More often than not, if someone receives a spam or infected email sent from your email address, that email was sent from something other than your email account; they were just "borrowing" your email address in the hope that the receiver will lower their guard.
However, there are occasions where your email has really been taken over by a malevolent entity. In that case, the stakes have greatly increased and you will have to take very significant action. That is because you have to assume your entire Google account and every email and document in it has been compromised. I'm not sure what the encryption characteristics of Google docs is when accessed from within your own account, but I don't know how someone in your account would be blocked from access to your documents. Therefore, assume the worst and act on it.
There is a way to determine who has accessed your account in the recent past. I have written a tutorial on how to get to this information. It is here. If you use Google mail, please read it and practice the procedure documented in that tutorial.
Thursday, January 30, 2014
Wednesday, January 29, 2014
Snopes.com for all those email claims, such as he said, she said, it's going to blow soon, rumors
http://www.snopes.com is a great site to bookmark. If you get an email such as one that talks about an exchange between Bill Gates and a Ford (or GM or..) press release regarding Gates comparing computers to cars and the press release response, go to snopes and type in some key words from the article. Snopes would give this response: http://www.snopes.com/humor/jokes/autos.asp. This site is especially useful for Frauds and Scams, as well as food claims.
Thursday, January 16, 2014
Apple Users Not So Safe; there's just not that many users for the crooks to bother!
That's the theme of an article I'm linking here. All Mac users should read this. I underline the web browser exposure. Everyone, regardless of platform, is exposed to exploits that reroute your browser interactions to malicious servers. The article talks about Safari. I recommend Safari not be used, but that you use Firefox instead, installing Add-ons that provide security. In Firefox, Tools.Addons and then Get Addons.
Monday, January 13, 2014
The Microsoft Support Phone Scam
This is a warning about phone callers who claim to be from Microsoft. A neighbor recently received a call from Microsoft and documented the experience:
I got a phone call from a female who identified herself as a Microsoft employee. She had a strong Indian or Pakistani accent. In the background I heard what seemed to be many other voices, like a phone bank. That part seemed reasonable to me. It sounded familiar and help throw me off guard.
Due to her accent it was difficult to understand her. She informed me that apparently my computer had been broadcasting some serious viruses. I was stunned and scared into momentary stupidity, so I started to follow her instructions. First, she directed me to a web site called join.me. Her instructions were awkward, but I finally got to the website. At that point it was impossible for me to proceed. I was unable to download the information necessary to join the "meeting." I asked politely if there was someone else there who spoke English a little more fluently. She connected me with another female with a similar heavy accent. Again I was unable to understand her. She rerouted me to another website with "anomy..." in the title. I continued to have trouble with her instructions. For example, she would ask me to click on a button and, when I replied "Nothing happened!" she said "Tell me the number at the top of the page." I said "I don't see a number." She said "Give me the 9 digit number."
Finally I was passed to a "supervisor." He was able to direct me to connect to the "meeting." I gave him the 9 digit number that appeared.
I began to feel nervous- the initial shock had worn off. He directed me to download another program, which I did. He asked me to run the program. However, at the bottom of the screen a message appeared from my security software that said something to the effect- Warning!. You should only give this to a person you trust.
I thought Yikes! I don't know this guy from Adam. Anyway, I said "How do I know you are a Microsoft employee. He said only Microsoft employees would know my computer ID. He ast me to open a Word page and he would type it. He could make the cursor move. He started typing a number. I didn't know what "my computer ID" meant, so, at that point, I hung up.
This is a know and dangerous scam. The cyber-criminal counts on the initial shock reaction to get to your computer.
I restored the neighbor's computer to an earlier point in time and cleaned out everything. Since the neighbor used the computer for banking, they called their bank and had their accounts changed.
This scam is documented in several places and takes several related forms. Here are a few links:
I got a phone call from a female who identified herself as a Microsoft employee. She had a strong Indian or Pakistani accent. In the background I heard what seemed to be many other voices, like a phone bank. That part seemed reasonable to me. It sounded familiar and help throw me off guard.
Due to her accent it was difficult to understand her. She informed me that apparently my computer had been broadcasting some serious viruses. I was stunned and scared into momentary stupidity, so I started to follow her instructions. First, she directed me to a web site called join.me. Her instructions were awkward, but I finally got to the website. At that point it was impossible for me to proceed. I was unable to download the information necessary to join the "meeting." I asked politely if there was someone else there who spoke English a little more fluently. She connected me with another female with a similar heavy accent. Again I was unable to understand her. She rerouted me to another website with "anomy..." in the title. I continued to have trouble with her instructions. For example, she would ask me to click on a button and, when I replied "Nothing happened!" she said "Tell me the number at the top of the page." I said "I don't see a number." She said "Give me the 9 digit number."
Finally I was passed to a "supervisor." He was able to direct me to connect to the "meeting." I gave him the 9 digit number that appeared.
I began to feel nervous- the initial shock had worn off. He directed me to download another program, which I did. He asked me to run the program. However, at the bottom of the screen a message appeared from my security software that said something to the effect- Warning!. You should only give this to a person you trust.
