www.susieandsecurity.com Open in urlscan Pro
2607:f8b0:4006:809::2013  Public Scan

Submitted URL: https://susieandsecurity.com/
Effective URL: https://www.susieandsecurity.com/
Submission: On January 26 via api from US — Scanned from US

Form analysis 1 forms found in the DOM

https://www.susieandsecurity.com/search

<form action="https://www.susieandsecurity.com/search" class="gsc-search-box" target="_top">
  <table cellpadding="0" cellspacing="0" class="gsc-search-box">
    <tbody>
      <tr>
        <td class="gsc-input">
          <input autocomplete="off" class="gsc-input" name="q" size="10" title="search" type="text" value="">
        </td>
        <td class="gsc-search-button">
          <input class="gsc-search-button" title="search" type="submit" value="Search">
        </td>
      </tr>
    </tbody>
  </table>
</form>

Text Content

SUSIE AND SECURITY

Tips for being secure in today's digital world, and keeping your kids safe
online as well.





SUNDAY, AUGUST 8, 2021


WINDOWS 10 USERS: BEWARE FAKE WINDOWS 11 INSTALLERS



If you are using Microsoft Windows 10, be very cognizant of pop-ups and links
that lure you to download the Windows 11 upgrade installer. There are hundreds
of fake installer packages out there that can infect your system with malware. 

Right now, Windows 11 is available only to Microsoft customers who are part of
its Insider program; if you are not enrolled as an Insider, you cannot upgrade
to Windows 11 until 2022.

Here is an example from Kaspersky security experts showing a downloader designed
to deliver malware:



Always remember to download Windows updates and upgrades from official Microsoft
websites only. Keep in mind that fake installers can look a lot like the real
thing.

For the full story,
see https://www.bleepingcomputer.com/news/security/fake-windows-11-installers-now-used-to-infect-you-with-malware/.





Posted by Susie at 5:22 AM No comments:
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest




SUNDAY, NOVEMBER 29, 2020


WHY YOU SHOULD BE PICKY ABOUT ALLOWING WEBSITE NOTIFICATIONS



Most websites run on advertisement income. And websites have the ability to
create connections to your own computer from other Internet nodes through links,
clickable images and push notifications that serve up ads or other content.  

Be wary of which sites you allow to send push notifications to your computer
because these can also be used by nefarious entities to deliver fraudulent
notifications. Fake notifications can serve up scareware that prompts you to
install software to correct a "security risk" or click links to malicious
websites that then deliver dangerous payloads to your computer.

Here is an example of an Adweek request, prompting to allow or block
notifications:




The top level domain that delivered this prompt is adweek.com, as is visible in
the URL.  


If I select Allow, my computer would then be able to receive connections
directly from adweek.com servers, completely outside of my browser, and with
blanket permission to allow these external connections to my Windows or Mac
desktop at any time. 


Another problem that arises from allowing notifications is the potential
difficulty you may have in discerning a legitimate notification (generated by
your operating system) from a third-party notification. 


For many years it's been a security habit of mine to choose Block on every such
request. You can change your selection for each request—depending upon how much
you trust the notification delivery domain—or you can configure your web browser
to block all such requests. 


To learn how to manage these settings on your preferred browser, use a search
engine  like Google to query, for example, "Chrome turn off notifications," or
"Firefox block notifications." These settings can be applied to browsers on your
smartphone as well.


Last week, Brian Krebs posted an article explaining why you should carefully
consider whether to allow or block notifications when prompted. It is definitely
worth a quick read. For more information, see Be very spaing in allowing site
notifications
at https://krebsonsecurity.com/2020/11/be-very-sparing-in-allowing-site-notifications/.





Posted by Susie at 5:04 AM No comments:
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest




SATURDAY, NOVEMBER 14, 2020


CHECK OUT THE NEW GOOGLE SCAM SPOTTER ONLINE!



With the holiday shopping season already upon us, now is a good time to remind
ourselves to be alert to online shopping scams and other ruses. 

Have you heard about Google's scam spotter website? Check it out
at https://scamspotter.org/, and be sure to take the two-minute quiz to see how
well you area at detecting a scam. 

