posted 05-14-2015 12:28 PM            

The bad guys typically send fake (spoofed) messages that appears to come from large companies (banks, FedEx, Facebook, eBay, etc), but now the bad guys are faking messages from smaller companies & Internet sites (SMP/SSF)....the smaller entities who are being ‘brand-jacked’ is increasing weekly.

The upshot? If you receive an emailed request for new or updated account information, don’t click any included links. If you know you have an account with that company, go directly to its website and sign in to your account to make any needed changes.

================================================
If you get and email from SMP/SSF asking you to update your user info don't click any provided links. Instead go directly to
     www.smpub.com/cgi-bin/ubb/Ultimate.cgi
and use the profile link which is found on the SSF forum's index page, a forum's subject index page and the thread/post pages.
================================================

posted 05-14-2015 01:39 PM            

• Keep strong passwords: Sure, you’ve heard this time and again, but using strong and unique passwords for each of your accounts and devices is as important as ever. Ideally, you should change critical passwords every three months. The longer the password the better (8 or more characters) ... when possible use a mix of upper and lower case letters including numbers and symbols (Microsoft recommends: The symbols found on the keyboard (all keyboard characters not defined as letters or numerals:
  ---> ` ~ ! @ # $ % ^ & * ( ) _ - + = { } [ ] \ | : ; " ' < > , . ? / <---

• Use email and social media with caution: Avoid clicking links in email and messages, particularly from unknown sources. But be aware that scammers know we’re apt to click links sent by our friends, so they compromise accounts and steal contact lists. That email about the latest cat video from Aunt Minnie could very well be bogus.

• Know the information you’re sharing: Networked devices such as routers, smart TVs, thermostats, and so forth might ask for permission to use your data and personal information. Be sure to check what data you’re giving up (particularly with Android apps). Also, disable remote-access tools when not needed.

posted 05-14-2015 09:20 PM            

Here are some very basic tips:

1. For passwords, think of phrases that you will remember, and then start substituting symbols or numbers for letters. Example:

Strong Password becomes $tr0ng P@ssw0rd! (I don't recommend this one specifically-just an example). Note that some sites don't let you use anything other than letters and numbers (shame on them!).

2. Don't use the same password for multiple purposes. Once it's broken once, it is so easy to get access to other accounts.

posted 05-15-2015 09:09 AM            

Thanks so much for the additional suggestions.

Its good to know my security concerns are shared with other SSF members.

posted 05-15-2015 09:48 AM            

quote:

---

This terrifying malware destroys your PC if detected
Jeremy Kirk
IDG News Service
May 5, 2015 4:56 AM

A new type of malware resorts to crippling a computer if it is detected during security checks, a particularly catastrophic blow to its victims.

The malware, nicknamed Rombertik by Cisco Systems, is designed to intercept any plain text entered into a browser window. It is being spread through spam and phishing messages, according to Cisco’s Talos Group blog on Monday.

The rest of the article is here

---

posted 08-20-2015 09:29 AM            

In short, hackers and the bad guys look for such free access to help cover their tracks and because the security is often very lacking.

Also the free WiFi sites or hot spots are often where the operator (not necessarily the provider) is data mining.

Because it can be very easy for anyone using the same WiFi sites or hot spots as you to see your traffic..... my advice don't do anything you want to remain secure or private. Websites, like banking, that use HTTPS are better because it is harder see the HTTPS traffic. But setting up and maintaining HTTPS properly is not always done. So don't count on HTTPS when on a Public WiFi/hot spot.

The above is a very rudimentary and a very very shallow intro to the topic.

To begin to discuss why your particular free WiFi site or hot spot is blocked, I will need to know the networks public IP address. Depending on how the network (free WiFi site or hot spot) is setup this can be easily identified. If the free WiFi site or hot spot is operating as a proxy or some other stealth method then this simple suggestion will produce false results. Go to one of the many sites that will try to ID your IP address for you. For example, whatismyipaddress.com.