We live in a wonderful world, an amazing time with infinite possibilities. Writers have more power than ever before in the whole of human history. Many of us are explorers in a New World, charting unknown territories in a realm with no boundaries. The Digital World has no limits, because its genesis is human imagination and human art, which also has no limits. What the mind can believe, technology can achieve.
Every new territory comes with the splendors never seen, the resources never tapped, the powers never before harnessed. All of this is wonderful, but I wish all art was beautiful. All art is human and all art has intent, but some intent is, well, evil. Some art qualifies as a dark art. Its intent is to steal, to create havoc, to harm.
They are called con artists for good reason.
I don’t understand these individuals, and I suppose the nature of evil is for the psychologists and theologians to debate. I can’t explain why there are those in this world who will hurt people they’ve never met or steal with no concern to what devastation they might create. But, these crooks are there, they are a real threat, and I’m here today to help you guard against attacks.
Hey, I may be a Lamb, but I’m no sheep 😉
Not only am I going to offer tools to keep you as safe as possible, but I am also going to give ways we can look out for each other and for those who might not know better. There are digital sheep, digital wolves, but today I want to train you guys to be digital sheepdogs. We aren’t passive, but we are protective and we are on guard to protect those around us.
Mom, I’m happy you’re on FB, but please stop talking to the “nice man from the bank in Nigeria.”
Hackers and Phishers Use Emotion
One common tactic used by hackers and phishers, is they seek to get us upset. If they can scare us or momentarily panic us, we are far more likely to part with sensitive information without thinking.
This past Friday, I received an automated phone call from Sprint. The computer asked for me to press 1 if I was the person with the Sprint account ending in blah blah blah. The computer voice gave a number (supposedly the ending 4 digits on my account number), but how many of us are running around with our account numbers memorized? Most of us aren’t and the bad guys are counting on that. They bluff.
So then the computer tells me that some recent changes have been made to my account and that this call was to verify that I was the one who made the changes.
See how they want to get me upset?
They want me to think Oh no! Someone has hacked my account! I need to get to the bottom of this RIGHT NOW!
The next question the computerized voice asked was the red flag. It wanted me to punch in the billing zip code for the credit card my phone bill was registered under so they could verify I was the holder of the account and help me get the problems sorted.
Yeah, uh no.
Companies Will NOT Call YOU and Ask for What They Already Know
If I’d had any doubts this was a hacker before, all doubts evaporated. Any time a company you do business with calls you, they will NEVER ask for sensitive information that they can call up with a few keystrokes. Yes, they will ask for it when we call them because they are verifying we are not phishers.
BUT, if MasterCard or American Express or Sprint or AT&T CALLS YOU, they will already have that information and will never ask for it. If they do, hang up and CALL THEM to make sure who you are talking to.
Alert Those in the Know
This is what I did. I hung up, called Sprint and asked if recent changes had been made. Of course, there hadn’t been. So at this point I gave the folks at Sprint the phone number where I received the call and turned the problem over to them. Someone might have already hacked their accounts. They needed to make sure no one had breached their firewalls, and that, if there had been a breach, that it was contained and sealed and the threat eliminated.
I was being a sheepdog. Sheep either get eaten by wolves (hand over account information) or they go back to munching grass (playing Farmville). Digital sheepdogs go alert those in charge that wolves are sniffing the perimeter.
Sprint might have been fine and this was just a random attack. Ah, but if Chinese spies can hack into the major oil companies and defense companies, there is no reason that programming cannot be easily adapted as malware that could have infected Sprint. Sprint (or any company) can’t fight the problem until they know there is a problem.
If someone is a suspected bot on Twitter, we should block and report them. If they try to phish our account, we need to report them. If we get odd e-mails that seem like phishing on Facebook, we must report it.
Digital Wolves WILL Wear Digital Sheep Clothing
So thieves will try to upset you. This will get you to react and hand over sensitive information. One of the ways they can get this reaction is by posing as an authority. For instance, I had this pop up on my Facebook:
Now, 99% of the time I am multitasking and have a toddler trying to scale the back of my head like the Matterhorn. Do you see how EASY it would be to catch me off guard and hack my account? Looks official…but look closer.
