Tips for Mac users

Do the bad guys have your password?

tvalleau

Here’s the bad news: YES, the badguys already have your email, and any number of your passwords. There’s a good chance they also have your Social Security number, your home address, your phone and other stuff.  

How you ask? Well, it’s very unlikely that YOU have been hacked, and extremely likely that they got all that info off some site you used it on (which they hacked.) Literally billions and billions of such tidbits can easily be purchased on the dark web for a few bucks.

What are the odds they have at least some of your info? Probably about 70%. Don’t think you’re magically immune – you are not.

If you got an email from yourself (!) to your email address, including your first name, and an old password – congratulations: your info is for sale.

Not sure how many of you folks know about this site, but it’s certainly worth visiting, and signing up for. It will tell you if your email address(es) have been made public, and what info was released in the hack.

https://haveibeenpwned.com

Somewhile back, I signed up for their email notifications (free) and and finally got one. This time the hack included passwords.

Fortunately, instead of using the site (above) one at a time, 1Password will go thru your entire collection of passwords for you, and tell you quickly which of them  have been compromised. (It’s in a section of 1Password called Watch Tower, which you must turn on in their prefs.)

Previously phishing attacks were full of misspellings and bad grammar, and simple obvious tricks (“Please click here and provide your name and password.”)

These days, some attacks are so sophisticated that you’ll swear that it’s legit. It’s a minefield out there.

So: get and use 1Password, or at least visit the HaveIBeenPwned website.

Next:  NEVER open an attachment without verifying it.

DO look at the sending and/or return address. If you get an email from Apple, but the return address is AppleStuff@rosyredcrooks.com, you know it’s fake.

These are only obvious, and not remotely a -complete- list of things to look for.

Never click on ANY link in -any- suspicious email. If you get a suspicious email from Bank of America, and you want to see if it’s legit, use your OWN bookmark in your brower, not the link in the email.

Finally, never click on a spam email’s “unsubscribe me” link! You’re merely confirming to them that your email address is good.

Be safe out there!

 

Tracy

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top