Charles Tips – Rampant Phishing

When working in the web world as I do, Internet scams appear to be everywhere.

Phishing is defined as the act of attempting to trick the recipient of a malicious email into opening and engaging with it.

It’s amazing how people fall for phishing scams. They fall for them mostly because the emails are designed to appear like the writer isn’t too bright. So immediately the recipient thinks they have the upper hand. Many count on the recipient’s greed – believing they’ll get something for nothing.

The bad guys that develop these schemes are experts. All they do is work scams – day and night. They wouldn’t continue if it didn’t pay off in the long run.

Phishing
Phishing – Will you bite?

I read someplace that billions of dollars annually are conned out of people through the various scams out there on the Internet. For the most part – I hate to say – they can’t be stopped. They are sent from all types of email addresses, all types of servers, from all over the world.

Bottom line is that you should keep deleting them. The best course of action is to stop responding to them and opening them. Report them as spam or report them as phishing attempts. Your email provider may provide insight with how to do this. They will ultimately stop coming.

Remember that if the bad guys can’t trick you into parting with your money they will focus on someone else – until they find someone who does. Just don’t be that someone.

Charles Tips – Email Update Scam

Last week I wrote about possible dangers of “FREE” offerings.

While verbiage varies, the end result is the same if you follow their link: headaches of an unimaginable magnitude for you!

Here’s an example of many I see each day in our company emails:
____________________________________________
Dear  charles@charlesworks.com ,

Your mailbox quota is full.
This may cause your mailbox to be disabled or you may no longer be able to receive more emails

to continue using your mailbox. You will need to upgrade your mailbox quota immediately. This service is free.

 Re-update your account 

Note: Failure to update your account might lead to permanent deactivation of your account.

Thanks,
The Security team. 2019

____________________________________________

Clicking lands you on an extremely convincing page. One wanting me to enter my email login information even had “© 2018 CharlesWorks” in it.

These work based on two principles: Offering the FREE “we’ll fix it” service and threat of imminent services loss. Together they convince you to bite. Especially that sense of urgency! Remember the world isn’t going to halt if you don’t act right away – it can wait until you deal with it properly.

Companies don’t have you “verify” your email account this way. If anything seems fishy concerning your email, call your email provider and ask for assistance. That’s what you pay them for!

Charles Tips – Email Security

Compromised email can be an important component of identity theft. People take much of today’s electronic communications for granted.

Think about what’s connected to your email accounts – activities like shopping and even online banking to name a couple. Hackers getting into your email can give them an open doorway into many aspects of your financial and personal life. The losses incurred through compromised email can be enormous.

Good security practices are great deterrents. Start by using strong passwords to mitigate such losses.

Wireless connections can be “sniffed”, meaning hackers can wait nearby and record the information being sent and received over the connection.

Always access your email using encryption. Encryption makes it close to impossible to decode the wireless traffic. With email clients like Outlook, Thunderbird, Apple Mail or even a mail apps on phones, make sure encryption is turned on. With webmail through web browsers be careful to access it using https:// to ensure an encrypted email server connection.

Free wireless hotspots are a haven for hackers. You are pretty safe as long as you are using encrypted connections.

If you don’t understand how to set up and use encryption, call your web hosting, email or device provider for help. Don’t risk potential losses.

Charles Tips – Passwords

In keeping with the basics, a common issue we see at CharlesWorks involving our web clients in general has to do with passwords.

A trick to remember with passwords is to keep them simple yet complex and different enough so they aren’t easily guessed. A very good way to have a secure password is to use words or combinations of words that mean something to you but not anyone else. It’s also more secure if you use a capital letter where one would not normally be expected. Here’s an example of making a typical word into a secure word just by changing which Letters within the word are capitalized:
PeteRborOugh

Or you could go a step further by using numbers in place of some of the letters so you have both numbers and capital letters:
Pet8Rbor0ugh

To really beef up security, in this example we’ll make it 2 words separated by a hyphen or a number:
hEll064bYe

Using a couple words in this manner will pass the security requirements for many systems. You can use a couple words that you can remember and therefore don’t have to write down anywhere.

Needless to say, post-its on your monitor should be avoided. Hopefully this CharlesWorks tip will help get you away from that habit!

Charles Oropallo (Charles@CharlesWorks.com) started CharlesWorks in Peterborough NH in 1998. His team does website design, hosting, search engine optimization (SEO) and related web services.