See how they tried to embarrass and upset me? These creeps know that most of us are good and decent and follow the rules. We were the kids who would have cried if we were threatened with a visit to the Principal. These trolls use what is good an noble about us to attack us. They will use our respect for authority against us if we let them.
I have also had a pop up appear when I went to get on Tweet Deck. The pop up from “Tweet Deck Security” was there to inform me me that my account had been suspended for suspicious spamming activity, but that they were sure it was all a misunderstanding. If I just typed in my password, they would make sure everything was sorted and my account would be unlocked.
I closed the window, logged out and logged back in. My account was fine. This was an attack.
If They Can’t Bait You with Bosses, They’ll Bait You with Buddies
Another common ploy is to come disguised as our “friends.”
friend phisher will send a DM (direct message) about rumors about you or a nasty review or wild pictures and a link. The hacker is disguised as a fellow member of the herd. Baaaahhhhhh. Someone is saying baaaaaad things about you.
“I’m your friend so I am discreetly telling you so you can go tell them what for.”
No, they are a hacker, and, if you hit that link, your computer is toast. Malware will be all over you like fleas on sheep.
If you get a DM like this, be a sheepdog. Look out for your peeps. Tell them you are getting strange messages and alert them to change their passwords (Something more than seven digits with a number is a good choice). DM them back, but even if you can’t? No one will mind a, “Hey, I tried to DM you but I can’t. You might want to change your password. Getting weird DMs from you.”
This Also Applies to E-Mail
If you get an e-mail from a friend and there is only a link, DO NOT CLICK. If they write a message that seems out of character, DO NOT CLICK. REPLY ALL and alert everyone on the e-mail that this is likely a phisher and tell the sender to change her password immediately. Put in the subject line Re: THIS IS A PHISHER!!! DO NOT CLICK THE LINK!!!
Either the sender will come back and verify he really did send just a link; it was for a dancing squirrel and he hit “send” before he typed a message OR he can change his password and keep hackers from getting in any deeper.
If a friend e-mails for help because she is stranded (and you are unsure if this is really the person), feel free to e-mail back and tell the friend to call you. Since you are friends, then she should have your number.
DO NOT Forward on Cutesy E-Mails
Ever get those messages with a picture of an angel and you have to send to 25 friends in the next ten minutes if you want a miracle…but if you don’t forward the message the note promises that you will be hit with some form of bad luck? DO NOT PASS THESE ON. Hackers use these types of messages to get a hold of addresses.
How else could that cousin in Uganda who wants to will you a million dollars find you?
If you do get some really cute story in your e-mail and you REALLY want to pass it on, just copy and paste into a new e-mail. Hackers already don’t work for a living, why make their life on Easy Street easy?
Play Games at Your own Risk
There are all kinds of games on Facebook. We can join causes or keep up with high school peeps, but often it requires granting permission to an application to have access to our information. Not all of this is nefarious, since if I am an application that wants to connect alumni, I need that information.
But these applications are gateways for hackers and phishers, too. I don’t play games like Farmville for that reason (frankly, it’s also because I don’t have time). But any of those games are a risk, so be alert and don’t just grant access to anyone. I rarely join ANYTHING that wants access to my account information, even if it will make life easier.
We have to do the cost-benefit analysis. Sure we can have fun, or an ease of access….but we can also grant fun and ease of access to thieves.
Don’t Use Tweet Validation Services and DO NOT FOLLOW People Who do
I don’t like any service that directs people to an outside page. Anything that directs us off Twitter is vulnerable and can be hijacked. We could be redirected to a copycat site that is there to capture information.
We don’t need validation services. It is not THAT hard to unfollow bots. If someone follows us then they spam us, it takes two clicks to report and block them.
If I follow someone and I get A DM that I need to click a link to prove I’m a real person? I move on. That is a good way to get hacked. And, since I don’t like people making me vulnerable to attack, I just make it my policy to not open any of YOU to attack.
It’s being a good TweepDog.
So to sum up:
1. Never give information to any unconfirmed source.
2. If a message upsets you, calm down before giving any information. Thieves want us reactive. Remain CALM AND PROACTIVE.
3. Never click on any outside link. Ignore validation services. There are plenty of people who won’t make you jump through hoops and open you up to viruses who will befriend you.
4. USB drives are classic tools for getting malware through a firewall. If you don’t trust where a drive came from, don’t insert it into your computer.
