www.susieandsecurity.com
Open in
urlscan Pro
2607:f8b0:4006:809::2013
Public Scan
Submitted URL: https://susieandsecurity.com/
Effective URL: https://www.susieandsecurity.com/
Submission: On January 26 via api from US — Scanned from US
Effective URL: https://www.susieandsecurity.com/
Submission: On January 26 via api from US — Scanned from US
Form analysis
1 forms found in the DOMhttps://www.susieandsecurity.com/search
<form action="https://www.susieandsecurity.com/search" class="gsc-search-box" target="_top">
<table cellpadding="0" cellspacing="0" class="gsc-search-box">
<tbody>
<tr>
<td class="gsc-input">
<input autocomplete="off" class="gsc-input" name="q" size="10" title="search" type="text" value="">
</td>
<td class="gsc-search-button">
<input class="gsc-search-button" title="search" type="submit" value="Search">
</td>
</tr>
</tbody>
</table>
</form>
Text Content
SUSIE AND SECURITY Tips for being secure in today's digital world, and keeping your kids safe online as well. SUNDAY, AUGUST 8, 2021 WINDOWS 10 USERS: BEWARE FAKE WINDOWS 11 INSTALLERS If you are using Microsoft Windows 10, be very cognizant of pop-ups and links that lure you to download the Windows 11 upgrade installer. There are hundreds of fake installer packages out there that can infect your system with malware. Right now, Windows 11 is available only to Microsoft customers who are part of its Insider program; if you are not enrolled as an Insider, you cannot upgrade to Windows 11 until 2022. Here is an example from Kaspersky security experts showing a downloader designed to deliver malware: Always remember to download Windows updates and upgrades from official Microsoft websites only. Keep in mind that fake installers can look a lot like the real thing. For the full story, see https://www.bleepingcomputer.com/news/security/fake-windows-11-installers-now-used-to-infect-you-with-malware/. Posted by Susie at 5:22 AM No comments: Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest SUNDAY, NOVEMBER 29, 2020 WHY YOU SHOULD BE PICKY ABOUT ALLOWING WEBSITE NOTIFICATIONS Most websites run on advertisement income. And websites have the ability to create connections to your own computer from other Internet nodes through links, clickable images and push notifications that serve up ads or other content. Be wary of which sites you allow to send push notifications to your computer because these can also be used by nefarious entities to deliver fraudulent notifications. Fake notifications can serve up scareware that prompts you to install software to correct a "security risk" or click links to malicious websites that then deliver dangerous payloads to your computer. Here is an example of an Adweek request, prompting to allow or block notifications: The top level domain that delivered this prompt is adweek.com, as is visible in the URL. If I select Allow, my computer would then be able to receive connections directly from adweek.com servers, completely outside of my browser, and with blanket permission to allow these external connections to my Windows or Mac desktop at any time. Another problem that arises from allowing notifications is the potential difficulty you may have in discerning a legitimate notification (generated by your operating system) from a third-party notification. For many years it's been a security habit of mine to choose Block on every such request. You can change your selection for each request—depending upon how much you trust the notification delivery domain—or you can configure your web browser to block all such requests. To learn how to manage these settings on your preferred browser, use a search engine like Google to query, for example, "Chrome turn off notifications," or "Firefox block notifications." These settings can be applied to browsers on your smartphone as well. Last week, Brian Krebs posted an article explaining why you should carefully consider whether to allow or block notifications when prompted. It is definitely worth a quick read. For more information, see Be very spaing in allowing site notifications at https://krebsonsecurity.com/2020/11/be-very-sparing-in-allowing-site-notifications/. Posted by Susie at 5:04 AM No comments: Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest SATURDAY, NOVEMBER 14, 2020 CHECK OUT THE NEW GOOGLE SCAM SPOTTER ONLINE! With the holiday shopping season already upon us, now is a good time to remind ourselves to be alert to online shopping