Malvertising: Not All Browser-Based Security Warnings are Legit

This is NOT a real Security Warning; It is an Ad!

If this suddenly popped up while you were browsing, would you think it is legit?

Several days in a row, I have had the Bradenton Herald open in another tab, reached by following a link to read an article. By the time I switched over to the tab, I actually had to use the "Back" button to read the article.

Folks, this is just an ad in disguise. DO NOT be fooled and click on the actual link. This is why so many of us surf using ad-blockers. And in fact, my ad-blocker is being re-enabled on this site, as I am sick of scam ads interupting my news reading.

I do not even use McAfee or recommend it to others. I am not sure if clicking the link would actually bring you to a legit security product. More likely, it would lead to malware, the exact opposite of software that protects your PC.

Do NOT fall for this adware scam!

Data Breaches: What Do They Mean For You?

How to Safeguard our Information
in a World of Security Breaches

What Can We Do when Our Data Gets Out?

Yesterday, all of the tech publications were warning of another major data breach.  Another popular Facebook App exposed users' personal data, and this time, over 120 million users were possibly affected.    Who was careless with our data this time? Nametests.com, a site Techlaurels warned users about over a year ago.

In a nutshell, Nametests had this hole where if you knew the right JavaScript commands, you could potentially access any users' personal information.  A website could exploit this, or any individual who knew how to grab and use a "token."  The "good guy" who discovered this used the flaw to set up a data mining program and subsequently reported the bug to Facebook. The security hole was supposedly closed.

And of course Nametests wanted that hole closed as soon as it was discovered. Who is going to buy a candy bar if there is a bowl sitting next to the register that says "Yours for the taking."  Or to borrow from an old cliche, if you're in the business of selling cows, you don't want to be giving the milk away for free.

Facebook Changes to Better Protect your Personal Data

Facebook Outlines Plans to Restrict Data Mining Through Facebook

Facebook is Making Changes in an Attempt
to Restrict Data Mining through their Platform

Bonus: How to Tell if Cambridge Analytica Has Your Information

By now, everyone has heard about  the Facebook Data Mining Scandal.  Third-party apps have been mining our Facebook data for years now, and Facebook made it very easy for them to do so.  When the extent of what was being shared became public, users were incensed and started leaving the platform in droves. #DeleteFacebook began trending on Twitter.  To prevent becoming the next "MySpace," Facebook promised to make changes to prevent apps from mining your data so freely.  These changes will start rolling out today.

What Types of Data were Apps Collecting Before?

Part of what makes Facebook so popular is the amount of third-party content and the ease of sharing. Anyone can create a "Facebook Page," invite followers, embed apps, and invite users to like and share.  When a user interacts with page content in any way, that page can access personal data related to that user.  In addition, anyone can create a Facebook App, independent of any Facebook Page.  Popular apps include quizzes, profile picture frames, games, and sweepstakes.  

To help developers create content and apps, Facebook provides many developer APIs.  API stands for Application Programming Interface, and it is basically a set of tools that make it easier for third-parties to develop apps and content that work with Facebook.  Facebook provides several APIs, including ones for groups, pages, events, search, and games.  They also offer the Facebook Login API, which makes it easy for users to create accounts on third-party sites without having another username and password to remember.  

Disconnect Your Facebook Apps to Protect Your Personal Data

Facebook Apps May Treat Your Personal Information Like a Commodity

Remove Facebook App Connections to Protect Your Personal Data

We are still reeling from the fallout of the Cambridge Analytica scandal.  Cambridge Analytica purchased data from Facebook App Developers, and then they used it to try to influence us politically.  If you are interested in reading more about the hows and the whys of this breech, please see our previous post, The Facebook Kerfuffle and What it Means For You, as well as all of our previous articles on privacy and protecting your data.  Your data was compromised because you trusted the wrong apps with it.

Now you are aware of why the data miners are creating all of these apps, it is time to disconnect them so that they will no longer have access to your personal information or the contents of your Facebook Profile.  Removing apps used to be quite a tedious process, so many of us just ignored it or put it off, until our Facebook Account was cloned, a rogue app started posting on our behalf, or friends started complaining of receiving messages we never sent.  Thankfully, in response to this catastrophe, Facebook has streamlined the process of app removal, making it much easier. They have also made it easier to see just what kinds of permissions the apps request, as well as to selectively remove permissions. Today, we're going to look at how to do this.  We'll guide you through finding your connected apps, purging those you no longer use or recognize, and examining the permissions the remaining apps require.