5. Always report any attempts to gain access to your information or accounts.
6. Keep an eye out for friends, family and members of your network. Alert them if it seems their account has been compromised.
7. Do NOT use any outside validation services. This opens those in your network to hackers.
Social media is, above all else, SOCIAL. It is far easier to relax and have a good time if we aren’t having our bank accounts emptied. Remember, they call those people con artists for a reason. They will be cunning, clever and quick…but we can be educated and work together.
Please post this blog to your networks, send it to friends and family so they know how to stay safer. The more educated we all are, the safer we are. Together we are stronger.
Have you ever been hacked or phished? What did you do? How did it make you feel? I know I don’t know everything, so what are some tips YOU guys would recommend? I know there are some computer geniuses in my following. Help us out. What are some more ways we can stay safe? How can we better look out for one another?
I LOVE hearing from you!
And to prove it and show my love, for the month of April, everyone who leaves a comment I will put your name in a hat. If you comment and link back to my blog on your blog, you get your name in the hat twice. If you leave a comment, and link back to my blog, and mention my book We Are Not Alone in your blog…you get your name in the hat THREE times. What do you win? The unvarnished truth from yours truly.
I will pick a winner every week for a critique of your first five pages. At the end of April I will pick a winner for the grand prize. A free critique from me on the first 15 pages of your novel. Good luck!
I also hope you pick up copies of my best-selling books We Are Not Alone–The Writer’s Guide to Social Media and Are You There, Blog? It’s Me, Writer . And both are recommended by the hottest agents and biggest authors in the biz. My methods teach you how to make building your author platform FUN. Build a platform and still have time left to write great books.
To be prepared is half the victory…thanks for the info.
This is a keeper! I did have something happen last year. I got an email, supposedly from my cousin, that he was stranded in (some godforsaken place on the other side of the world). His wallet and passport had been stolen, his luggage lost…you get the picture. When I read that, my heart started pounding and my mind began to race. Finally, I realized he had two adult children, a wife, four brother’s in law, so why was he e-mailing me for money? So, I called him, and he was sitting safely in his office at the university in Arkansas where he taught. Sure enough, someone had hacked into his yahoo mail account and had sent that e-mail to all on my cousins mailing list.
I’ve sent your post to my family and friends!
Thanks for taking the time to write and share it!
P.S. My son is now 23 and I loved your picture of “a toddler trying to scale the back of my head like the Matterhorn.” Those were the days! 🙂
Got nailed once. My bank caught the payment and notified me. Changed cards and walked away wiser. I still get at least five spam that tell me they’re holding thousands of dollars for me if I’ll only answer the spam. If you have the slightest doubt about a message, don’t answer and check with your credit card company. A little waiting on hold listening to elevator music is a small price to pay.
Thanks so much for such a comprehensive post! I’ve been already following most of the advice you give, but it never hurts to be reminded of what we should be careful about.
Just yesterday I got an e-mail purportedly from the Post Office (return address was even usps.com) saying that a package I sent was stuck in Kansas, and that they would charge me $14.95 per day to hold it (aha! Trying to get me to panic!) and that I had to open the attached mailing label, print it out, and take it to the Post Office.
Yeah. Never gonna happen. The real USPS.com has a warning on their main site – the gist being DO NOT OPEN – and a phone number/e-mail contact if you want to report it. Apparently people are being targeted by phone and e-mail both.
Thanks for the post. While I no longer have a toddler on my head, I’m still a sleep-deprived mom and easily distra– argh! Dishes! Phone! Work! –cted
I got caught once early on. While they didn’t get access to anything, the spam email I received tripled because they had ahold of my email address. Highly annoying, but it could have been so much worse and it made me smarter. This is a hugely important topic for anyone who spends time online.
oh dear, I’ve done almost every thing that you ‘ve mentioned, I need to change my Twitter password for sure. Thanks for warnings , I feel so naive ))
Well, I’ve learned a lot of this by doing the wrong stuff so it’s all good. Good people are probably more prone since we don’t think like thieves.
I got a letter asking me for information in the mail before too. What I did when this happened, I went to the Post Office and reported it. If you ever get a scam in the mail, be sure to report it as a scam in the mail is a federal offence. Remember too the old adage if it sound too good to be true, it probably is.