scams and other ruses. Have you heard about Google's scam spotter website? Check it out at https://scamspotter.org/, and be sure to take the two-minute quiz to see how well you area at detecting a scam. I love this site because the most pertinent information you need to know is presented visually, making it easy to comprehend regardless of your level of security knowledge. In less than 10 minutes you can learn how to detect scams in email (phishing), text messages (smishing) and phone calls (vishing). If you know someone who isn't security savvy or doesn't have time to devote to becoming a security expert, please share the scamspotter.org link with that person. This is an especially useful resource to share with your elderly loved ones, your kids or those who may be mentally challenged. SAMPLE TIP FROM SCAMSPOTTER.ORG: A NOTE TO MY READERS This tip came from a monthly email newsletter produced by Rebecca Herold, aka The Privacy Professor. Every newsletter is a treasure trove of privacy and security of tips. I recommend you give it a try! For more information, or to subscribe, visit https://www.privacyguidance.com/. Posted by Susie at 5:45 AM No comments: Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest SATURDAY, OCTOBER 31, 2020 FACEBOOK COPYRIGHT INFRINGEMENT SCAMS Once in a while my organization receives an email suggesting we are in violation of copyright law and can expect consequences. The majority of these are fake. A real copyright infringement letter is more likely to be sent to an organization's legal department via U.S. mail or a proper courier. Individual consumers have become targets of this scam. Threatening emails and posts accusing you of copyright violation may very well be fake, so don't panic if you receive one of these. Fear is exactly what the scammers want you to feel. Don't fall for it. If you receive an accusatory email, remember that scammers create phony emails (and posts) designed to look like they are from Facebook. Sometimes these can be quite convincing, often threatening to deactivate your Facebook account. They may provide you a link for filing an "appeal." As always, do not click unexpected or unknown links. Here is just one example: To view sample copyright infringement scam emails and learn more about this ruse, see https://nakedsecurity.sophos.com/2020/10/27/facebook-copyright-violation-tries-to-get-past-2fa-dont-fall-for-it/. If you receive bothersome messages from Facebook, consult Facebook's online help page at https://www.facebook.com/help/199655413426788/?ref=u2u. Also, you can forward phony Facebook emails to phish@fb.com. Posted by Susie at 7:23 AM No comments: Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest SATURDAY, OCTOBER 10, 2020 FBI WARNS STUDENTS ABOUT SPEAR PHISHING CAMPAIGNS TARGETING STUDENT FINANCIAL AID ACCOUNTS College students beware. On September 29, 2020, the Federal Bureau of Investigation issued a private industry notification warning universities and students of ongoing spear phishing attacks that have allowed thieves to successfully redirect financial aid funds into various Green Dot* bank accounts. These spear phishing campaigns usually coincide with periods where large volumes of financial aid funds are disbursed, such as at the beginning of a school term, and the attacks are expected to continue into 2021. The phishing emails fraudulently obtain student login credentials, allowing cyber actors to gain access to and change direct deposit information. Funds are withdrawn and quickly transferred to accounts around the world. After the funds have been successfully disseminated by the financial aid provider to the "new" bank account, the student suffers a financial loss that results in insufficient funds to pay tuition or other student needs (i.e., books, housing, meal plans, etc.). Students, remember to never click links or open attachments in unexpected emails without first inspecting links and validating the sender. Do not enter credentials on a web page that you were redirected to from an email message—especially for sensitive accounts. As a rule, I ignore login links sent by my bank; instead, I go straight to my web browser to log in using the bank's known URL, not the URL provided in the email or attachment. *Green Dot Corporation is an American financial technology and bank holding company. It provides customers affordable debit accounts and offers businesses an all-in-one platform for