I love this site because the most pertinent information you need to know is
presented visually, making it easy to comprehend regardless of your level of
security knowledge. In less than 10 minutes you can learn how to detect scams in
email (phishing), text messages (smishing) and phone calls (vishing). 

If you know someone who isn't security savvy or doesn't have time to devote to
becoming a security expert, please share the scamspotter.org link with that
person. This is an especially useful resource to share with your elderly loved
ones, your kids or those who may be mentally challenged. 


SAMPLE TIP FROM SCAMSPOTTER.ORG:







A NOTE TO MY READERS

This tip came from a monthly email newsletter produced by Rebecca Herold, aka
The Privacy Professor. Every newsletter is a treasure trove of privacy and
security of tips. I recommend you give it a try!

For more information, or to subscribe, visit https://www.privacyguidance.com/. 


Posted by Susie at 5:45 AM No comments:
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest




SATURDAY, OCTOBER 31, 2020


FACEBOOK COPYRIGHT INFRINGEMENT SCAMS



Once in a while my organization receives an email suggesting we are in violation
of copyright law and can expect consequences. The majority of these are fake. A
real copyright infringement letter is more likely to be sent to an
organization's legal department via U.S. mail or a proper courier.

Individual consumers have become targets of this scam. Threatening emails and
posts accusing you of copyright violation may very well be fake, so don't panic
if you receive one of these. Fear is exactly what the scammers want you to feel.
Don't fall for it.

If you receive an accusatory email, remember that scammers create phony emails
(and posts) designed to look like they are from Facebook. Sometimes these can be
quite convincing, often threatening to deactivate your Facebook account. They
may provide you a link for filing an "appeal." As always, do not click
unexpected or unknown links. 

Here is just one example:









To view sample copyright infringement scam emails and learn more about this
ruse,
see https://nakedsecurity.sophos.com/2020/10/27/facebook-copyright-violation-tries-to-get-past-2fa-dont-fall-for-it/.

If you receive bothersome messages from Facebook, consult Facebook's online help
page at https://www.facebook.com/help/199655413426788/?ref=u2u. Also, you can
forward phony Facebook emails to phish@fb.com.





Posted by Susie at 7:23 AM No comments:
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest




SATURDAY, OCTOBER 10, 2020


FBI WARNS STUDENTS ABOUT SPEAR PHISHING CAMPAIGNS TARGETING STUDENT FINANCIAL
AID ACCOUNTS




College students beware. 



On September 29, 2020, the Federal Bureau of Investigation issued a private
industry notification warning universities and students of ongoing spear
phishing attacks that have allowed thieves to successfully redirect financial
aid funds into various Green Dot* bank accounts.




These spear phishing campaigns usually coincide with periods where large volumes
of financial aid funds are disbursed, such as at the beginning of a school term,
and the attacks are expected to continue into 2021.




The phishing emails fraudulently obtain student login credentials, allowing
cyber actors to gain access to and change direct deposit information. Funds are
withdrawn and quickly transferred to accounts around the world. 




After the funds have been successfully disseminated by the financial aid
provider to the "new" bank account, the student suffers a financial loss that
results in insufficient funds to pay tuition or other student needs (i.e.,
books, housing, meal plans, etc.). 




Students, remember to never click links or open attachments in unexpected emails
without first inspecting links and validating the sender. Do not enter
credentials on a web page that you were redirected to from an email
message—especially for sensitive accounts. 




As a rule, I ignore login links sent by my bank; instead, I go straight to my
web browser to log in using the bank's known URL, not the URL provided in the
email or attachment. 




*Green Dot Corporation is an American financial technology and bank holding
company. It provides customers affordable debit accounts and offers businesses
an all-in-one platform for building banking into their brand.


Posted by Susie at 2:39 PM No comments:
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest




THURSDAY, OCTOBER 1, 2020


THIS MONTH'S MANTRA: FRIENDS DON'T LET FRIENDS GET SCAMMED!



Welcome to National Cybersecurity Month in the U.S.! This is the time of year
where cyber pros do our best to raise awareness about staying safe online. 

The best way we can get ahead of the bad guys is by paying attention, staying
alert, being skeptical of hyperlinks and attachments to emails, and sharing
information with each other.

As such, one of my favorite security outfits—Sophos, is promoting this theme:
Friends don't let friends get scammed!

