This video has some awesome info on why you should have complicated passwords everywhere! A link to the article he mentions in here as well! https://www.troyhunt.com/password-reuse-credential-stuffing-and-another-1-billion-records-in-have-i-been-pwned/
Today someone was awesome enough to send me an email to make sure that it was valid before they clicked on anything. I cannot express to you how happy that makes me!!! It saves me so much work!!!! Of course, we now have Cylance as our Anti-Virus(AV for short) and that in itself has made my job so much easier!!!! We’ve had it nearly a year and NOT 1 computer has become infected with ANYTHING! If you are a business thinking of changing your AV product, I cannot recommend this product highly enough!!!!
First, let me break down the beginning of the email:
From: Media Player <firstname.lastname@example.org> <———– This is NOT an Apple address
Subject: New version of Mac Media Player available for download!
Apple and Microsoft will NEVER send you an email about this!!!!!! They would send it to your device through an update! Sometimes phishers will fake the email address or make it look so close to the real thing. I’m actually surprised at how bad this email address even looks! Even if it looks real, and you think it might be a valid email from your bank, Paypal, Amazon anything like that go to the website directly. DO NOT CLICK on the link!
Then we go into the guts of the email: It’s a bunch of pictures with links attached to them:
Looks fairly realistic huh? This is actually very easy to do!!! I just did this with a screenshot! Anyone with minimal computer experience could do this!
Now, for the most important part. If you just hover over the Download link or anywhere over the pictures, this link comes up:
First off, this is NOT an Apple link! The link here is to a domain named flymail.cf. The portion of the address that is wrong is the .cf. That is not a legitimate top level domain name, like .com, .org, gov or .edu. To see a list of actual top level domain names, you can find it here: http://www.domainsherpa.com/top-level-domains/ .
The other portion of this link that bothers me is track-url. Now, this leads me to believe that this link is going to track your urls (websites) that you visit. I’m going to say that this tracking will happen through cross-site scripting. Essentially this site will inject code into your browser that will capture your sessions on the websites you visit after this website, including your usernames and passwords!!!
This means if you go to an unsecured website the hacker can easily capture your username and password with this code. It’s one of the most frequently used types of hacking, it’s called session hijacking. Later on you start to wonder why you are getting spam, or why did people just get friend requests on Facebook from me when I am already friends with them? If you use the same password for one site, then the hacker can go to several websites and try that password and have remarkable success!
This is why you need to have different and complicated passwords for all sites you visit. There are password managers that you can use to help you with this. Let’s face it our brain can’t remember all of our passwords and writing them on a piece of paper and saving them in your desk, or under your keyboard at work are HORRIBLE options! I will do more research on what password managers are the safest and best to use for my next Tech Tip Thursday.
Oh yeah, and if I find your passwords written on a sticky note taped to your monitor I’m rippin’ that bad boy off and throwing it out!
I know many people will pass this article up because they will think how in this day in age, can someone still not know how to do it. Yet, this is one of my most frequently asked questions! You are NOT alone!
In Windows 10 once you are logged in. Hold down the keys on your keyboard labeled Ctrl and then Alt and then Delete. That will bring you to this screen-Select Change Password.
This is also where you should go if you are getting up from your desk and need to lock your computer so no one else can get into your system!!!!! It’s a very important security measure!
Next selecting Change a Password will bring up this screen:
Make sure your password is complex!!!!! Some complexity rules to follow are:
1. The longer the better! At a minimum make it 8 characters, however, it SHOULD be longer!
It’s time to change your email account if you are with Yahoo! Not sure if you have a Yahoo Account, well according to Brian Krebs you could very well have a Yahoo account and not realize it. Brian Krebs is THE Cyber Crime specialist!
“For example, British telecom giant BT uses Yahoo for their customer email, as did/do SBCGlobal, AT&T and BellSouth. Also, Verizon.net email addresses were serviced by Yahoo until AOL took over. Up in Canada, Rogers customers may also have Yahoo email addresses. I’m sure there are plenty of others I’m missing, but you get the point: Your Yahoo account may not include the word “yahoo” at all in the address” Brian Krebs
First, you MUST go in and change your password and make it complicated!!!!!!!! Turn on Two Factor Authentication! Then go in and change your security questions!!!! Turn on If you don’t know what those are Graham Cluley another security expert, did a broadcast explaining a lot of this. You can watch it here: https://www.grahamcluley.com/yahoo-hack-billion-reasons-change-email-account/.
First go in and change your password in Yahoo! Here’s how: Login to your Yahoo mail. Go to the Settings button on the far right-hand side of the screen and click on it. A pop up menu will show up. Select Account Info. As shown below:
That will bring you to this screen:
Select Recent Activity on the left-hand side of the screen. Where it is highlighted, select See something suspicious, then click Change Your Password. It will bring up a pop-up screen and ask you to change it. Make it complicated!!!!!!! Then click okay.
