It Is Past Time to Lock Up Facebook

A couple of issues here.  One is the security of Facebook as a web site.  I recently saw some fishing messages to someone.  There was more than one.  Each message was from a different person she knew was on Facebook.  In other words, someone was fishing Facebook for situations where the Facebook user did not have their friends list and their personal information locked down.  They would use that information to spam those on the friends list.

The security issue is that the Facebook users allowed access to their friends list by people not on their friends list.

So, I have two programs/applications to recommend to every Facebook user to evaluate the security of their Facebook information.

One is PrivacyFix.  This is a plugin to Chrome or Firefox browsers that evaluates several web application environments for security problems; among these is Facebook.  You can get the plugin for Chrome while inside the browser at https://chrome.google.com/webstore/detail/avg-privacyfix/pmejhjjecaldkllonlokhkglbdbkdcni?hl=en.  Firefox would be similar; click on the AddOns under Settings.

In the picture below, the orange person outline is the PrivacyFix icon.  Click on it and the dropdown in the picture displays.   You can see a general evaluation of your internet privacy within that browser.

For much more information, click on the "Dashboard" link in the upper right corner of the dropdown.  You will get a large web page.  Scroll down to find the Facebook app.  Note that it gives evaluation information and links to "Fix" any issue.  

The second application is actually associated with Facebook.  It is ZoneAlarm SocialGuard Privacy Scan.  You can run it at:  https://apps.facebook.com/sgprivacy/.   The GUI interface Zonealarm's SocialGuardPrivacyScan is a Facebook app.  If you launch it, the following evaluation is displayed.

To fix issues, click on the green background "Score higher and gain more privacy."  The following dialog appears.  Note that there are many links that will send you to places in Facebook to fix security issues.  There is corresponding help on what the various settings do.

I urge everyone who has a Facebook account to secure the account.  Only let friends see anything.

The second issue is that Facebook is trying to persuade/pushing everyone toward a new phone app for its messaging, called Messenger.  There is a lot of concern that Messenger will be used to extract information about everything you do.  See the discussion here:  http://www.kxly.com/news/spokane-news/working-4-you-will-facebooks-messenger-app-invade-my-privacy/27388462.  Follow the links in that article for more information.

Please send a link to this blog entry to everyone on your Facebook friends list.  If you don't use Facebook but you know friends who do, and they have your email address, send the link to this page to them.  The link to this blog page is: http://leetlinktips.blogspot.com/2014/09/it-is-past-time-to-lock-up-facebook.html .  Swipe this with your mouse, Ctrl C the marked area, and paste it into an email to send to folks, or , if you have a facebook account, insert this link into a Facebook message and add it to your Facebook page.

Fix-My-Computer Dude and Other Cold Call Scams

I got the following today from an acquaintance:

Today we got a call from "Fixmycomputerdude.com":  They tried to gain our trust on the phone call by saying that they were from microsoft...and monitoring computers generally, and had identified "terrible" issues with here computer.  They instructed us to push the "windows" key with "r" and in the box that appears they gave a cmd address to type in - and then he read back the IP address to us - and explained we should keep it private.  He gave  another instruction to type in the windowsR run box....www.showmycomputer.com .  Options on this screen showed some digits that he asked to read to him. He then apparently gained control of the computer...and began to flash up screens that showed huge lists of errors and invasions.  He then guided us through a check to see if the computer was properly connected to a server so they could "fix" all these problems free of charge.  That (of course) turned out not to be the case, but for only $149.95 RIGHT NOW - so your computer does not crash! - by credit card, we will fix all that.... + you get a contract for "FREE" help for the next 12 months (with only a nominal $12.00 monthly charge).  "We will take care of your computer free for the year - and at the end, your computer will be working perfectly and you can terminate the contract."  Ever heard of anything like this? They then called back... and threatened us with the fact that our computer was not connected to the "microsoft computer", and was not being updated.  Because of all the errors.... our computer may soon crash.  Can this be right??

This is a scam, and an old one.  There is a long forum post on this scam on the Microsoft Forums website:  https://answers.microsoft.com/en-us/protect/forum/mse-protect_scanning/fix-my-computer-dude-company-just-called-me-and/c74ae56d-8156-e011-8dfc-68b599b31bf5.  That post is about 3 years old.

I have had perhaps a dozen calls on this from our community.  This is being done by under more than one company name.   Some have paid for the service and for the contract.  This is a kind of scam that is marginally legal.  All the proofs and discussions of Microsoft are lies.  The cleaning may provide some benefit, but, overall, is a fraud.  The support is a fraud.

Worst of all, by gaining access to your computer, you have to assume your computer and all the information on it has been compromised.  They might have uploaded "in the background" personal files, passwords you thought were hidden, and any financial information on your computer, all while you are watching the slight-of-hand in the foreground.

