Category Archives: Uncategorized

Reusing password and Password Managers

At some point we have all been guilty of this, reusing passwords on multiple sites because it is impossible to remember every password for every website we are required to log into these days!  I personally used to think having a password manager was bad, but it isn’t!!!  Password managers enable you to use features like, generating secure passwords.  It remembers them for you, so you don’t have to rely on your memory or sticky notes around your computer!  Just make sure you password manager has a secure password!!!

Troy Hunt teaches courses on Pluralsite.com and is an Australian Microsoft Regional Director and also a Microsoft Most Valuable Professional for Developer Security. (from his website!)  He’s an expert on this!!!!  He has a website called, haveibeenpawned.com and he uploads security breach information to a database and then all you have to do is put your email address in and it searches to see if you have been pwnd.  Pwnd meaning that your security credentials have be compromised.  I recommend you visit it ASAP!  You will be shocked and I guarantee you will start changing many of your passwords!!!!!  It’s a free service he provides and it’s a ton of work!!!!   I highly recommend donating money to the site.  It’s a ton of work he is doing to keep us safe. 🙂

I recommend you read his blog post about passwords and password managers.  He has listed a few that are very good.  Check the post out here.

 

Awesome YouTube Video by Troy Hunt

This video has some awesome info on why you should have complicated passwords everywhere!  A link to the article he mentions in here as well! https://www.troyhunt.com/password-reuse-credential-stuffing-and-another-1-billion-records-in-have-i-been-pwned/

Google Docs Phishing Attack-How To Protect Yourself

As many of your heard, there is a new phishing scam out there and it has to do with Google Docs.   Unless you are 100% positive that the document is in fact real, do NOT open it.   The best part of it is, an ethical hacker by the name of Eugene Pupov claims he did it by mistake.   Whether it was a mistake or not, the emails come mostly from a domain named malinator.com.    They look like this:

devious-google-phishing-attack

What does the attack do?  It asks you to grant permission to your email, and if you accept it can go through your email and and find your contacts and send it out to more people from your account.  It will look like it came from you, so be aware of any emails you may get from people you know.  If you are remotely unsure if that email you received from a person you know has a Google Doc attached to it, send them a separate email asking them if they actually sent you a document.  They may be infected and not know it!  If they are infected tell them they need to notify people!

How can you protect yourself?   Be suspicious of ANY email that looks like it could be a phishing attack.  If you are wondering what that looks like, check out my previous blog article here.   Do NOT authorize any apps to have permission to your gmail account.  Check to see what apps already have authorization to your Google account and if they don’t look like something you accepted remove access.  There is an article on how to do this on Google’s website here.   They have addressed the issue and if you think you have been affected, please click here to find out what Google advises you do to correct the issue.

 

 

 

 

 

The Anatomy of a Phishing Email

Today someone was awesome enough to send me an email to make sure that it was valid before they clicked on anything.  I cannot express to you how happy that makes me!!!  It saves me so much work!!!!   Of course, we now have Cylance as our Anti-Virus(AV for short) and that in itself has made my job so much easier!!!!  We’ve had it nearly a year and NOT 1 computer has become infected with ANYTHING!   If you are a business thinking of changing your AV product, I cannot recommend this product highly enough!!!!

First, let me break down the beginning of the email:

From: Media Player <info@flymail.cf>   <———– This is NOT an Apple address
Subject: New version of Mac Media Player available for download!

Apple and Microsoft will NEVER send you an email about this!!!!!!  They would send it to your device through an update!   Sometimes phishers will fake the email address or make it look so close to the real thing.  I’m actually surprised at how bad this email address even looks!   Even if it looks real, and you think it might be a valid email from your bank, Paypal, Amazon anything like that go to the website directly. DO NOT CLICK on the link!

Then we go into the guts of the email:   It’s a bunch of pictures with links attached to them:

2017-04-13_10-24-27

Looks fairly realistic huh?   This is actually very easy to do!!! I just did this with a screenshot!   Anyone with minimal computer experience could do this!

Now, for the most important part. If you just hover over the Download link or anywhere over the pictures, this link comes up:

2017-04-13_10-04-26.jpg

First off, this is NOT an Apple link!  The link here is to a domain named flymail.cf.   The portion of the address that is wrong is the .cf.   That is not a legitimate top level domain name, like .com, .org, gov or .edu.  To see a list of actual top level domain names, you can find it here: http://www.domainsherpa.com/top-level-domains/ .

The other portion of this link that bothers me is track-url.   Now, this leads me to believe that this link is going to track your urls (websites) that you visit.   I’m going to say that this tracking will happen through cross-site scripting.  Essentially this site will inject code into your browser that will capture your sessions on the websites you visit after this website, including your usernames and passwords!!!    

This means if you go to an unsecured website the hacker can easily capture your username and password with this code.  It’s one of the most frequently used types of hacking, it’s called session hijacking.   Later on you start to wonder why you are getting spam, or why did people just get friend requests on Facebook from me when I am already friends with them?   If you use the same password for one site, then the hacker can go to several websites and try that password and have remarkable success!

