons? Seems they changed a law.. Arrests made in Nova Scotia assault, cyberbullying leading to suicide

Two were arrested Thursday in the case of Rehteah Parsons, 17, a Nova Scotia girl who took her own life after a sexual assault and cyberbullying, police said.”  Read more..

Snowden’s privacy-oriented email provider shuts down under U.S. government pressure

An American company that specialized in highly encrypted email suspended operations today. The abrupt shutdown of Lavabit, a small Texas-based company, is suspected to be related to a court order related to its best-known customer, NSA leaker Edward Snowden.Read more..

White House Proposes Cybersecurity Insurance, Other Incentives For Executive Order

Goal is to provide financial and other perks for participation in voluntary cybersecurity framework.Read more..

How ’bout some Friday Fun Video action.. a little “slower” than my usual..

Today’s quote:I’m in a hurry to get things done
Oh I rush and rush until life’s no fun
All I’ve really gotta do is live and die
But I’m in a hurry and don’t know why….
~ Roger Murrah and Randy VanWarmer

Copyright 2007-2013 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.


>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<


All we really have, in the end, are our stories.
Make yours great ones. Ones to be proud of.

August 9, 2013 Posted by | computers | , , , , , , , , , | 2 Comments

A few interesting items…

* An inside look at Internet Explorer 10’s mysterious Flash whitelist

In Windows 8 and especially on Windows RT, your ability to run Flash programs hosted on the web depends on whether a site is included on Microsoft’s Compatibility View list. So what does it take to get added to that list? And what can you do if a favorite Flash-based site won’t work?” Read more

* Nine changes to the default Word 2013 settings (short slideshow)

Some of the default settings in Word 2013 just don’t work for him, so before he does anything else Mark Kaelin changes them.View on site

A lot of you had your Yahoo! Mail accounts hacked (and everyone in your Contacts list received an email containing a dangerous link…). If you haven’t done so in a while, you probably want to change your password. (And yes, you have to be suspicious. Just because a link seems to come from a friend, doesn’t mean they really sent it to you..)

* Yahoo Mail users hit by widespread hacking, XSS exploit seemingly to blame (Update: Fixed)

Late last night reports started coming in suggesting that Yahoo Mail users have had their accounts hacked. While “hacked” is a very broad term nowadays, it does appear that Yahoo email accounts are being compromised after users click on a malicious link they receive in their inboxes.Read more..

* Java zero-day infections pick up steam

An exploit that takes advantage of a gaping hole in Java has exploded across the globe, according to security firm Kaspersky Labs.Read more..

Related: Remove Java (+ A Friday Fun Video )

And this article seems a bit late to the game to me..

* Ditch the problem router and move to Wireless-N

If you’ve been having problems with your Wireless-G Wi-Fi, it might be time to consider an inexpensive upgrade to Wireless-N.” Read more..

Well, I’m out of time. Have a great day, everybody!

Today’s quote:What I just said is the fundamental, end-all, final, not-subject-to-opinion absolute truth, depending on where you’re standing.” ~ Steve Martin

Copyright 2007-2013 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.


>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<


All we really have, in the end, are our stories.
Make yours great ones. Ones to be proud of.

January 14, 2013 Posted by | computers, cyber crime, Internet, News, tech | , , , , , , , | 4 Comments

Advice for hijacked Yahoo! mail

From the Reader Mail Department

A Reader wrote in with a question that might be pertinent to some of you..

Contact Tech Paul
Message:” I’m almost sure people have cracked my password to yahoo, because everytime I want to open my account, the password does not work
How do I find out who has gotten into my yahoo email?”

Sent by an unverified visitor to your site.

A: Unless it is someone in your own environment (with access to your computer) I doubt anyone could figure out who has “broken into” (and it sounds like, ‘hijacked’) your email account. In the recent past, Yahoo has been “hacked” and 100,000’s of email address/passwords stolen, many times. (for example, http://www.zdnet.com/yahoo-confirms-400000-accounts-hacked-less-than-5-valid-7000000812/).

But I wouldn’t worry about the “who” so much as I would worry about regaining control of your account; and the way to do that is through Yahoo!.
(Usually the process is started by clicking the “forgot my password” link.)

Try these methods, in order.
1) http://answers.yahoo.com/question/index?qid=20101007173522AAkWiz9

2) http://pctechnotes.com/how-to-recover-your-hacked-yahoo-account/

If you verify that you were indeed hijacked, you might have luck writing to Yahoo! and asking for an investigation… But since Yahoo! Mail is a free service, I doubt there is much they’ll do. But you can try.
And a computer forensics specialist might have methods I am unaware of, but they do not work cheap.

Good luck, and regards, TP

Today’s quote:I hope I shall possess firmness and virtue enough to maintain what I consider the most enviable of all titles, the character of an honest man.” ~ George Washington

Copyright 2007-2012 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.


>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<


All we really have, in the end, are our stories.
Make yours great ones. Ones to be proud of.

November 3, 2012 Posted by | advice, computers, how to, Internet, passwords, tech | , , , , , | 1 Comment

Managing Your Inbox*

One of the very first things I do in the process of starting my day is I check my e-mail Inboxes. It is as much a part of my routine as my morning cup of coffee. This morning, it struck me that you do not have to be a computer geek to realize and appreciate that electronic communication has become an important — if not vital — part of our lives. And that it has changed the way we live.

If you will pardon a little self-indulgent reminiscing, I would like to tell you in a before-and-after manner, that I am old enough to well-remember what it was like in the days before email, Instant Messaging, and cell phones. In my High School years there simply were no such things. (There were no ATM machines either, if you can imagine that.)