Thanks for letting me know not to answer any more of those “verifications that I am a real person.” I read above where a woman got an email from the USPS. I answered one of those once and got a trojan. Cost me $75 to remove. That certainly won’t happen again with me!
Great advice! Thanks, Kristen. Going to spread the word.
Just last week I had flashing lights with an alert from microsoft – alert! alert! We have found an attack, our system has been compromised. I ALMOST clicked on the help button because I was busy, busy. But instead went to the IT wizards who live in my house and had them come and have a look at it. ‘It’s an attack’ said wizard one. ‘Yep’ said wizard two, ‘and why didn’t your security system stop it?’
So two hours later and a new protection system, we had to delete everything and everywhere this horrible little worm had burrowed into – files and all sorts of nasties. So if you ever get alert, alert you’ve been compromised, close it down and take it to someone who can help. I’ve still no idea what I clicked on that let it in, but now I’m a lot more careful. I suspect it came from something on tweetdeck but I could be wrong. Be careful from emails from twitter too because they’re spam along with DM’s from people you don’t know. DO NOT OPEN THE LINKS.
Good points to remember. Also be careful of hitting ‘Cancel’ or the X on pop up alerts. Some crafty little scammers are tying the trojan download into those scripts as well. Best best is to go to Task Manager (if working on a PC) and close out the program or the process (IE Explorer). Then upgrade your security and thoroughly scan your computer with more than 2 programs (I use Avast and Malware).
On the phone scam side, one poor wight tried the grandparent scheme, only he reached me instead of the targeted senior citizens. (heh, heh) I let him go through his begging spiel (“Don’t tell my mom!”) and then informed him that, since I loved him so much, I was A. Telling his mom, his siblings and every family member to the eighth degree so he never lived it down and B. Letting him sit in a Third World jail for a few days to completely grasp the stupidity of his infraction.
Huh. Guess he didn’t appreciate the tough love approach.
Wow! Good advice about not hitting the x! My fiance is a computer geek; his computer is his livelihood! He gives my computer a check-up just about every time he’s over at my house. I’ll pass this advice (which he probably already knows) on to him, anyway.
Whoops! I was typing along on a comment when — ZAP! — I lost it! Anyway, I’ve received a few of those spam emails about “threesome communities” and offering me “mass and bulk” (which is really halfway funny — or not (?) — since they don’t know I’m a woman. Shoot, I’m trying to lose what “mass and bulk” I have! :-))
Boss at my day job frequently falls for phishing scams. It’s easy enough to determine whether an email is from a genuine source–just look at the email address it was sending to/from–or whether the links in the email are genuine–just hover your mouse over them, and outlook helpfully shows you the address on the link even if it’s embedded in the email’s text. In the past his computer has been riddled with viruses because he often clicks on these links. Other times, he forwards the emails to me asking why we didn’t get the UPS delivery or why our Verizon bill is suddenly in the thousands of dollars. I can’t help but laugh. Thank goodness our IT manager stays on his toes! 🙂
Yikes, you have to be so vigilent. Glad you didn’t get zoinked. I fell for one once on Twitter and since then really on guard. More recently I’ve had a few DMs saying look at this picture of you and there’s a link. Baaa! Not happening.
Wonderfully said, Kristen 🙂
I’ve never been hacked, but, with the exception of the Facebook scam I’ve run into everything you listed. Had to send over a dozen of the Twitter DM’s you mentioned in the past year – it happens.
Perhaps, by nature, I’m suspicious of others intent, but hey, a little paranoia is not a bad thing when it comes to the net. Back in the 90’s when I was on AOL 2.5 to 4.0, we used to say “safe surfing required a full body condom to avoid the social diseases,” i.e. hackers and phishers.
Which brings up a point – many of those deep in the con game have been around for longer then most of us. They have tried and tested their methods against thousands of targets and as with any craft, refined it with experience. Always take your hand off your mouse when something shown above appears or when anything that seems written to elicit a response comes across your screen. Be calm – think rationally, not emotionally – take protective measures and never click any link you can’t reasonably guarantee is safe. It will save your hard drive and everything on it.