I thought Yikes! I don't know this guy from Adam. Anyway, I said "How do I know you are a Microsoft employee. He said only Microsoft employees would know my computer ID. He ast me to open a Word page and he would type it. He could make the cursor move. He started typing a number. I didn't know what "my computer ID" meant, so, at that point, I hung up.
This is a know and dangerous scam. The cyber-criminal counts on the initial shock reaction to get to your computer.
I restored the neighbor's computer to an earlier point in time and cleaned out everything. Since the neighbor used the computer for banking, they called their bank and had their accounts changed.
This scam is documented in several places and takes several related forms. Here are a few links:
- http://www.microsoft.com/security/online-privacy/avoid-phone-scams.aspx
- http://answers.microsoft.com/en-us/protect/forum/protect_other-protect_scanning/microsoft-call-scam/c5456b2a-4c77-48bd-9714-f3684bdabc06
- http://blog.malwarebytes.org/fraud-scam/2013/04/phone-scammers-call-the-wrong-guy-get-mad-and-trash-pc/
- http://www.youtube.com/watch?v=FDJWixw4TCI
Friday, January 3, 2014
Humor? in enrolling in your medical insurance
Occasionally I will stray into "user experience" scenarios with respect to internet applications. This is about medical insurance. I'm an IBM retiree. In response to the Obamacare law, IBM has "dropped" medical insurance: it has contracted with an external private exchange for all employees' and retirees' medical insurance. Given that, in order to receive an IBM contribution to the new HRAs, ie receive any health benefit from IBM, we must enroll in an insurance program offered by that private exchange. Since we already have all of our doctors in one hospital system, the insurance programs we can select must also match those accepted by the hospital system. At the time this all happened, there was no overlap between the companies IBM's contracted exchange would accept and the companies our hospital system and doctors would accept. We either had to drop IBMs contribution to the HRA or drop our doctors. Essentially, we were one of the uncounted casualties of Obamacare. Fortunately, we were reprieved late in the year when the hospital system and doctors added Humana. That was one of the insurance companies in the exchange's portfolio.
Humana requires that we use a certain Humana subsidiary for Rx mail orders. You have to separately enroll in that. (You can't enroll until after your insurance takes effect; ie Jan 1) Yesterday, Jan 2, I spent an hour trying to enroll, but it would not accept my information. It acted as if my information was not correct. (Other than the system was really down, the real issue is that I had to have an ID#, which apparently has to be provided by this mail order subsidiary, which requires a phone call to them. (Why don't they use Humana's ID number?) Last night, I called the support number and was on hold from 8pm until 10:30. The battery on my phone was dying and I was too, so I gave up.
I called this morning a little after 8, when they open their support service. I had to wait only 1/2 hour before I got a real person. She told me their systems have been down. (And they had been down... so much for my effort to enroll on line.) She couldn't say when they would be up. Furthermore, she said the systems were not stable and were likely to go down again. Would I like to make an appointment for a call back? I said yes, and asked what times would be available. She said they only schedule for a 24-48 hour period, not a time... Huh? That's because they can't predict when the system will be up.
She offered to take some down some pre-enrollment information and started the process. She asked for medical conditions for which I was being treated. I gave them. Then she asked if I had any medical conditions I had that I was not aware of. Huh?
So now I have to hope I am near a phone when I am called, sometime in the next 48 hours. (Hint: if you have VOIP service, that service often comes with an option to reroute your phone calls to your cell phone when the VOIP service is down. So, if you are going to be away from your home phone, pull the plug on your VOIP service and the phone call will go to your cell phone.)
I would welcome comments on your unusual experiences with health insurance web sites. Enter them as comments below.
Humana requires that we use a certain Humana subsidiary for Rx mail orders. You have to separately enroll in that. (You can't enroll until after your insurance takes effect; ie Jan 1) Yesterday, Jan 2, I spent an hour trying to enroll, but it would not accept my information. It acted as if my information was not correct. (Other than the system was really down, the real issue is that I had to have an ID#, which apparently has to be provided by this mail order subsidiary, which requires a phone call to them. (Why don't they use Humana's ID number?) Last night, I called the support number and was on hold from 8pm until 10:30. The battery on my phone was dying and I was too, so I gave up.
I called this morning a little after 8, when they open their support service. I had to wait only 1/2 hour before I got a real person. She told me their systems have been down. (And they had been down... so much for my effort to enroll on line.) She couldn't say when they would be up. Furthermore, she said the systems were not stable and were likely to go down again. Would I like to make an appointment for a call back? I said yes, and asked what times would be available. She said they only schedule for a 24-48 hour period, not a time... Huh? That's because they can't predict when the system will be up.
She offered to take some down some pre-enrollment information and started the process. She asked for medical conditions for which I was being treated. I gave them. Then she asked if I had any medical conditions I had that I was not aware of. Huh?
So now I have to hope I am near a phone when I am called, sometime in the next 48 hours. (Hint: if you have VOIP service, that service often comes with an option to reroute your phone calls to your cell phone when the VOIP service is down. So, if you are going to be away from your home phone, pull the plug on your VOIP service and the phone call will go to your cell phone.)
I would welcome comments on your unusual experiences with health insurance web sites. Enter them as comments below.
Subscribe to:
Posts (Atom)
Printfriendly