This is why you need to have different and complicated passwords for all sites you visit. There are password managers that you can use to help you with this.  Let’s face it our brain can’t remember all of our passwords and writing them on a piece of paper and saving them in your desk, or under your keyboard at work are HORRIBLE options!  I will do more research on what password managers are the safest and best to use for my next Tech Tip Thursday.

Oh yeah, and if I find your passwords written on a sticky note taped to your monitor I’m rippin’ that bad boy off and throwing it out!   

 

 

 

Technology That Can Help You Be Healthier in 2017

So it’s the new year and as usual, most people are looking to get healthier.   There are all sorts of technology-based items that can help you keep you on track!

There are lots of different food diaries, exercise diaries and the like.  I’ve looked at several almost all of them offer some sort of premium service.   So far the one food diary that I have liked the most is  My Fitness Pal.  It allows you to sync your Fitbit and TONS of other devices with it.  Many of the other diaries only sync with certain devices, which I think is a downfall.  If you pay for the premium you can customize your macro-nutrients so you can focus on certain nutrients more than others.  Recently when I was stuck at a certain weight and couldn’t seem to get it to budge I figured out the cause thanks to a Facebook group I was in.  The app will work with your activity tracker and add more calories to your daily allowance.   So, I thought I was able to eat a little more (not going wildly overboard but still under my allotted “extra” calories, and that’s what was doing it!  Turn that feature off if you get stuck at a certain weight!!!!!  My weight finally budged after that!!!

Many of you have Apple iPhones, you probably are aware of their “Health” App.   Well, it’s supposed to track your sleep, mindfulness, physical activity, nutrition, and sleep. For a more detailed idea of what it can do, there is an awesome article from How to Geek here!  It integrates best with, of course, the Apple watch.  Unless you have a ton of money to blow on that along with the fact that the new iPhone that is coming out is supposed to be over $1,000!!!!  I find it to be a giant waste of money!

The Apple Health App also integrates with My Fitness Pal for the nutrition portion of the app.  It also works with some iHealth devices.  They have a wireless blood pressure monitor that keeps track of your blood pressure so you can show your doctor.  iHealth also sells a Smart Gluco Blood Monitoring System to test your blood sugar and you can sync it with your iPhone to keep track of that.  They also sell scales.

Withings sells many devices that will sync with your phone, as we all Fitbit.  Fitbit also sells scales.  I have the Aria scale.  It syncs with my phone and tells me my body fat percentage.  Last time I got on it, my weight didn’t go down, but my body fat did.  I have been working out more lately on a new regime so I can attribute my body fat going down.  I don’t know how accurate the body fat calculator is on this scale, but in this case, it would seem to me that it’s working.  Remember a pound is still a pound whether it’s fat or muscle, they weigh the same!!!!!  Muscle just takes up less space!!!!  As shown by this picture of some props that are in my office!

CqpE8b6WcAEaCFC.jpg

Now I have a Migraine app on my phone called Migraine Buddy, it’s a pretty slick program that helps you keep track of daily headaches, possible causes, what you did to or take that helped or didn’t help AND a sleep tracker.  The sleep tracker is inaccurate.  I was annoyed by it when I realized that it was getting it from my Apple Health App.  My Fitbit sleep tracker is way more accurate.  So, I thought why can’t my Fitbit tell Apple’s Health App Sleep Tracker the correct info.  Well, apparently it’s not that simple!   It doesn’t work yet, BUT there’s an app for that!!!  It’s a $2.99 app called Sync Solver.  It manually will allow you to sync all your Fitbit data to your Apple Health App.  Now all of your info is in 1 App.   Seems a bit ridiculous, but if you are like me someone who suffers from Migraines it’s good to have a record of all of this stuff to show my doctors because if feels like a never ending battle trying to prove to them that it isn’t JUST STRESS!

So, there are lots of new devices out there to help you keep track of your health, and help you to become a happier, healthier person.

 

 

Shutting off Smart Interactivity which is spying on your TV habits on Your Vizio TV!

The FTC recently fined Vizio with a 2.2 MILLION dollar fine for not telling us that their TV’s were spying on our viewing habits.  Yikes!  I had a newer Vizio TV and a few weeks ago it notified me of a change that I had to accept.  Which after I read it I thought to myself, “Oh No You Don’t!”.   This has affected Vizio Smart TV’s that were purchased from 2011-2016.

If you don’t want Vizio spying on you, this video will show you how to shut it off.

How to Change Your Password in Windows 10 and Office365/Outlook 2013 and 2016

I know many people will pass this article up because they will think how in this day in age, can someone still not know how to do it.  Yet, this is one of my most frequently asked questions!   You are NOT alone!

In Windows 10 once you are logged in.   Hold down the keys on your keyboard labeled Ctrl and then Alt and then Delete.  That will bring you to this screen-Select Change Password.

select-change-password

This is also where you should go if you are getting up from your desk and need to lock your computer so no one else can get into your system!!!!! It’s a very important security measure!