The Facebook Kerfuffle and What it Means For You

The Facebook Data Scandal and What it Means for You and Your Personal Information

How to Protect Your Facebook Information,
and How To Download Your Facebook Data

For the last week or so, Facebook and its data-sharing tendencies have been in the news.  "Delete Facebook" campaigns are proliferating the Web, and a lot of folks are wondering what really happened and how worried they need to be.  Today, we're going to look at the Facebook controversy, discuss how users were actually complicit in this breech, and talk a little about the ramifications. We'll also look at how to protect yourself in the future, as well as explain how you can download a copy of your Facebook profile so you can understand what the data miners really obtained.

What Happened with Facebook and My Personal Information?

In a nutshell, an individual created a rogue quiz app.  This particular quiz was a Personality Test, and of course, it encouraged you to both share your results and to invite friends to take the quiz.  Almost immediately after launching, over 10,000 Facebook users had taken the test.  After it went viral, over 270,000 people downloaded the quiz app, and even more used the web-based version.  Folks ignored the app's permission requirements, and willingly gave the app permission to access their information, as well as that of their friends.  Soon, the quiz had harvested the Facebook data of over half a million users.  Many of these folks had never accessed the quiz personally, but rather had their data mined through a "friend" giving the app permission to basically take what it wanted.

The Quiz Creator then sold all the information he had collected to a data mining firm. That firm repackaged the data and sold it to Cambridge Analytics.  Cambridge Analytics then used the data to profile people politically, and to "reach out" to folks in order to manipulate their thoughts during the last election.

E-Mail Deactivation Scams

No, Your E-Mail Account Is NOT About to be Closed

Account Closure E-Mails are Another Form of Phishing

 

Account Deactivation E-Mails

Have you received an e-mail stating your ISP is going to deactivate your e-mail account? Did you panic?  Well, you can relax, as these "Account Closure" e-mails are just another form of phishing, and they can safely be junked.

To review, phishing is a form of spam. in which the bad guys try to steal your personal information by impersonating someone trustworthy.  We've talked about phishing many times in the past.  The Bad Guys use sophisticated tactics to try to separate you from your personal information, often so they can impersonate you and/or steal your identity.  E-mails threatening to close your e-mail account if you do not click on a link are no different.

Delivery Notification Scams

Holiday Shopping Season Brings Out
the Delivery Notification Scammers

Do NOT Get Phished by a Bogus Delivery Notice

Black Friday and Cyber Monday set online ordering records this year.  US shoppers spent over $1.59 billion on Cyber Monday alone. Millions of online orders were placed during the past week. And of course, that means millions of packages will be delivered by UPS, USPS, and FedEx. That also means these companies will be sending out millions of delivery notification e-mails.  But does that mean all of these delivery notices are legit? Of course not. 

The scammers do not discriminate. They pretend to be from UPS, The Us Postal Service (USPS), FedEx, and even DHL.  They may claim to need more information from you in order to deliver a package, or they may claim to hold tracking information.  They may claim there is postage due, and you need to click on a link to arrange payment. They may use official looking graphics, or they may be sent in plain text.  And they may or may not be caught by a junk mail filter.

These scams are so ubiquitous that FedEx, USPS, UPS, and even DHL warn against them on their own websites.   UPS offers an 83 page PDF with examples of fraudulent e-mails.  Today, we're going to look at some of these bogus e-mails, so we can learn what to look out for and avoid getting scammed.

Black Friday: Don't Get Scammed

The Biggest Shopping Weekend Brings Out the Scammers

Shop Safely and Avoid the Cyber Shopping Scams

Black Friday, Cyber Monday, and basically the whole Thanksgiving Weekend are some of the biggest shopping days on the planet.  Almost every cyberstore has some kind of special, and our Inboxes and Social Media Feeds are full of discounted offers.  And although there are many legitimate sales, there are just as many scammers looking to rip you off on this big shopping weekend.  Don't be a fool, and look out for the Black Friday Shopping Scams.  Here are a few of the more popular ways to separate honest folks from their hard earned money.

Bogus Order Confirmations

Bogus order confirmations are a form of spear phishing. Scammers send hundreds of fake order confirmations, hoping you will click through to cancel an order.  Basically, the scammer steals official looking logos and graphics from a major retailer, then uses them in an order confirmation purporting to be from that retailer.  These phishing attacks multiply on Black Friday, as many folks are placing online orders during that time.  The e-mail may spoof Best Buy, Amazon, Ebay, Target, WalMart, Costco, etc.  If you click through the fake e-mail, you will be taken to a cloned log-in site.  The scammers are hoping to steal your shopping log-ins, so they can go on a shopping spree with your money, and even lock you out of your own account.

Mail that Should NOT Be Opened

Not All E-Mail Should Be Opened

Avoid Malware by Avoiding Malicious E-Mail

The longer you have had an e-mail address, the more probability you'll receive spam. If you read any of our series on The Privacy Implications of Internet Quizzes, you know that there are many unscrupulous folks out there, eager to harvest your information. Facebook like scams, phony giveaways, and the like are all set up with the express purpose of harvesting your e-mail address. Once harvested, those addresses are often sold. That results in spam.

