Scam of the day – February 27, 2016 – Dangers of public Wi-Fi

Recently, USA Today journalist Steven Petrow wrote about his using in-flight Wi-Fi to send emails while flying on an American Airlines flight. Upon landing, Petrow was approached by one of the other passengers who informed him that during the flight he had hacked into Petrow’s laptop as he had done to other passengers as well.  The hacker proved his assertion by recounting to Petrow the contents of the emails he sent and received. The lesson here is one that too many of us forget, namely that public Wi-Fi is not secure.  However, with some precautions it can be made safer.


Whatever electronic device you are using to connect to a Wi-Fi network, whether it is a computer, laptop, tablet or smartphone should be equipped with security software.  In addition, you should have encryption software so that your communications are encoded.  You also should go to your settings and turn off sharing.  In addition, you should make sure that your firewall is current and turned on.  Finally, and perhaps most importantly, you should consider using a Virtual Private Network (VPN) which enables you to send your communications through a separate and secure private network even while you are on a public network.  A good VPN that you can use for free is CyberGhost which you can get by clicking on this link.

Scam of the day – July 30, 2014 – European Central bank hacked and extorted

The European Central Bank has announced that hackers had hacked into its computers and stole information about people who had registered for some bank events which included news conferences.  Many of the people whose information was stolen were journalists who attended bank events including news conferences.  The information stolen included names, email addresses and telephone numbers.  Shortly after the information was stolen, the bank received an extortion email demanding money and threatening to release the information if the hackers were not paid.  It is important to note that although the hacking was of the European Central Bank which has much confidential and sensitive information within its computers, the hacking was from a public website of the bank that is not connected to the bank’s computers and data banks of sensitive information.  The hacking is, however, embarrassing for an institution that prides itself on its security.


This incident is another reminder that your personal information is only as safe as the places with the weakest security that hold your information.   As much as you can, you should limit the information you provide companies and governmental agencies.  It is also important to note that when apparently innocuous information such as this is compromised it makes those people affected more vulnerable to spear phishing which occurs when you receive a phony email that is directed to you personally and appears to come from a trusted source with which you have done business.  It is for this reason that I advise people never to click on links in emails or download attachments from emails unless you are absolutely sure that they are legitimate.  Too often the email that appears legitimate may actually be coming from an identity thief who has personal information about you and who may put malware into these links and attachments.

Scam of the day – June 7, 2014 – Latest iPhone scam

Recently many iPhone users have found that their Find My iPhone anti-theft feature had been accessed and used to lock the screen.  The victims then received a ransom demand of $100 by the hacker in order to unlock the screen.  However, this scam does not end there.  Other scammers are sending out emails posing as Apple and informing you about the problem with iPhones being remotely locked and prompting you for your username, password and other information under the guise of helping you to defend yourself from the threat of a remote locking of your iPhone.  The problem is that this email is a phishing email sent by a scammer who is merely trying to use this ruse to obtain your information to be able to take over your Apple account.


If you were unlucky enough to have had your iPhone hijacked, you can correct the problem yourself through a “hard” reset.  Here is a link to instructions from Verizon as to how to do a hard reset:

As for dealing with the phishing emails that purport to be from Apple, my advice is the same as it always is.  Never provide information that can be used against you in response to an email, text message or telephone call from someone where you have not initiated the communication.  If you receive any such message and have the slightest thought that it might be legitimate, contact the company or person at an email address or phone number that you know is accurate to confirm whether or not the communication you received is a counterfeit phishing communication.  Making an email look legitimate is very easy to do, so trust me, you can’t trust anyone when it comes to communications asking you for personal information

Scam of the day – November 5, 2013 – Email hacking

Two close friends of mine had their email accounts hacked this week and they are not alone by any means.  Email hacking is a common occurrence and it can represent a serious security threat or a benign inconvenience, however, in either event, it is important to act promptly to remedy the situation. Sometimes your email is hacked and used as part of a botnet, which is a zombie network of computers used by scammers to send out spam.  Other times, however, when you are hacked, malware is installed on your computer without your becoming aware of it. One particularly troublesome type of malware is keystroke logging malware that can steal all of the information from your computer and make you a victim of identity theft.  Often you only become aware that you have been hacked when someone on your email list informs you that that you have received an email that appears to have been sent by you, but is strange and arouses suspicion.


Here are some tips for what to do if you have been hacked.  For more detailed information, check out my book “50 Ways to Protect Your Identity in a Digital Age.”  You can order it by clicking on the link on the right hand side of this page.

1.  Change your password on your email account.  If you use the same password for other accounts, you should change those as well.

2.  Change your security question.  I often suggest that people use a nonsensical security question because the information could not be guessed or gathered online. For instance, you may want the question to be “What is your favorite color?” with the answer being “seven.”

3.  Report the hacking to your email provider.

4.  Contact people on your email list and let them know you have been hacked and not to click on links in emails that may appear to come from you.

5.  Scan your computer thoroughly with an up to date anti-virus and anti-malware program.  This is important because the hacker may have tried to install a keystroke logging malware program that can steal all of the information from your computer.

6.  Review the settings on your email, particularly make sure that your email is not being forwarded somewhere.

7.  Get a free copy of your credit report.  You can get your free credit reports from  Some other sites promise free credit reports, but sign you up for other services that you probably don’t want or need.

8.  Consider putting a credit freeze on your credit report.  You can find information about credit freezes on my blog



Scam of the day – November 5, 2012 – Free iPad mini scam

Scammers always take advantage of whatever is new and exciting in the news so it is not a surprise that scams surrounding the introduction by Apple of the new iPad mini are being used to steal money from unwary victims.  You may receive a message on your Facebook page that you have been chosen to receive a free iPad mini.  All you need to do is click on a link that leads you to a “Request for Permission” page on Facebook.  Unfortunately, if you give permission, you won’t get a free iPad mini, but will succeed in downloading an app that will enable the scammer to use your Facebook account to send out more phony messages to all of your friends who are likely to trust the message because it appears to come from you.  If they, in turn, click on the link provided to them to get a free iPad mini, they will end up either providing information that will be used to make them victims of identity theft or unwittingly, they will download a keystroke logging malware program that can steal the information from their computers such as passwords, credit card numbers and Social Security numbers.


As I always say, “Trust me, you can’t trust anyone.”  No one is giving out free iPad minis and why should you have been selected when you never even entered a contest?  If it looks too good to be true, it generally is.  Don’t trust messages on your Facebook page or in your email that contain links.  You can never be sure when you first see such a message that it is indeed from your friend instead of a hacker nor can you be sure that even if the message is from your friend that your friend is not unknowingly passing on malware or a scam.  Never click on a link until you have confirmed it is legitimate.  If you do manage to install a malicious app, remove the message from your timeline, revoke the app’s publishing rights and report the scam to Facebook and make sure that you have revoked access to your Facebook account.

Scam of the day – July 18, 2012 – Lost USB sticks

Curiosity killed the cat and it can also invade your computer and result in a scammer getting access to your computer through malware such as a keystroke logging program that can read and steal all of the information stored on your computer, such as your Social Security number, credit card numbers and passwords.  It can lead to you becoming a victim of identity theft.  What scammers and identity thieves have been doing recently is leaving USB sticks in parking lots of companies that they wish to hack, hoping that people who work there will see the USB sticks and then curious about what is on them, put them into their computers at work and, without thinking, download the malicious software.


Never put a USB stick into your computer that you are not absolutely sure is clean.  The risk is too great.  Let the cat live.