Scam of the day – March 14, 2017 – Email phishing scam

As I have mentioned many times before, email phishing scams start when you receive an email that purports to be sent from your email server informing you that there is some problem with your account which requires you to click on a link in order to remedy the problem.  Many times the email purports to come from your specific provider; sometimes from a provider you do not even use.   Today’s phishing email scam, however, is generic in that it doesn’t even indicate the name of your email server.

Here is a copy of an email that is presently finding its way into many people’s email boxes.  This is a phishing scam.  DO NOT CLICK ON THE LINK.  Clicking on the link will result in either your downloading a keystroke logging malware program that will steal all of the information from your computer such as your Social Security number, credit card numbers and banking information that will then be used to make you a victim of identity theft or when you click on the link you will be prompted to provide personal information that will also be used to make you a victim of identity theft.

“Your mailbox has exceeded the storage limit 1 GB, which is defined by the administrator, you are running at 99.8 gigabytes, you can not send or receive new messages until you re-validate your mailbox.
To renew the mailbox,

Click Here
WARNING! Protect your privacy. Logout when you are done and completely exit your browser.”

Some phishing emails are better than others and this one was not very convincing.  The email address from which it was sent was not from an email provider.  Instead, the address of someone whose email had been hacked and made a part of a botnet of computers used by identity thieves to send out their phishing emails was used  In addition, this email is not directed to you by name.    As with many of these scams that often originate in foreign countries where English is a second language, the grammar is suspect as where in the email commas are used improperly.

TIPS

The most important thing to remember is to never click on links in emails or download attachments unless you are absolutely sure that they are legitimate.  In this particular case, it is easy to see that it is a scam.  Additionally, you should make sure that your anti-malware and anti-virus software are installed and up to date with the latest security updates while remembering that you cannot totally rely on your security software to protect you because it generally takes about thirty days from the discovery of new malware for the security software companies to come up with new patches and updates.

Scam of the day – February 22, 2017 – Latest security updates from the Department of Homeland Security

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  These new updates from the Department of Homeland Security includes critical updates for Adobe software including Adobe Flash.

I have been warning you for years about flaws in Adobe Flash that have been exploited by hackers and identity thieves against individuals, companies and government agencies including the U.S. State Department and the White House.  Problems with Adobe Flash are nothing new.  In 2010 Steve Jobs vociferously complained about its security and it has routinely been cited as being extremely vulnerable.  Despite security patch after security patch, new problems keep coming up.  According to security company, Symantec 80% of the newly discovered software vulnerabilities which can be exploited by malware created by cybercriminals involved Adobe Flash.

TIPS

Here are the links to a list of all of the recent security updates as posted by the Department of Homeland Security:

https://www.us-cert.gov/ncas/bulletins/SB17-051

Some alternative plugins you may wish to consider to replace Adobe Flash include  GNU Gnash, and Silverlight.

Silverlight can be downloaded free directly from the Microsoft at this link: https://www.microsoft.com/silverlight/ while GNU Gnash can be downloaded free at this link: http://www.gnu.org/software/gnash/

Scam of the day – February 9, 2017 – Latest software security updates from the Department of Homeland Security

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  These new updates from the Department of Homeland Security includes a critical update for WordPress which is the program used by many people to create websites.

TIPS

It is helpful, whenever possible to choose the option to have your computer, smartphone and other devices automatically install security updates when they become available.

Here are the links to the recent security update as posted by the Department of Homeland Security:

https://www.us-cert.gov/ncas/bulletins/SB17-037

Scam of the day – December 6, 2016 – Latest security updates from the Department of Homeland Security

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  These new updates from the Department of Homeland Security includes critical updates to the Android system used by millions of smartphones.

TIPS

Here are the links to a list of all of the recent security updates as posted by the Department of Homeland Security: https://www.us-cert.gov/ncas/bulletins/SB16-340

Scam of the day – November 22, 2016 – Latest security updates from the Department of Homeland Security

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  These new updates from the Department of Homeland Security include updates for Windows 10, Microsoft Edge, Norton, Symantec and Mozilla Firefox as well as the what seems like a monthly security update to patch newly discovered vulnerabilities in Adobe Flash.

TIPS

Here are the links to  lists of all of the recent security updates as posted by the Department of Homeland Security:

https://www.us-cert.gov/ncas/bulletins/SB16-319

https://www.us-cert.gov/ncas/bulletins/SB16-326

https://www.us-cert.gov/ncas/current-activity/2016/11/18/Symantec-Releases-Security-Updates

https://www.us-cert.gov/ncas/current-activity/2016/11/15/Mozilla-Releases-Security-Updates

Scam of the day – November 5, 2016 – Latest security updates from the Department of Homeland Security

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  These new updates from the Department of Homeland Security include critical new updates from Adobe about which I wrote a few days ago as well as important newly released security updates from Apple for its operating system and Google Chrome.  The Adobe patch is related to vulnerabilities recently exploited by Russian hackers.