If you get scammed online, report it to IC3.gov or FTC.gov. Post about it on
your social media page. Warn your friends and family and co-workers (without
sharing malicious links). If someone hacks your email, warn everyone in your
Contacts list and reset your password to a long passphrase (stored in password
manager software instead of written on a sticky note) while enabling
multi-factor authentication on the account.

Believe me, there is a lot at stake here. Pay it forward. 

For more information, see this article
(https://nakedsecurity.sophos.com/2020/10/01/becybersmart-why-friends-dont-let-friends-get-scammed/)
or listen the brief audio interview
(https://soundcloud.com/sophos-audio/friends-dont-let-friends-get-scammed). Both
offer some great advice that will protect all of us.





Posted by Susie at 1:48 PM No comments:
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest




SATURDAY, SEPTEMBER 12, 2020


DON'T CLICK THAT SCARY WEB POP-UP



While surfing the web on your computer or mobile device, if you've ever seen one
of these pop-ups, you've navigated to an unsafe web page and need to shut down
your browser and, preferably, run an antivirus scan on your device. 





If you actually call the toll-free number, you're well on your way to becoming a
victim of credit card fraud and worse, especially if you let the "Tech Support"
person on the other end of the phone remotely control your device. 

Would you let a complete stranger into your house, in the dark of night where
you can't even see his face, just because he knocks on your door and says, "your
burglar alarm has been hacked?" I didn't think so.

Even Apple devices can display these fake warnings. 





This type of ruse is called scareware. (You should google that.) I've known a
number of people fall victim to the "tech support scam," and it never ends well,
requiring some level of security clean-up afterward. 

When you receive an unexpected email or a pop-up carrying a threatening message
like this, please stop what you are doing and remember that things are not
always what they seem. Don't pick up the phone and don't click links. Shut down
the app (ALT+F4 in Windows, Command+Q on Mac). 

Security experts at Sophos recently posted an informative article about how to
spot fake web pop-ups. Take a look at one the recent examples Sophos provides,
like this one:



For more information, read the full article at
https://nakedsecurity.sophos.com/2020/09/09/fake-web-alerts-how-to-spot-and-stop-them/.
Stay on your guard. 


Posted by Susie at 10:58 AM No comments:
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest


Older Posts Home

Subscribe to: Posts (Atom)



MORE PRIVACY & SECURITY TIPS

 * Savvy Cyber Kids
 * Internet Crime Complaint Center
 * Report Fraud to the FTC
 * National Cyber Security Alliance
 * The Privacy Professor
 * The Daily Scam




SEARCH THIS BLOG











BLOG ARCHIVE

 * ▼  2021 (1)
   * ▼  August (1)
     * Windows 10 users: Beware fake Windows 11 installers

 * ►  2020 (17)
   * ►  November (2)
   * ►  October (3)
   * ►  September (2)
   * ►  August (1)
   * ►  July (1)
   * ►  June (1)
   * ►  May (2)
   * ►  April (4)
   * ►  March (1)

 * ►  2019 (8)
   * ►  October (1)
   * ►  August (1)
   * ►  July (2)
   * ►  June (1)
   * ►  May (1)
   * ►  February (1)
   * ►  January (1)

 * ►  2018 (12)
   * ►  November (2)
   * ►  October (1)
   * ►  September (2)
   * ►  June (2)
   * ►  May (1)
   * ►  April (3)
   * ►  February (1)

 * ►  2017 (12)
   * ►  June (1)
   * ►  May (3)
   * ►  April (3)
   * ►  March (3)
   * ►  February (1)
   * ►  January (1)

 * ►  2016 (34)
   * ►  December (3)
   * ►  November (3)
   * ►  October (1)
   * ►  September (3)
   * ►  August (3)
   * ►  July (5)
   * ►  June (4)
   * ►  May (2)
   * ►  April (2)
   * ►  March (3)
   * ►  February (1)
   * ►  January (4)

 * ►  2015 (25)
   * ►  December (3)
   * ►  November (4)
   * ►  October (3)
   * ►  September (2)
   * ►  August (2)
   * ►  July (3)
   * ►  June (2)
   * ►  May (6)




Theme images by TommyIX. Powered by Blogger.