When I wanted to find out what my friends were up to, I picked up a Slimline telephone (with cord) and tried to catch them before they left, but I usually had to track them down by “making the rounds”, in person, of our ‘hangouts’…which put a lot of miles on my 10-speed bike.

Besides ‘Ma’ Bell, the other method of communicating was the mail, now known as “snail mail”. How we ever got along back then is beyond me.

Today the speed at which I transmit written correspondence is limited only by how frequently the recipient checks their Inbox. My pals answer their phones no matter where they are (or their voicemail does) or what they’re doing.. who doesn’t carry a cellphone? I not only talk to my niece and nephew out on the East Coast, but I can see them via “videoconferencing” (free). Or I can “chat” with IM, no matter the miles of separation (also free).

But of all these modern methods, I rely the most on email. Email is the main way I stay informed and in contact with my friends and kinfolk, and the same is probably true for you.

Because I am an “email guy”, I am perhaps overly aware of the negatives of email. I am peeved by spam, alarmed by phishing, nervous about privacy, and paranoid about hackers and e-criminals. I have written a few articles on these ‘negatives’ and how to combat them, and my “Tip of the day” today is,  if you have not read them, to consider clicking on the following links.
Managing your email: eliminating the junk

Managing junk mail in Outlook/Thunderbird
They ARE reading your mail

How to block ads
Simple e-mail encryption

It is my hope that the knowledge you find there will make using the modern miracle of electronic communication a safer and more pleasant experience.

Note: I just have to add.. be very leery of e-mail attachments, and don’t ‘open’ them from people you don’t know. And I know you’ve heard this a million times — never click the link. Type the URL into your browser, it is easy to make them look like they go one place, and they really go someplace else.

Today’s free download: If you are considering building your own website, or are interested in free WYSIWYG web-authoring tools, a nice tool is the free version of Web Easy Professional, by V-Comm.

Copyright 2007-9 © Tech Paul. All rights reserved.jaanix post to jaanix

Share this post :

May 7, 2009 Posted by | advice, computers, e-mail, how to, Internet, security, spam and junk mail | , , , , , , , , , | 2 Comments

Simple E-mail Encryption

Who’s reading your e-mail? Are you sure it is only the person you sent it to? Could it hurt you, or your business, (or, your election campaign?) if someone else was reading it? Wouldn’t it be great if you could ensure that only the intended recipient could read it?

In prior articles, I have explained (in my limited way) that the encrypting of files, and sending them to someone else, where they then need to decode them, is best done by the exchanging of “keys” in what is called “Public-key encryption” (for Wikipedia’s explanation on that, click here). I will not be lecturing on that today.. though, I invite you to click the link if you’re interested in (or curious about) cryptography.

It is not hard to understand how encrypting your writing — so that it can travel across the Internet in an unreadable format — is a “good thing”.. a desirable thing.. and would have serious benefits.
The encrypting of e-mails is often required by businesses, and they install cool (and expen$ive) machines on their networks that automatically encrypts all company e-mail. But what about us? Here at home? How do we do it? Can it happen automatically.. like it does at our job? Well, yes and no. The first step is to get yourself a “key”.

I mentioned in a previous article that I had started using a new (to me) e-mail client (Windows Live Mail) to access my webmail accounts. Live Mail, and all other e-mail clients (Outlook, OE, Thunderbird, etc.) natively support the use of “keys”, and allow you so “sign” and/or encrypt your e-mail with a single click… assuming you have taken a couple of steps first.
You may have noted that I have been putting the word key inside quotes; that’s because when I’m speaking at the level of how crypto works, I am actually speaking about algorithms and when I talk about using those keys, I am talking about “Certificates”. To encrypt your e-mail you need to get a Certificate… which is really a key (pair). Confusing, I know.

Tip of the day: Get a Certificate for your e-mail account(s). There are several Certificate Authorities that offer free Certificates for the personal use in e-mail, but I have found that if you are using any Microsoft products.. or you suspect that your recipient(s) may be using Windows and/or Outlook (which is a fairly good bet), you want to get your e-mail certificate here:
Today’s free link: Comodo Free Email Certificate

image

Fill in the form, and use the e-mail address that you want to protect with encryption (If you use more than one e-mail address regularly, repeat this process for each one: each account needs its own Cert), and click on the “Advanced Private Key Options” link, and place a check in the “User protected?” checkbox, and enter a “Revocation password (twice). Click “Agree & C ontinue”.

A window will open telling you that a Certificate isimage being “requested on your behalf”.. agree. Now you will see the screen (pictured). Click “OK”.

If all goes as it should, the Comodo webpage will change to a “Congratulations!” page, and instructs you to check the Inbox of the account you created the Cert for. Do so. There will be an e-mail from Comodo containing a link. You will need to click it to complete the process (Copy>Paste links into the address bar of your browser, remember?!).

 

image

Your e-mail will look like this. When you’ve copy>pasted the e-mail’s link into your browser’s address bar, and requested the Cert download, Windows will then automatically try to install it for you, but needs your permission..

image

Click “Yes” to give it.

image

This tells you you’re done, and now you can digitally “sign” your e-mail.. which is the first real step to exchanging encrypted email.. which I will describe tomorrow.
Now, e-mail a link to this article to the person(s) you want private conversations with, and tell them to click the link and follow the Comodo wizard and get their key.. you’re going to need it. Once you and they do this, encryption is a click away.

The conclusion of this How To is now available here.

Copyright 2007-8 © Tech Paul. All rights reserved.jaanix post to jaanix

Share this post :

September 18, 2008 Posted by | advice, computers, e-mail, encrypting files, how to, Internet, security, software, tech | , , , , , | 3 Comments