TIPS

Here are the links to  lists of all of the recent security updates as posted by the Department of Homeland Security: https://www.us-cert.gov/ncas/bulletins/SB16-305 and https://www.us-cert.gov/ncas/current-activity/2016/10/31/Apple-Release-Security-Update-iOS and https://www.us-cert.gov/ncas/current-activity/2016/11/02/Google-Releases-Security-Updates-Chrome

Scam of the day – June 29, 2016 – Latest security updates from the Department of Homeland Security

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.

TIPS

Here is the link to a list of all of the recent security updates as posted by the Department of Homeland Security: https://www.us-cert.gov/ncas/bulletins/SB16-179

Here is a link to recent Apple security updates: https://www.us-cert.gov/ncas/current-activity/2016/06/21/Apple-Releases-Security-Update

Here is a link to a recent update for Mozilla Firefox: https://www.us-cert.gov/ncas/current-activity/2016/06/07/Mozilla-Releases-Security-Updates

Scam of the day – April 16, 2016 – Apple ends support for QuickTime for Windows

I am always advising you to update the software that you use with the latest security patches and updates because cybercriminals exploit newly discovered vulnerabilities in the software programs that we all use to deliver malware such as ransomware and keystroke logging malware that can steal the information from your computer and use it to make you a victim of identity theft.  Too often, criminals are successful in using malware against which there are already issued security patches, but that many people fail to install in a timely fashion.  It is for this reason that I am constantly providing you with the latest security updates as issued by the Department of Homeland Security.

However, sometimes when it becomes just too difficult to plug the holes in particular software, the software maker will abandon the particular software and not issue any further updates.  This was the case with the Windows XP operating system.  Continuing to use that system puts you in significant danger of being hacked.  Now, Apple has announced that it will no longer produce security updates for its QuickTime media player which handles video, audio and interactive content.  This is a major announcement and if Apple is abandoning QuickTime, so should you.

TIPS

The risk of continued use of QuickTime is too great.  Not only should you cease to use it, you should also uninstall it.  Here is a link to Apple’s instructions for uninstalling QuickTime.  https://support.apple.com/en-us/HT205771

Here also is a link to the announcement by the Department of Homeland Security about Apple ending its support for QuickTime for Windows.  https://www.us-cert.gov/ncas/alerts/TA16-105A

Also, in keeping with my advice to update your computer software programs with the latest patches as soon as they become available, here are links from the Department of Homeland Security to important updates for  Microsoft software and Google Chrome.

https://www.us-cert.gov/ncas/current-activity/2016/04/12/Microsoft-Releases-April-2016-Security-Bulletin

https://www.us-cert.gov/ncas/current-activity/2016/04/13/Google-Releases-Security-Update-Chrome

Scam of the day – March 23, 2016 – Latest software security updates from the Department of Homeland Security

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  Today’s updates include critical updates for Google Chrome, Mozilla Firefox, Apple and Adobe Flash.

TIPS

Here are the links to the latest security updates and patches from the Department of Homeland Security:  https://www.us-cert.gov/ncas/bulletins/SB16-081 and https://www.us-cert.gov/ncas/current-activity/2016/03/21/Apple-Releases-Multiple-Security-Updates

Scam of the day – July 14, 2015 – More Adobe Flash problems and other security patches

As I wrote about previously, the recent hacking of the spyware company Hacking Team has exposed two new serious Adobe Flash vulnerabilities  that are already being exploited by hackers and identity thieves.  Anyone who uses Adobe Flash is in danger.  With its history of its vulnerabilities having been exploited by hackers for years, now may be a good time for people to consider disabling Adobe Flash and using other video software programs.  Some alternatives include LightSpark, Unity Web Player, GNU Gnash, and Silverlight.  Silverlight can be downloaded directly from the Microsoft website.

Below I will provide you with the latest security advisory from Adobe Flash although it should be emphasized that as I write today’s Scam of the Day there are no security patches yet available for the latest two discovered vulnerabilities in Adobe Flash.  However, there are security patches available for other problems with Adobe Flash that you should install if you are still using this program.  Also below you will find a link to the latest security update from the Department of Homeland Security with many critical security patches.

TIPS

Here is the link to the latest security advisory from Adobe:  https://www.us-cert.gov/ncas/current-activity/2015/07/11/Adobe-Flash-ActionScript-3-opaqueBackground-Use-After-Free

Here is the link to the latest security update alert from the Department of Homeland Security:  https://www.us-cert.gov/ncas/bulletins/SB15-194