• Rather than repeating "what to do" here, I direct you to the following: https://blog.malwarebytes.org/tech-support-scams/.  This summarizes the scam, what to do if they get on your computer, etc.  
• It does not mention another useful program to run besides Malwarebytes.  This program is AdwCleaner. 
• After cleaning, I also recommend "restoring" your computer to a time before the person first gained access to your computer. (http://windows.microsoft.com/en-us/windows/what-is-system-restore#1TC=windows-7)
• Apple computers... I haven't heard of Apple scams.  Anyone have this happen?
• If you have signed up for the year's "Service," do not allow access to your computer again.  The company might not do anything the first time that would raise suspicion, but at some point ... 
• The article does not cover the issues of identity theft.  Given the exponential growth of this piece of the industry, you have to assume that they have "farmed" your computer.   The US Gov. web page on identity theft covers what your response should be:  http://www.consumer.ftc.gov/features/feature-0014-identity-theft   
• The phone numbers you might see on caller-id are usually fake:  burner cell phones.  They may even be from the US, but that doesn't mean the person is  in the US, or that someone in the US is more trustworthy.

If you need help, give me a call.

Banking Information Hacked on a Large Scale

The Russians are using cyberwarfare against US banks now.  Read this and evaluate it against your current security measures with respect to your banks and financial institutions.

http://www.dallasnews.com/business/headlines/20140828-fbi-investigating-hacking-attack-on-jpmorgan-chase-other-banks.ece.  I don't expect any help from the government on this.

Smartphone battery saving tips

While I'm on Kim Komando, her web site has some excellent tips on saving power on your smartphone, especially if it is at the "low point" and you need to use your phone.  The web page is:

http://videos.komando.com/watch/5241/kims-reports-3-ways-to-squeeze-more-life-from-a-dying-smartphone-battery?utm_medium=nl&utm_source=tvkim&utm_content=2014-08-23-article-screen-shot-d

This page has a series of videos on the subject.

Something I noticed in these videos is that Kim doesn't cover the Droid phones as well as she does the iphones.

One simple trick I've discovered on those Droid phones that have three symbols along the bottom of the phone (outside the screen area), left to right: counterclockwise arrow, then a kinda house symbol for return to home screen, and finally, on the right, two rectangles, one in front of the other.
That last one, the rectangles, shows you all your running apps.  I use that a lot now.  I use it to stop all the apps I'm not using.  Put your finger on the app and flick it to the right.  App gone.  An easy way to get more life.

Note that the GPS using apps, such as navigation and "track" use a lot of power. As, much as possible, make sure you don't have your screen on when using these.  Set your phone out, don't put it in an enclosed place.  (When riding a bike and using "track" to keep track of progress and location, put it in a breathable pocket on your jersey.)

Also, I rely on Google Maps and Track when I am biking in the wilderness.  It's a safety feature and it works most all the time, even here in the mountains.  So, I carry an external battery pack backup, just in case.  When the battery gets low on my phone, I plug the backup battery into my phone for extra hours of "up-time."

Travel Tips: Using Credit Cards, Getting Cash Best Practices

Kim Komando, "America's Digital Goddess" used to be on a local radio station for 3 hours every weekend.  I don't think she has an outlet in our area any more?  (Let me know if you have have heard her on one of the local radio stations.)  I keep up with her through the her daily newsletters.  There is a superb article on her website regarding all things credit and cash regarding making reservation for travel and making the trip.  I urge you to read what she has to say:

http://www.komando.com/tips/267847/credit-cards-best-for-travel-and-money-saving-exchange-tips

Follow the other links in this article for a good summary of best practices for all aspects of travel.  If she has left something out, send a comment to me using the comment box below and I will review and perhaps add it to this post.  

Have You Got eMails from "Turkey" or other country The Forensics: This is how it is done.

I have put together a PDF document that is the forensics investigation of an actual case.  You will see the details on what caused it and where it leads.  .  Because it has specifics on companies and people involved in this scam, I have put it in a PDF file.  (No identification of the victim, just the perps.)  You will need to request access to this document by sending an email to me.  Everyone should read this so you won't get hit by this (as a sender of the fishing attack).

Continued phone scams... 606-755-0236... how to handle these and how to handle junk mailers

I received a phone call from the subject number today. I immediately went to the 800notes website and typed the number in the field on the home page. I got this: http://800notes.com/Phone.aspx/1-606-755-0236.  You can read all about it.  Please excuse me for the swearing on that page.  It still provided the information you need.

The following site has assorted tips on how to handle both phone scammers and land mail spammers:  http://www.yourhomenow.com/sit.html.  This web page, written by Greg Molenaar,describes how to put a SIT (Special Information Tone) tone on the front of your voice message to cause telemarketers and robocallers to think your phone is out of service.  (You've heard this tone sequence before.)  He doesn't really say how to put the tone in front of your voicemail message, so the way to do it is to sit in front of your computer with your browser on that web page.  (As another option, you could download the wav file.) Start your phone message recorder.  Click on the sound with your phone close to your computer's speakers, which will play and be recorded, and then continue with your message.  You'll have to be the judge of whether or not these beeps are an aggravation to "friendly" calls.

Greg also has some great ideas about how to handle junk mailers.  Read the article.