By definition, Spam means unsolicited commercial e-mail. It is usually sent to a large number of recipients.  It has come to connote scams and shams. It is actually illegal. The US passed the CAN-SPAM Act in 2003, regulating commercial e-mail. But the Bad Guys are not known for following the laws.  Legitimate companies always include opt-out information in order to comply with the law. Spammers use it to their advantage, often including links that look like legitimate opt-out links, but that only lead to malicious content. Additionally, unsubscribing from a SPAM e-mail only confirms to the bad guy that you read your e-mails, making your address even more valuable.


Now much spam is actually harmless. By harmless, I mean it's just attempting to sell you something. That something is probably counterfeit, if it even exists to begin with. More spam actually tries to cause harm to you or your equipment. That spam is not as harmless. It may plant malware on your computer. It may try to steal your credentials, so the crooks can steal your money and/or pose as you and ruin your reputation.

Today's post is going to focus on e-mail you should not open. ALL of this mail landed in my inbox within the last week. Some of these were correctly filtered by my spam filter; others landed in my inbox, and I had to manually mark them as junk. All e-mails have been converted to screenshots, due to their malicious content. (Remember, you can click on the images to open them larger, in an "overlay.")

How Well Do You Know Keyboard Shortcuts? A Quiz and a Review

How Well Do You Know Keyboard Shortcuts?
Take Our Quiz to Find Out!

Keyboard Shortcuts Presented in Quiz Format,

And More on QuizRevolution as a Resource

Usually, Friday posts are Quick Tips.  Today's post is really a Quick Tips post, wrapped up in a Quiz.

This post was originally going to be "A List of Useful Keyboard Shortcuts." However, if you've been following this blog, you'll know we are in the middle of a series on Internet Quizzes and the related privacy issues.  As a part of this series, we have been exploring GOOD quiz sites, both from a user standpoint and from a marketing standpoint.

So today's list of keyboard shortcuts is presented in a quiz format. It's a fill-in -the-blank type quiz, with the answers presented after each question.There are 20 different Keyboard Shortcuts in the quiz.

Instead of writing a boring list of useful keyboard shortcuts, I dumped the list into a quiz.  Hope you enjoy playing and learning at the same time!

More information about QuizRevolution.com, the site on which this quiz is hosted, follows the quiz. If you are interested in blogging, marketing, and those types of aspects, keep reading after the quiz.  If you're just interested in keyboard shortcuts, take our quiz and learn while you play.

(Click "read more" for quiz and review.)

Quiz: What Type of Tech User Are You?

Are you a Power User or a Cyber Sucker?  

Take Our Quiz to Find Out

Are you a Power User, a Cyber Sucker, or something in between? Take this quiz to find out what type of user you are, and learn a little about internet safety in the process.

http://quizrevolution.com/ch/a251633

---

---

If you have any trouble viewing or completing this quiz, please visit:  http://quizrevolution.com/ch/a251633 to take the quiz at Quiz Revolution itself. 

You may receive a warning about "Mixed content" if you are viewing techlaurels.com vis https.  This is because blogger uses https: protocol, but Quiz Revolution does not. You will not need to give ANY personal information to take the quiz, so the https: protocol is not necessary.

If your browser is set to block mixed content, you may need to visit http://quizrevolution.com/ch/a251633 to take the quiz.  Clicking this link will open the quiz at Quiz Revolution's website, in a new tab or window.

---

Is it Safe to Take This Quiz?

This quiz is a part of our series on Privacy Issues and Internet Quizzes.  In previous posts, we have discussed the potential dangers of participating in these things, as well as some of the sites to avoid.

Tip: Convert That Old Computer to a Safer Internet Machine

Pre Windows 7 Machines are NOT SAFE for Surfing the Internet

Neverware's Cloud Ready is a Safer Alternative

If there's anything the recent ransomware attacks proved, older computers are just NOT the best choice for surfing the Internet.  Both Microsoft and Apple pushed users to upgrade their Operating Systems, due to security vulnerabilities that were currently being exploited.  Folks running Windows 10, and those who keep their Windows 7 systems updated had no worries.  The ransomware could NOT attack their systems.  However those running Windows XP and/or Vista were extremely vulnerable.  In fact, most viruses are designed to attack older operating systems and those that are not kept patched.

However, most older systems are unable to handle Windows 10.  Many users are stuck with 7, XP, or even (shudder) Vista, as their budgets do not allow for new machines.  Many people have older systems lying around they'd like to re-purpose for children or as spares.  Do you have to abandon all hopes of surfing safely with an older machine?  Heck no!  Neverware is here with a solution. It can convert that old computer into a much safer, Internet Machine.  Neverware will help you convert that dangerous old laptop into a Chromebook.