building banking into their brand. Posted by Susie at 2:39 PM No comments: Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest THURSDAY, OCTOBER 1, 2020 THIS MONTH'S MANTRA: FRIENDS DON'T LET FRIENDS GET SCAMMED! Welcome to National Cybersecurity Month in the U.S.! This is the time of year where cyber pros do our best to raise awareness about staying safe online. The best way we can get ahead of the bad guys is by paying attention, staying alert, being skeptical of hyperlinks and attachments to emails, and sharing information with each other. As such, one of my favorite security outfits—Sophos, is promoting this theme: Friends don't let friends get scammed! If you get scammed online, report it to IC3.gov or FTC.gov. Post about it on your social media page. Warn your friends and family and co-workers (without sharing malicious links). If someone hacks your email, warn everyone in your Contacts list and reset your password to a long passphrase (stored in password manager software instead of written on a sticky note) while enabling multi-factor authentication on the account. Believe me, there is a lot at stake here. Pay it forward. For more information, see this article (https://nakedsecurity.sophos.com/2020/10/01/becybersmart-why-friends-dont-let-friends-get-scammed/) or listen the brief audio interview (https://soundcloud.com/sophos-audio/friends-dont-let-friends-get-scammed). Both offer some great advice that will protect all of us. Posted by Susie at 1:48 PM No comments: Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest SATURDAY, SEPTEMBER 12, 2020 DON'T CLICK THAT SCARY WEB POP-UP While surfing the web on your computer or mobile device, if you've ever seen one of these pop-ups, you've navigated to an unsafe web page and need to shut down your browser and, preferably, run an antivirus scan on your device. If you actually call the toll-free number, you're well on your way to becoming a victim of credit card fraud and worse, especially if you let the "Tech Support" person on the other end of the phone remotely control your device. Would you let a complete stranger into your house, in the dark of night where you can't even see his face, just because he knocks on your door and says, "your burglar alarm has been hacked?" I didn't think so. Even Apple devices can display these fake warnings. This type of ruse is called scareware. (You should google that.) I've known a number of people fall victim to the "tech support scam," and it never ends well, requiring some level of security clean-up afterward. When you receive an unexpected email or a pop-up carrying a threatening message like this, please stop what you are doing and remember that things are not always what they seem. Don't pick up the phone and don't click links. Shut down the app (ALT+F4 in Windows, Command+Q on Mac). Security experts at Sophos recently posted an informative article about how to spot fake web pop-ups. Take a look at one the recent examples Sophos provides, like this one: For more information, read the full article at https://nakedsecurity.sophos.com/2020/09/09/fake-web-alerts-how-to-spot-and-stop-them/. Stay on your guard. Posted by Susie at 10:58 AM No comments: Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest Older Posts Home Subscribe to: Posts (Atom) MORE PRIVACY & SECURITY TIPS * Savvy Cyber Kids * Internet Crime Complaint Center * Report Fraud to the FTC * National Cyber Security Alliance * The Privacy Professor * The Daily Scam SEARCH THIS BLOG BLOG ARCHIVE * ▼ 2021 (1) * ▼ August (1) * Windows 10 users: Beware fake Windows 11 installers * ► 2020 (17) * ► November (2) * ► October (3) * ► September (2) * ► August (1) * ► July (1) * ► June (1) * ► May (2) * ► April (4) * ► March (1) * ► 2019 (8) * ► October (1) * ► August (1) * ► July (2) * ► June (1) * ► May (1) * ► February (1) * ► January (1) * ► 2018 (12) * ► November (2) * ► October (1) * ► September (2) * ► June (2) * ► May (1) * ► April (3) * ► February (1) * ► 2017 (12) * ► June (1) * ► May (3) * ► April (3) * ► March (3) * ► February (1) * ► January (1) * ► 2016 (34) * ► December (3) * ► November (3) * ► October (1) * ► September (3) * ► August (3) * ► July (5) * ► June (4) * ► May (2) * ► April (2) * ► March (3) * ► February (1) * ► January (4) * ► 2015 (25) * ► December (3) * ► November (4) * ► October (3) * ► September (2) * ► August (2) * ► July (3) * ► June (2) * ► May (6) Theme images by TommyIX. Powered by Blogger.