One other piece of advice – a contingency plan. Get a couple of USB drives or an external hard drive you only connect for backup and then keep disconnected from your main system, whatever works best, and back up your files. Hard drives die, with or without hackers, and without a reliable backup such an event will knock you from the net age to the stone age. I’ve been there – four comps in my hall closet to prove I earned this advice – but now I can replace my system in an hour or two with almost no data lost. Backups are worth twice their weight in gold.
Stay safe by thinking safe – plan how to handle events in advance and your mind will be ready when the moment comes. Peace 🙂
Although I wish I had actually entered a contest and legitimately won a new iPad, I hadn’t. I deleted the message and went on my merry way. Then this reminder about thinking of others showed up in my inbox. Oops. I have now, belatedly, informed AT&T of the phishing text message.
You pretty much covered all the threats we need to be aware of. So glad you did this post. Gene Lempp’s advice is good, too. Back up, back up, back up–just in case.
Wow! Thanks for the valuable post, Kristen! The first time I got a virus was from an AOL message that I’d been “kissed”. Newbie that I was, with my very first computer, I walked right into that one.
Recently, after getting hooked up with a new security system, I got a piece of email that looked like it was from the Arlington Police. Older and warier, by now, I alerted the APD and am glad I did.
Many friends have supposedly sent links that, when I opened them, turned out to be Viagra ads.
You name it, I’ve already seen it, so I know what you mean. Thanks for the warning!
This is such a wonderful bunch of info. Some I have experienced before, but several were new to me, and I thank you for the heads-up!
Someone hacked my Hotmail account several years ago and sent out emails to everyone saying that I was in London, been robbed and needed money. People who knew me, knew I was almost eight months pregnant and no where near flying out of country. We couldn’t get back into my account, we notified Hotmail, my husband “jammed” the password and froze the account. We never did hear back from Hotmail. I had to open up a new email account and change all the passwords on all my other accounts like Paypal, Amazon, etc, because, silly me, I had one password for everything. You know, to make life easier. I’m a nobody right, so why would people want access into my accounts. Nope. So another tip would be, don’t use the same password for all of your accounts 🙂
Thanks for this post. It is crucial to know these thing. I will pass it on.
Even savvy folk fall for new and improved evilness. If a message makes one feel ‘ooky’ in the gut then don’t touch it…period.
Reblogged this on Unrestrained Fancy and commented:
Anyone involved in social networking should read this informative post by Kristen Lamb. The author of “We Are Not Alone- The Writer’s Guide To Social Media” and “Are You There Blog? It’s Me, Writer.” shares some great tips for keeping the internet wolves at bay. Lots of folks out there would love to hack your computer and steal your private info to use as their own. Kristen shares some of the latest internet scams that anyone with an email, Facebook or Twitter account should be aware of.
Great warnings and examples. I’ve experienced most of them, but fortunately have not clicked on any of the links. I got a new one just recently. I received an e-mail which said something like, “Hi Richard. I’m so excited I found you. It’s me, Mark. Remember me from High School? I’d love to reconnect. Contact me at –link–.” I marked it as spam and deleted it. We have to be ever vigilant. I’m going to post on Facebook and Twitter. Thanks for reminding us.
Reblogged this on Wine, Women & Wordplay and commented:
I don’t normally post on Thursday, but this is excellent advice that’s worth reading. Stay safe online, peeps!
Excellent tips. I shared on Facebook.
My brother’s email account got hacked. He’d had a Hotmail account and abandoned it for Gmail, but left an address book with emails in it. Everyone in the family, as well as his boss, got an email saying he was overseas and had lost his wallet. Could we send him money? The first thing I did was try to call him. He was not home. As it turned out, he was traveling, and didn’t know it had gone out.
Then I looked at the email again. Clues: He hadn’t addressed me by name, and he probably would have. He also hadn’t signed his name, and he definitely would have. The message had misspellings in it, the kind that someone who doesn’t speak English as a first language makes. And, the money was in foreign currency and then translated into American dollars. Even if he was traveling overseas, he would have used American dollars as a default, not foreign currency.
Since I couldn’t get hold him, I sent an email to his work to tell him he’d been hacked and emailed the rest of the family to tell them to ignore the email.
I never thought about Tweet validation services being a problem, but you make a good point. I’m totally going to stop following people that require it. And I thought I was tech-savvy (*grins*).
