Latest blog posts

Spam and Scams – How Secure is Your Security?

/ / Sass Savvy & Success

By now we’ve probably all had some sort of spam/scam email.

You know the ones.  A long-lost relative has died and you are the only living heir to millions of USD.  The sender is on his/her deathbed and has chosen to leave you their humongous estate.  Or perhaps the sender is being persecuted in their country of origin and will reward you handsomely for helping them get their millions out of their country.

More interesting?

I had a somewhat more interesting one the other day.  They knew one of my passwords and knew that I was watching videos at a XXX-rated porn site.  Not only did they have record of the porn I was watching, they had commandeered my computer camera and had video of me watching said porn.

Needless to say, for a small “donation” of $967 USD via Bitcoin, all evidence of my nasty little secret would be erased. (Yeah, right!)

Before you raise your eyebrows that I’m willing to divulge such a secret voluntarily, let me assure you porn is not my cuppa tea.  For that simple reason, I could dismiss the email quite handily.

Except…

Except for the fact that the password they showed me was a valid password that I had used on several occasions.  That fact did get my attention.  That fact did send me into action!  That fact made me a little nervous because, while it was easy for me to remember, I felt the combination of upper case, lower case and numerals made it harder to figure out.

I now know they don’t have to figure out anything.  The smart hackers just found a way into the databases of companies like Marriott, Aetna, FedEx and Equifax, just to name a few.  Once breached, they had access to not only passwords but email addresses, credit card numbers and other personal data.  No doubt my password was attached to my email address at some breached company and, while the hacker took a shot in the dark with the porn connection, he/she didn’t really have access to anything important of mine on line, they just thought it might cause enough of a stir to get some money out of me.

What To Do?

So… what to do, what to do, what to do?

This post is not meant to frighten you, but to educate you.

The first thing you need to know is that you can protect yourself quickly – and don’t ever think you, your info, your websites are too small to care about or interest hackers.

Here are my suggestions:

  1. Go to https://haveibeenpwned.com/ and check if any of your email addresses have been compromised. If it’s a Yes, there might not be anything you can do, really, except change your password and put up with spam.
  2. Next link to the password page: https://haveibeenpwned.com/Passwords and enter your passwords one at a time and see if they were included in a data breach. If yes, it’s important you start changing your passwords.
  3. The best way to do that is to purchase a password management service. I use LastPass, but there are several out there.  At LastPass you pay $36USD annually and that is nothing compared to the pain of reorganizing your online life if you get hacked.  It’s only $48USD annually for a family of 6.

Not only are all your sites logged, sorted and secure behind a password that only you know (you only need to remember one password!) so is any information you want to note about that account and the password used there.

When your vault is open, all your login info auto-loads.

There are other features as well, such a password generator, a list of reused passwords, and a list of old passwords.

  1. Once you’ve purchased a password management service, go to each website you have logins for and ask for a complex password with as many characters as the site allows. The longer it is, the less likely the chance of hacking.

Sound like a lot of work?

In case you’re thinking this is a lot of work for the off-chance someone discovers one of your accounts, there are a few other things I’d like you to do.

  1. Go to this Wiki site and review the list of breached companies. Any chance any of these companies might have an email address or a password of yours?
  2. Go to this site, pop in your passwords and see how long the sophisticated hackers might need to possibly figure it out. I’m so much more comfortable with centuries than hours, or fractions of minutes.

Too small to be of interest?

Finally, please don’t ever think you are too small to be of interest.  I have security on my websites that tracks attacks.  Here are some real time screen shots!  I did tighten up my tolerance levels this past weekend so I’m hoping the numbers will come down on a go forward basis.

This post has gone a bit longer than I intended, but your security is of vital importance.

Please leave nothing to chance, secure your accounts with complex passwords as though they housed the family jewels. Honestly, I also bookmark the “pwned” links and check in every once in a while, as an extra precaution.

Your thoughts?

10
Leave a Reply

avatar
5 Comment threads
5 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
6 Comment authors
Christie HawkesDebbieLeanne | www.crestingthehill.com.auMin @ Write of the MiddleAgnes Recent comment authors

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
newest oldest
Notify of
Christie Hawkes
Guest

It’s a sad state of affairs that we have to concern ourselves with being hacked, but it is a real concern. I appreciate you sharing your experience and recommendations.

Agnes
Admin

In reality, Christie, most of us probably aren’t even aware of what a large footprint we have online. It’s easy when they accuse you of something random – you can laugh it off, but when reality comes knocking… you have to listen!

Debbie
Guest

This was an informative and timely reminder Agnes, so thanks very much for sharing examples of can happen and what to do about it. Shared on SM for #MLSTL

Agnes
Admin

As Mother used to say: Fore-warned is fore-armed. Unfortunate, but the new reality. Thanks for the share, Debbie!

Leanne | www.crestingthehill.com.au
Guest

My husband is extremely diligent when it comes to this sort of stuff. I’m more laid back about it. I guess it boils down to the fact that once you see how easily you can be hacked, you start to lift your due diligence. I’ll be giving it some thought.
Thanks for linking up with us at MLSTL and I’ve shared on my SM 🙂

Agnes
Admin

I used to be laid back about it too, Leanne. But a techie friend nagged me to tighten things up, which I mostly did. It was the above-mentioned email that jolted me though – that they had a valid password! Go give your husband a(nother) hug!!

Min @ Write of the Middle
Guest

Some fantastic tips here Agnes, thank you! Unfortunately some of the examples you’ve used here have happened to me! It’s a scary online world sometimes! Gotta be careful so thanks for the links and tips!

Agnes
Admin

You’re very welcome, Min. I find so many people don’t realize how easy it can actually be to protect yourself online. If these tips help just a few people I’m happy!

Robin
Guest
Robin

OMG Thank you Agnes for this timely reminder!

Agnes
Admin

I’d like to say “It’s a pleasure, Robin” but I wish the whole thing wasn’t necessary!! Safe passwording!