Next selecting Change a Password will bring up this screen:

change-passsword

Make sure your password is complex!!!!!  Some complexity rules to follow are:

1.  The longer the better!  At a minimum make it 8 characters, however, it SHOULD be longer!

2.  ALWAYS include an upper case letter

3.  ALWAYS include a lower case letter.

4.  AlWAYS include at least 1 number.

5.  ALWAYS have a symbol.  Like ! or @ or $.

Once your password has been updated you will receive this screen.  Make sure your password is something you can remember.  PLEASE do NOT put it on a sticky note and then put the sticky note on your monitor or under your keyboard that is the FIRST place people look.  If you must write it down keep it in a LOCKED drawer at all times!

Now Outlook will need the password updated if you are using Office365.  This is the fastest way to change it.

Open Outlook, then look for the Send and Receive Tab.

where-to-change-your-password-in-outlook

There is an icon on the ribbon with a key on it.  Underneath it says Type Exchange Password and Connect.   If for some reason your aren’t getting emails or calendar updates look at the bottom right-hand side of your screen and see if there is a key icon with the words Need Password.   When you select the Type Exchange Password and Connect it will bring this screen up:

prompt-to-change-outlook-password

Type in your password in the box that says password.  Select Remember my credentials box otherwise, it will constantly ask you for your password!!!!!!!    Then select OK and you are set there.

If you have Skype and you are logged into it.  You will need to update your password there as well and the pop up looks identical to this one except it says Skype.   As shown below:skypepasswordchange

If you use the sales program for Pipeliner you will also need to update your password there as well!!!!

 

Blue Screen of Death

So, anyone running a Windows machine is all too familiar with the Blue Screen of Death or BSOD!  I didn’t realize it was possible to make the error codes even more useless, but Microsoft did it, in Windows 10!

This morning my computer blue screened on me.  It gave me a QR code to scan. I got excited thinking, “Wow, maybe it will take me to the link to fix it?!!!!!”

Nope, this is what it did.  I scanned the QR code on my phone and the image to the right is what information it gave me.

less-helpful

Use OneNote to Keep Track of Your Receipts!

Have you ever put a work receipt in a “safe place” and then forgot where that “safe place” was?   Been there, done that!    Microsoft OneNote allows you to keep track of your receipts.   The best way to do this is within Office365 this way your phone syncs with your online OneNote!

I will be showing you how to do this with an iPhone today.  It works even better with a Windows Phone, but it’s pretty spiffy on the iPhone as well!

The best place to start is OneNote in Office365 on your computer.  You’ll need to create a new section in an existing notebook or create a new notebook and make sure it is syncing to your OneDrive.   Open up OneNote on your computer it looks like this:

one-note-receipts-5

To create a new notebook you can find instructions here, which includes instructions on how to hook it up to your OneDrive.

To create a new tabbed section in an existing notebook, simply click on the + sign on one of the tabs.  It will open a new tab and you will be able to name it.  I named my Receipts.

one-note-receipts-1

So now you will want to make sure it syncs up with your OneNote on your OneDrive.  This way you will be able to access it on your phone using your Office365 account.  Go to the name of your notebook, and right click on it.  These options will show up.  Click on Sync This Notebook Now.   If you are unsure if this is syncing to your OneDrive, select Notebook Sync Status.

onenotesynctoonedrive

When you open Notebook Sync Status, you have the option to Sync automatically whenever there are changes ( I recommend this one), or you can sync it manually.

one-note-receipts-4

If don’t see your notebook in here you can add it.  Exit out of this screen and go back to the notebook.  Right click on the notebook, and bring up the menu, and select properties which is highlighted in pink here.

onenotesyncchange

When you open up the properties of the notebook this screen will pop up. Where it says Change Location, if it isn’t set up to your OneDrive, select Change Location and find your OneDrive on your system, and have it save there and then it will sync up for you.  It will then be accessible by your phone.

onenotesyncnotebooktoonedrive

It should then show up in your list of notebooks to sync and you should set it to automatically sync when there are changes.

After you have the receipts tab set up and your notebook syncing with your OneDrive you can now go to your phone.  This works with iPhones, Windows and Android phones.  I’ll be showing you on an iPhone.  Open up OneNote on your phone.   It will probably ask you to sign in.  Make sure you sign in with the account that is syncing with your OneNote/OneDrive on your computer.

one-note-receipts-6

When you open up OneNote on your phone make sure you are in the Notebook you created the Receipts Tab.   Click on the Receipts tab.

 

one-note-receipts-7

Click on the + button and it will give you options on what you can do, one option is to take a picture.  Select the camera icon and take a picture of your receipt.  Once you have a nice clean picture of your receipt, select the ellipse at the top right hand corner.

one-note-receipts-8

It will bring up some options.  Select Sync Now.

one-note-receipts-9

Now open OneNote on your computer and make sure it is synced up.  There should now be a receipt in your Receipts notebook!

one-note-receipts-10

 

One amusing question, do you see what the arrow is pointing at on the receipt?   Why do I need a Bathroom Code???   Should I be afraid?

Do you need to turn this into Accounting?  Easy Peasy! Click on the email this page icon.

emailonenotepage

 

This will bring up Outlook and you can email it to your Accounting Department!   Now you have one place to keep all your receipts!

 

%d bloggers like this: