security

Phishing Quiz with Google

If you’ve heard a talk about computer privacy or security, you’ve probably heard the admonition “Don’t click on a link in an email unless you’re sure of what it’s linking to.” (or some variant thereof). Jigsaw, a subsidiary of Alphabet (Google’s parent company) has put together a quiz to illustrate what that looks like and how to do it. There are eight samples, so it doesn’t take long.

You can access the quiz here <https://phishingquiz.withgoogle.com>

This page is safe and the quiz results go nowhere beyond your computer. The quiz requires you to make up a user name and an email address (they don’t leave your computer and you can use anything you like. It’s just used to make the test emails more realistic.)

When taking the quiz, hover your mouse (or finger, if on a tablet or phone) over the link to see the actual link address. Then try to decide if the email and its included link is a fake (phishing email) or real.

Give it a try. You will probably learn something about what to look for. It can be tricky if you aren’t paying close attention. I didn’t get them all right the first time I tried it. It also illustrates how deceptive fake phishing emails can be.

Ward Stanke

Find My iPhone

If you've misplaced your iPhone or iPad, you might want to verify that you can locate it by following the instructions below -- which have been graciously provided by Small Dog Electronics. Even if you haven't lost it, you can still do a test. I just confirmed that I could find my iPhone remotely, even though it is sitting by my side. And every time I logged into iCloud my iPhone would 'ding' with a message that someone was logging into my iCloud account.

Jim Hamm

You can use Find My iPhone to find your device, take additional actions to help you recover it, and keep your information safe.

  • Sign in to icloud.com/find on a Mac or PC, or use the Find My iPhone app on another iPhone, iPad, or iPod touch.

  • Find your device. Open Find My iPhone, and select a device to view its location on a map. If the device is nearby, you can have it play a sound to help you or someone nearby find it.

  • Turn on Lost Mode. Using Lost Mode, you can remotely lock your device with a passcode, display a custom message with your phone number on your missing device’s Lock screen, and keep track of your device’s location. If you added credit, debit, or prepaid cards to Apple Pay, the ability to make payments using Apple Pay on the device is suspended when you put your device in Lost Mode.

  • Erase your device. To prevent anyone else from accessing the data on your missing device, you can erase it remotely. When you erase your device, all of your information (including credit, debit, or prepaid cards for Apple Pay) is deleted from the device, and you won’t be able to find it using Find My iPhone. After you erase a device, you can’t track it. If you remove the device from your account after you erase it, Activation Lock will be turned off. This allows another person to turn on and use your device. This really works, I have tested it!

Find My iPhone is one of the handiest safety features of Apple devices. While some other cell phones have a similar feature, none are as complete or as useful as Apple’s Find My iPhone!

Adware Doctor in Mac App Store Warning

Adware Doctor, a Top Seller on the Mac App Store, Was Grabbing User’s Web History.

https://www.howtogeek.com/fyi/adware-doctor-a-top-seller-on-the-mac-app-store-was-grabbing-users-web-history/

The Mac App Store is supposed to be a safe way to download software, but a prominent malware scanner sold there until recently was grabbing users’ browsing history.

The application, called Adware Doctor, was a top grossing app on the store. It also wiggled its way around the macOS sandbox restrictions to grab personal information. Patrick Wardle, writing for Objective-See, broke down how this all works, so check that out for all the details.

Frank Croft



USB Restricted Mode

iOS 11.4.1 update brought a new feature called USB Restricted Mode. What is this, you might ask? In a word -- security. Apple is trying to improve the security of your iOS device from being broken into by  hackers. It's a bit of a convoluted story, so to better understand what this is all about, here are two articles to read:

https://tidbits.com/2018/08/06/usb-restricted-mode-can-block-ios-device-charging/

https://www.theverge.com/2018/7/9/17549538/apple-ios-11-4-1-blocks-police-passcode-cracking-tools

Apparently some people haven't been able to charge their iOS device if it's been over 60 minutes since it was unlocked. I haven't noticed any charging problem, but in case you have, the articles explain what's going on.

The FBI, for example, would like for Apple to leave a 'backdoor' into iPhones so the FBI could view what a suspect's iPhone had been used for. So far Apple has refused to do this. If there's a 'backdoor' available, a hacker will eventually find it, and all iPhones will be at risk -- not just the one the FBI might want to get into. Arguments can be made for both sides of the issue, I guess. But I'm with Apple on this one.

Jim Hamm

Defender for Chrome

If you use the Chrome Browser and would like a little extra protection when you're on the internet, you can download and use Microsoft's Window Defender as a plugin for Chrome. This plugin will work on a PC or Mac. The Defender program is an integral part of the Windows OS, and has been improving over time in its effectiveness in catching malware. The following article explains more about what protection it offers: 

https://betanews.com/2018/04/18/mac-users-you-can-now-add-windows-defender-browser-protection-to-google-chrome/

'm trying it out and so far haven't received any malware alerts. Even though the program does 'call' home to compare a URL you might be getting ready to click with a known list of malware, this checking doesn't seem to slow down the browsing any. So I'll keep on using it nd maybe it will help protect me one day. I downloaded it from the Chrome web store here..

Jim Hamm

Mac Malware Getting Serious

While some of our members do not have anti-virus software to protect their Macs, below is a link to an article that identifies the increase in threats on the Mac, and what to do about those threats. While the article has been sponsored by an AV software company, that does not reduce the threat. This can provide more information, and let you take the necessary steps to reduce the threat if they feel the need.

Frank Croft

https://www.macworld.com/article/3253252/macs/mac-malware-getting-serious-security-no-longer-optional.html?idg_eid=1b312b3c0065bf5e76ab46a3564f0441&email_SHA1_lc=9ff332797cb2efd63c49060f6dada67f462d8c64&cid=mw_nlt_mw_macweek_html_2018-02-07&utm_source=Sailthru&utm_medium=email&utm_campaign=MacWeek 2018-02-07&utm_term=mw_macweek_html

Internet Security

At a computer club meeting a few days ago we were discussing how to stay safe on the internet, receiving emails, etc. Of course there are AV and malware programs one can run, which help, but it was the consensus opinion that the biggest deterrent to getting a virus or malware is us and common sense.

One of the items discussed was the use of shortened URL links, and how they possibly could contain malware, or direct one to a malicious website. It's possible for one's email address to be hijacked and emails sent out under your name and which contain a malicious link. For example, you might receive something like this: "take a look at oogle news here". Although it says "Google News" you don't know where clicking that shortened URL will take you. Before clicking it you should put the cursor on the link and at the bottom of the screen it will show you where the link actually goes.

Another approach is to simply use almost the full URL like this: https://news.google.com/news/

ctually, here is the full URL: https://news.google.com/news/?ned=us&hl=en  ne can simply delete all the verbage starting with the ? mark and to the right. This will simplify a long URL.

Just something to think about if you receive emails with shortened URLs. And be cautious of what you click, either on a website on in an email.

Jim Hamm

App Security Protection

If you use Facebook, Twitter or Google apps, here is an article you may want to read about improving your security. There is a section discussing how to do a security checkup, which I found interesting. Out of curiosity, I clicked the Google checkup and, voila!, I was surprised at the info on me that came up.

Remember, Google knows everything and never forgets. Time for you to do your security checkup.

Jim Hamm

Security for a Smart Home

If you have, say, a smart home and several smart devices lying around, perhaps you have read of the possible hacking of your home or devices.  If you are concerned and would like additional security protection, here's an article reviewing three security devices: CUJO, Dojo and Keezel.

If you're really, really geeky, here is another article with a review of one of the devices: CUJO. 

After reading both articles I've concluded I want none of the devices. I don't have a smart home, and I'll protect my computers and smart devices another way.

Jim Hamm

Security and the Internet of Things

Should you have an interest in reading it, here is a somewhat-lengthy blog discussing the security aspects of hackers being able to access so many electronic devices via the internet, and the security danger therein.

He likens many devices as to really being a computer with just another function -- like a Nest thermostat or an Amazon Echo, for example -- and easily controlled remotely -- by you or a hacker.

As he mentions, we -- collectively -- have left security to the market place, for better or worse. We all get security updates and patches to our computers, tablets and smartphones. All with the intent to improve security. But how about all the other electronic devices we own? How often, if ever, is a security update given to those devices, or the software program contained therein? Never?

Jim Hamm

The Ultimate Comparison of Nearly Every VPN on the Market

If a VPN might be in your future, here is an article that may/may not be of help. I found all the data to be a bit confusing, and to be more useful the headings need to be repeated every 5 lines or so in order for one to know what he/she is looking at in all the details. When on a public wifi network I do use a VPN. This way, I don't have to worry about someone 'listening' in on my wifi transmissions.

Jim Hamm

http://www.makeuseof.com/tag/the-ultimate-comparison-of-nearly-every-vpn-on-the-market/

Avast Presentation

Recently a gentleman gave a presentation at a PC Club in Prescott on installing the Avast Antivirus program. Although the presentation was oriented for PCs, most of his presentation applies to Macs as well. For your possible interest, I've included a link to his presentation. As a side note (and I've mentioned this previously), I use the free Avast AV program on my Mac and PC, and have done so for many years. For a free AV program, I think it is a fine program.  Read about it here . Jim Hamm

AntiVirus Test Results

Following is an article describing the results of an independent lab testing various AV programs and recently publishing the results. You can see the rankings and comments for both Mac and Windows AV programs. I'm a believer in using an AV program -- just in case.

Jim Hamm

http://askbobrankin.com/security_antivirus_test_results.html?awt_l=GztAF&awt_m=JlQDVMzh5eP6SL