Cyberspace can be a scary place. And it seems like the bad guys keep getting more creative. So far, I’ve not fallen for their evil schemes, but I have come close a couple of times and caught myslef at the last minute.
Thanks for your warnings and great advice.
Thanks so much for this info, Kristen! My husband is a computer security … dude (as Monica from Friends says, “One of these days I really should start paying attention when he talks about his job.”). He’s super strict about his computer’s security, and tries to make mine a fortress, too, but I know there are many ways I can be better. This was a nice reminder. 🙂
I clicked on a link in an email with a Viagra ad and our computer was toast and also sent an email to everyone in my address book, so we learned the hard way. I’ve received those tweets, too, about the nasty rumors. And maybe a year ago I noticed a post by a Facebook friend about how she received a free iPad, just for testing it out! Stupid is as stupid does. I clicked on the link, and while I was filling out the info, it sent that same message out on my FB wall. Thankfully, my sister-in-law called me to ask about it, and I told her I hadn’t received it yet, that I was filling out the form to get it. I was so happy she gave me a heads up, but I sure felt naive.
This is a great post, Kristen. Thanks for looking out for us and for putting out a call for sheep dogs. Woof!
Yes, funny how the hard lessons are always tied to Viagra ads. Bada bump *snare* Yes, I’ll be here all week, folks :D. I tend to be Naive Nell, too. That is a wonderful quality. It’s a shame evil people will take advantage of it.
A couple of years ago, I had telemarketers somehow using my home phone as a cover. Haven’t a clue how that could be done. I only found out when I started getting calls from all over the US (I’m in Canada) saying there were doing a call-back on a missed call. I contacted Bell. They couldn’t do anything because the calls were out-of-country. So I started telling the story to all my American callers. I think I talked to at least one person in every state! Finally, I got a call from a nearby Canadian town and asked the guy to call Bell. Bell traced the perp through his phone. My phone number is now on a sh!t list. Try Googling your number and see what comes up. The only good thing to come out of it was all the chats (and weather reports) I had with all those friendly Americans. You guys are awesome–love all your accents!
I actually just had this happen yesterday. A digital wolf snuck into my business email account full of personal emails of agents, editors, and authors I know or work with (even your email is in that vault). I didn’t know anything had happened until I got a tweet from an award-winning author (who is luckily a good friend) asking if I sent it. I was mortified. Luckily the wolf only spammed 5 folks before my digital sheepdogs and donkeys (work really well at beating the crap out of the occassional digital coyote) did their job and shut them down. I have no idea if the link in the email was for meeting hot young singles in my area, enlarging my penis, or a montage of video clips of dads getting racked by their kids via an array of toys/weapons, but at least a fellow sheepdog took time to let me know about it.
I’ll be sure to pass this on and while I’m at it, change my passwords and create a new business email account.
Thanks. I won’t be a victim again. 🙂
Thank you, thank you, thank you! You’re an angel for posting a wonderful reminder about all the ways one can get scammed (and screwed) on the internet! You’ve got some pointers in there I’ve not even thought about. I’m telling my kids to read this. 🙂
Thank you so much for these valuable tips. Gmail is really good about blocking fishy emails and I’ve never understood the Facebook application craze. I need to get better about passwords, though. I am guilty of using the same (albeit long and difficult) passwords in many places. Time to change some and do a backup of my files again – just in case the worst happens to the whole computer.
What I love about this post is how you make it personal. By relating your own experiences, you help us to relate to the underlying message. It’s exactly how a writer gets their message across in a great novel. Not only have you given us important information here, you’ve also perfectly demonstrated how to write well. This piece shows the power of stories as a way of communicating with others. Thanks and congratulations.
Jane Bailey Bain (‘LifeWorks’)
My sister, who works in IT and is quite paranoid about this stuff advises that if you can you should buy another computer, (it can be the cheapest simplest computer on the market, because you only need it for one thing) and ONLY use it to do your banking. You can then have no trace of your bank accounts on the computer you use for social networking and so exposing yourself to potential threats. She is paranoid about it because she has come across all manner of threats in her work. It’s probably very good advice if you can afford it!
It made me think recently when I had to change some passwords because my e-mail account had been compromised. The first thing that went through my mind was OH GOD I hope they haven’t got into my bank accounts!!