Now you want to turn on Two-Factor Authentication
Where it says Two-Step verification, make sure you move the button to green to turn it on. At the top it will have a phone number. Make it a cell phone number that accepts text messages. Once you do that Yahoo will send you a text message with an authentication code and a pop up will show up on your screen and ask you to enter it. Enter that number in.
Now, for some odd reason, Yahoo feels it’s necessary to email all this info to your Yahoo account. Please go into your inbox delete ALL those emails!!!!! Then empty your Trash!!!!! If someone can get into your account they can get all that info from your new emails! Argh!!!!!
You’ll want to check your Recent Activity see what other programs are using your Yahoo information, like iOS, Android, yada yada. Pick any that don’t look familiar and remove their access!!!!!! See below! Now mine has ShuttleCloud in it. This is what is going to allow me to migrate my info to Gmail. So, I’m leaving it right now.
So, now go in and delete any emails you got from your banks, other places you have accounts any place of importance and delete them and empty your Trash. Go update all of your super important accounts to your new Gmail account, or whatever account you are going to use. In my instance, I already had a Gmail account and I’m just going back to it!
Create a new Gmail account. To migrate your data do the following:
Login to your Gmail account. On the far right-hand side of the screen select the gear button and hit the drop down menu. That will bring up this screen and select Settings
That will bring up this screen. Select the Accounts and Import link. Go down to where it says Import mail and Contacts.
That will bring up this pop-up menu. Enter your Yahoo account name, and it will probably ask you for your password. Enter the NEW password. Then click Continue.
This screen will pop-up, then select Continue. Then your emails and contacts will go in and migrate. It can take up to 48 hours to work.
Send emails to all of your important contacts telling them of your new address. Make sure you delete all emails in your sent items folder and once again empty your Trash. Give it about 10-20 days to make sure you didn’t miss anything , if you can make it less! Also make sure you Gmail account does NOT have the same password as your new Yahoo password that you just changed! Then delete your Yahoo account, and here’s how you do it. https://www.grahamcluley.com/deactivate-yahoo-account/
Have you ever put a work receipt in a “safe place” and then forgot where that “safe place” was? Been there, done that! Microsoft OneNote allows you to keep track of your receipts. The best way to do this is within Office365 this way your phone syncs with your online OneNote!
I will be showing you how to do this with an iPhone today. It works even better with a Windows Phone, but it’s pretty spiffy on the iPhone as well!
The best place to start is OneNote in Office365 on your computer. You’ll need to create a new section in an existing notebook or create a new notebook and make sure it is syncing to your OneDrive. Open up OneNote on your computer it looks like this:
To create a new notebook you can find instructions here, which includes instructions on how to hook it up to your OneDrive.
To create a new tabbed section in an existing notebook, simply click on the + sign on one of the tabs. It will open a new tab and you will be able to name it. I named my Receipts.
So now you will want to make sure it syncs up with your OneNote on your OneDrive. This way you will be able to access it on your phone using your Office365 account. Go to the name of your notebook, and right click on it. These options will show up. Click on Sync This Notebook Now. If you are unsure if this is syncing to your OneDrive, select Notebook Sync Status.
When you open Notebook Sync Status, you have the option to Sync automatically whenever there are changes ( I recommend this one), or you can sync it manually.
If don’t see your notebook in here you can add it. Exit out of this screen and go back to the notebook. Right click on the notebook, and bring up the menu, and select properties which is highlighted in pink here.
When you open up the properties of the notebook this screen will pop up. Where it says Change Location, if it isn’t set up to your OneDrive, select Change Location and find your OneDrive on your system, and have it save there and then it will sync up for you. It will then be accessible by your phone.
It should then show up in your list of notebooks to sync and you should set it to automatically sync when there are changes.
After you have the receipts tab set up and your notebook syncing with your OneDrive you can now go to your phone. This works with iPhones, Windows and Android phones. I’ll be showing you on an iPhone. Open up OneNote on your phone. It will probably ask you to sign in. Make sure you sign in with the account that is syncing with your OneNote/OneDrive on your computer.
When you open up OneNote on your phone make sure you are in the Notebook you created the Receipts Tab. Click on the Receipts tab.
Click on the + button and it will give you options on what you can do, one option is to take a picture. Select the camera icon and take a picture of your receipt. Once you have a nice clean picture of your receipt, select the ellipse at the top right hand corner.
It will bring up some options. Select Sync Now.
Now open OneNote on your computer and make sure it is synced up. There should now be a receipt in your Receipts notebook!
One amusing question, do you see what the arrow is pointing at on the receipt? Why do I need a Bathroom Code??? Should I be afraid?
Do you need to turn this into Accounting? Easy Peasy! Click on the email this page icon.
This will bring up Outlook and you can email it to your Accounting Department! Now you have one place to keep all your receipts!