Security when clicking onto a website confounds me. Some sites put the section of the site you are wanting ahead of the web address. Example http://photos.kodak.com and some put the section after example http://kodak.com/photos. These examples are just made up but I hope you understand what I’m saying. How do I know if I’m on the secure website I’m supposed to be on? At times I see other addresses flashing by on the toolbar that are not the site I clicked on before the actual site appears.
This simple question opens up a veritable Pandora’s box when it comes to understanding URLs and what is safe to click on.
The concepts are simple, but how those concepts can be combined is complex, particularly if someone is attempting to deceive you.
My account has been hacked into several times. If I’m able to recover it, it just gets hacked again. Sometimes I can’t recover it, and I have to start all over with a new account. What can I do to stop this all from happening?
I don’t get this question a lot. But I really, really wish I did. What I get instead, repeatedly, is “I’ve been hacked, please recover my account/password for me!” (Which, for the record, I cannot do, no matter how often, or how nicely, or not so nicely, I’m asked.)
The only salvation is in prevention, and this applies to email, social media, and pretty much any password-protected account you might have.
What can you do to make sure your account doesn’t get hacked in the first place?
Between bouts of frustration with my inbox, I’ve been reading your various articles on spam. I think I’m slowly getting a handle on it all, but it sure seems crazy. And it really got me to wondering… why is there so much spam in the first place?
I feel your pain.
Some time ago, I did some research and looked at all my email for an entire year. Not only do I get a lot of email, but my calculations show that 87% of it was junk. Wow.
I would think that no PC would be immune from malicious threats if they landed on some corrupt site that then installed malware or key-capture software. Is there any reasonable way to continue to safely do online banking?
Avoid getting infected.
I know, that sounds trite and flippant, and I don’t mean to be so. Ultimately, though, all the advice boils down to exactly that: do what it takes to stay safe on the internet.
I regularly bank online. In fact, I’ve done so for years without incident. I much prefer it over the alternatives, particularly since many alternatives seem to be slowly disappearing.
News broke over the weekend about an approach to a phishing attack that could fool you into giving a hacker your LastPass credentials, even bypassing two-factor authentication. It’s not yet been seen in the wild, but code has been made available, so I’d expect it to start appearing.
Quick bottom line
If you get a message from LastPass that your session has timed out and you need to log in again, don’t. Instead, I recommend you close your browser, re-open your browser, and log in using the LastPass icon on the browser’s menu bar.
For at least one large segment of attack, it’s our propensity to download and open email attachments that gets us into trouble.
A couple of scary numbers from that report: 1 in 10 people will download and open an attachment attached to phishing email or spam. The average time between a phishing email being sent and the first victim taking the bait is 22 seconds.
What the heck is it about email attachments that makes them so darned irresistible?
I’ve received an email from Microsoft asking for billing details and threatening the end of my Outlook.com account. Contacting Microsoft resulted in referral to a support alias, but no answer. Is this a problem, or a forgery?
Phishing is a word you hear a lot in the news these days, and this question brought it to mind.
You’re right to be suspicious: this definitely sounds like a phishing expedition.
What is the current status of a company that wants to offer security protection for your credit card purchase and your identity? Is it “Target” initiated?
Target, a retail chain in the United States, is the company whose security was breached recently in a fairly massive theft of account information from their customers. Unfortunately, this gets really complicated really quickly. Compromised companies like Target try to do the right thing for their customers, but of course there’s always somebody who wants to come along and take further advantage of the situation.
All these PC online technicians say “your computer is infected; you need to pay at least $100 to have us fix it like new.” They told me that even if I go to factory settings it won’t help. Now, I’ve been running McAfee security and I do full scans and I have no virus. Is the internet just packed with tricksters?
The very direct answer to your question is yes.
Yes, there are a lot of scams and misleading advertisements out there.
That’s why there’s one skill I believe strongly that everyone needs to develop.
Using Hotmail, now Outlook.com, and my address is “something” @hotmail.com. In the past two days, I’ve received several messages from my bankcard company: the first, an alert that a payment is due soon, and the second, an acknowledgement that payment has been scheduled. Each includes “Please enable HTML in the message text.” I have not done anything to disable HTML. Principally, I don’t know how and secondarily, I’d be afraid to find out the consequences if I did. Previous account-related messages from this company included the link to the card users login page. The current message does not have this link. Thinking that something may have accidentally come unhooked in my Hotmail settings, I looked in options for anything indicating how to enable HTML. Finding nothing, I went on the net and searched “Enable HTML Hotmail” and found Ask Leo! I’ve read through the topics here and searched “Enable HTML Hotmail Outlook” and found no answer. Messages from other sources contains links, none contained a request to enable HTML. Please advise what I’ve done and how can I undo it so I can easily attend to this credit card.
I don’t think you’ve done anything and I don’t think there’s anything to undo.
There are several reasons why this kind of thing can be happening. Most of them boil down to an improperly constructed email message on the part of the sender. In other words, it’s not you, but the sender.
As you stated and I’ve preached to my own family, you should never click a link in an email that purports to be from PayPal – never. If there’s something that needs to be checked out, go to the PayPal site yourself by typing paypal.com in your browser’s address bar or clicking on your bookmark – never click on an emailed link to PayPal – got that? And yet my monthly email statement from PayPal includes a link to login! Why is PayPal practicing business in this manner? We both know that they know that they’re not ignorant of the risky behavior fostered.
You are 100% correct. I agree with you – I wish PayPal didn’t do this.
Now, I can postulate a few reasons why PayPal might choose to behave this way … but I still can’t really justify it.