Thank you Kristen once again for a very informative post 🙂
This is the thing that upsets me most about the internet. I really appreciate your guidance and your pushing us to let others know when this is happening to us. I’ve been lucky thus far but know others who have not. Thanks Kristen.
Thanks for the warning, Kristen!!
If only grandma would have read this ages ago…
My kids laugh at me for refusing Farmville’s requests for information. Glad I’m not the only one who feels uneasy with it. Thanks for the great information.
This may have been covered in the 44 (count them…44) comments *jealous* heretofore, but now I feel insecure about opening the links on Twitter. I don’t know most of the people very well or at all…so how to be safe clicking into interesting links?
So many of these are things I’ve run into before and happily discarded as spam… The new one (and one I let slip through….) was the Twitter Verification service (though I did not “sign up” I did click the link… *hangs head in shame*). UGH! Thank you. Only wish I’d seen this Saturday.
Well, thank you for it now, Kristen. If a problem does show up, I have a direction to look in now.
Thank you, Kristen. I’ll be sharing this with friends, family and colleagues.
As an IT professional, may I add: get a top-of-the-line anti-virus/anti-spam/anti-malware/anti-everything package, install it, keep it updated and follow all of Kristen’s tips.
Backup regularly to an external hard drive. If you computer gets compromised, you have a recent copy of your data.
Do not let young members of the family use your computer as they can accidently visit sites you wouldn’t go near with a barge pole. Ensure your browser alerts you to unsafe sites. The little critters are tenacious – both the kids and the hackers..
I’ve been getting emails from “You Tube” saying my video is top video or something to that effect. Thing is I don’t upload on You Tube with that email address. I’ve tried to find a way to contact You Tube to tell them someone is spamming (and the email looks official) but have had no luck. I just mark it as spam in my email but they still get through. No clue what to do.
Such a wonderful, helpful post! The best way I’ve found to keep Twitter hackers out is to NOT have Twitter “remember me”. For some reason, every time I clicked that button, someone would hack my account within a day. As long as I keep it so I have to log in every single time I go to Twitter, I never have a problem.
As convenient as it can be to have sites remember your computer so you don’t have to remember all those passwords, it’s still compromising your personal security.
It is always great to get a reminder about this, because it’s so easy to not pay attention and click on something phishy without thinking about it. I’d add the reminder that your smartphone is a COMPUTER, and so you should treat anything that comes across it in a message, text, email, app, etc., with as much caution as you would your actual computer, maybe even more so. I got a text a few weeks ago that I had won a Walmart gift card. Yeah, right. I deleted it immediately. This was before smishing (text message phishing/spamming) made the news outlets. There’s an old saying, “Trust but verify.” But when it comes to computers, social media, and smartphones, I say, “Verify. Then trust. Not the other way around.”
These are definitely some useful tips. My facebook was hacked about a year ago because I fell for a stupid message from a friend who had also been hacked. I personally don’t know what these people obtain by making the internet a less safe place, but I’m glad to see reminders like this. We’re so ready to share ourselves with the world through our blogs and our tweets and facebook statuses, but we forget sometimes what can happen when we share too much. Thanks for this post!
So true – we need to be cautious. I have no time for Facebook games – and block them, but there seems to be thousands of them. What also annoys me is the new Facebook policy where people join me to groups without asking if I want to join – and I despise those pictures where someone says, you are mentioned in a picture and thousands of people are shown a picture of a boot that somehow relates to me. Geesh. I wish there were no hackers – don’t they have better things to do with their time.
Kristen, I have taught many of these steps before in short courses and receive double checks from all my online friends and family and business contacts to compare notes on these spams and phishes. However, I very much appreciate your outlining all of these steps so specifically and all in one place here today. This will be very helpful to many, many out there. I have friends who are in my age range who still make the mistake of clicking on stuff too quickly! Then they have to change their whole email address, etc. Thank you for this very practical help today.
You can also cut your chances of being “hacked” by not running Microsoft Windows. Run Linux, or Mac OS X, and you will be immune to the vast majority of software attacks.
Of course this doesn’t stop them from trying to fool you into giving them your password…
Me, well, I’m a smart aleck. If I’m in the right mood, I’ll fill in the information form with fake info. I do things like giving my phone number as the number of the local police station. That will cause the con artists a bit of excitement!