Charles Tips – Who owns your Domain?

Domain ownership is like home ownership. Domain fees are like home taxes. Stop paying taxes and see who really owns your home!

Domains are sold through hundreds of “domain registrars” around the world. It costs in excess of $50,000 to become a registrar. Registrars answer to ICANN (Internet Corporation for Assigned Names and Numbers). It maintains a database of all domains to ensure domains can’t be duplicated.

Most domains are registered by web development companies. Accepted common practice is to obtain domains for their client, set it up and build a website accessible with it.

Losing a domain can easily be avoided. Common reasons I have seen for folks to lose their domain names are as follows, in the most common order:

1. Renewals ending up in spam buckets or returned with dead/outdated email addresses.

2. Church parishioners/employees who have a falling out.

3. Business employees who move on regardless of circumstances.

Avoid Gmail, Yahoo or other “freebie emails” with your domain. You’ve ZERO control over and can’t even call them.

Seek out reputable web developers OUTSIDE your organization to handle your domain names. Avoid “one man shows” and startup developers. Use BBB accredited businesses who’ve been at it at least 10-20 years. They’ll likely look out for you and protect your domains.

Charles Tips – Email Update Scam

Last week I wrote about possible dangers of “FREE” offerings.

While verbiage varies, the end result is the same if you follow their link: headaches of an unimaginable magnitude for you!

Here’s an example of many I see each day in our company emails:
____________________________________________
Dear  charles@charlesworks.com ,

Your mailbox quota is full.
This may cause your mailbox to be disabled or you may no longer be able to receive more emails

to continue using your mailbox. You will need to upgrade your mailbox quota immediately. This service is free.

 Re-update your account 

Note: Failure to update your account might lead to permanent deactivation of your account.

Thanks,
The Security team. 2019

____________________________________________

Clicking lands you on an extremely convincing page. One wanting me to enter my email login information even had “© 2018 CharlesWorks” in it.

These work based on two principles: Offering the FREE “we’ll fix it” service and threat of imminent services loss. Together they convince you to bite. Especially that sense of urgency! Remember the world isn’t going to halt if you don’t act right away – it can wait until you deal with it properly.

Companies don’t have you “verify” your email account this way. If anything seems fishy concerning your email, call your email provider and ask for assistance. That’s what you pay them for!

Charles Tips – Free Counters

It surprises me how many people still fall for anything with “FREE” attached to it. We shockingly still see “free counters” on many websites. They’ve been around as long as the web. Newbie web users still get fascinated by counters showing site visitor numbers.

There are problems with some freebies. If you visit a website and see that 3 people have visited it, that doesn’t exactly instill confidence in the site.

An aesthetic issue is that really nice, elegant looking websites don’t usually have counters. So site visitors aren’t distracted by traffic to the site. In fact, site counters are simply not that much in fashion these days.

Another problem is that many free counters are actually security risks. For an example, I recently read about a “Free SuperCounter Widget” that many have been using. It redirects site visitors to other sites (like dating and gambling and so on). So folks installing this counter were unwittingly sending site visitors away from their site.

Even more insidious is where the counter loads malware/viruses into the website – infecting site visitors as well.

The bottom line here: Yet another simple lesson about getting what you pay for. If your site has been infected, contact us or your developer for help.

 

Charles Tips – SSL hype

Let’s broach the topic of SSL (Secure Socket Layers) and their importance on the web.

Using SSL is like sending certified mail through the post office. Mailing certified letters requires a signature by the receiver. The sender knows it got to the right place. SSL is instantaneous!

SSL is a security protocol (specified way of doing things) that helps guarantee that the browser you are typing information into is actually connecting with the website you believe you are connected to. This is extremely important when doing online banking, sharing private or personal information, or using your credit card. SSL is important regardless of the device (phone-tablet-laptop-computer) you’re using.

Besides ensuring you’re reaching the correct destination, SSL is MOST important when using devices through public WiFi (hotspots). They can be “snooped” by hackers. “Snooped” means hackers can sit in a parking lot near a place with WiFi and easily record all data communications happening. It is a hacker’s gold mine for people not security conscious.

Businesses expect to pay roughly $70-$199/year plus installation for SSL on a website. At CharlesWorks, it’s part of the hosting – with NO additional ongoing charges.

SSL is important! Feel free to contact us for more information.

Charles Tips – Email Extortions

With 20+ years in the web business, scams and schemes to steal from people still amaze me.

Several web clients have made me aware of a scam to frighten them into making a bitcoin payment.

They’re from addresses like “Anonymous Hacker” or even your own email. Subjects are “You have been hacked” or similar. They gloat they’ve infected you through some (usually unsavory) site you visited. They explain how they did it in terms most folks don’t understand – making you think they are really an expert – and frighten you into believing they’re monitoring your computer.

They threaten to send very personal items and even videos of you to everyone you know unless you comply with the demand within some short time period. They warn if you report them, they’ll distribute the “dirt” on you immediately.

We try to force these messages to spam on our servers. Sometimes they get through. We reassure several people each week they are a scam because they usually are.

However, devices DO get hacked. If you truly believe you’ve been hacked, you should see your IT person or someone who specializes in “cleaning” computers ASAP. We can recommend folks who can help.

Charles Tips – Email Security

Compromised email can be an important component of identity theft. People take much of today’s electronic communications for granted.

Think about what’s connected to your email accounts – activities like shopping and even online banking to name a couple. Hackers getting into your email can give them an open doorway into many aspects of your financial and personal life. The losses incurred through compromised email can be enormous.

Good security practices are great deterrents. Start by using strong passwords to mitigate such losses.

Wireless connections can be “sniffed”, meaning hackers can wait nearby and record the information being sent and received over the connection.

Always access your email using encryption. Encryption makes it close to impossible to decode the wireless traffic. With email clients like Outlook, Thunderbird, Apple Mail or even a mail apps on phones, make sure encryption is turned on. With webmail through web browsers be careful to access it using https:// to ensure an encrypted email server connection.

Free wireless hotspots are a haven for hackers. You are pretty safe as long as you are using encrypted connections.

If you don’t understand how to set up and use encryption, call your web hosting, email or device provider for help. Don’t risk potential losses.

Charles Tips – Passwords

In keeping with the basics, a common issue we see at CharlesWorks involving our web clients in general has to do with passwords.

A trick to remember with passwords is to keep them simple yet complex and different enough so they aren’t easily guessed. A very good way to have a secure password is to use words or combinations of words that mean something to you but not anyone else. It’s also more secure if you use a capital letter where one would not normally be expected. Here’s an example of making a typical word into a secure word just by changing which Letters within the word are capitalized:
PeteRborOugh

Or you could go a step further by using numbers in place of some of the letters so you have both numbers and capital letters:
Pet8Rbor0ugh

To really beef up security, in this example we’ll make it 2 words separated by a hyphen or a number:
hEll064bYe

Using a couple words in this manner will pass the security requirements for many systems. You can use a couple words that you can remember and therefore don’t have to write down anywhere.

Needless to say, post-its on your monitor should be avoided. Hopefully this CharlesWorks tip will help get you away from that habit!

Charles Oropallo (Charles@CharlesWorks.com) started CharlesWorks in Peterborough NH in 1998. His team does website design, hosting, search engine optimization (SEO) and related web services.