A lot of attempts to steal your info is to spoof the email of someone you know to gain your confidence. It may include an attachment that when clicked on takes you to a filesharing site, DropBox, Microsoft Sharepoint or OneDrive and ask you to log in. It is easy to steal the source code of a website and mimic that site on a malicious web page. Once you log in, BAM, they have your info which they will use to compromise your authentic email or access your online account.
Another ploy I have seen recently are emails that include a compromised password that is a real password that the user has or still uses. The email states that they have private info about you that will be revealed publicly unless you pay a ransom to a Bitcoin wallet. These wallets are very real and untraceable, so do not fall for this extortion attempt.
I have been contacted by users wanting to know if these are real because the email contains a current or past used password. Again, they are only extortion attempts. The next question is how did they get the password. Below is a chart of information courtesy of "haveIbeenPawned.com". Your identity and information are all over the web. It is at your bank, LinkedIn, MySpace, Facebook etc. This chart lists the largest data breaches thus far of user data at major corporations and websites. And remember, these are just the largest, not nearly all.
Beneath the chart is links that you can use to check to see if your email has been pawned and your information was included in any of the compromised sites.
I have included the "haveIbeenPawned" website in a past blog post. If you don't practice good password security yet and your email has been pawned please start today. No one to blame but yourself.
https://haveibeenpwned.com/
https://www.lifelock.com/breach-detection?promocode=BreachEraser&nc=breachnortoneraser
Microsoft, Linux developers, and Apple are constantly releasing updates and patches to their operating systems to fix known and new exploits as they are found. If you are using Windows XP then you have not received a security update since April 8, 2014.
Web browsers are evolving and getting better at warning the user that a website is not safe. Google Chrome is good at warning you that a website is not safe and Mozilla Firefox will soon start alerting you to a breached site. These browser updates don't necessarily happen automatically. You should check if an update is available periodically and if so, install it.
If you are using Windows XP then you are using a way out of date, non-secure browser to navigate the internet. I would not advise using an XP machine for financial transactions.
Support for Windows 7 extended support ends January 14, 2020. Many software vendors will end support before that.
It isn't only the operating systems but recently flaws in Intel Processors have been exploited.
https://www.forbes.com/sites/davealtavilla/2018/01/03/intel-processor-bug-leaves-all-current-chips-vulnerable-and-its-fix-saps-performance/#74f5a918570a
One last thing, it's all software that you use whether Adobe Acrobat/Flash Player, Java, MS Office, or browsers. Hackers use exploits in all of these to gain access to your computer and info. It is imperative that you patch and update your systems to remain secure.
NEW INTEL GENERATION 8 & 9 based WORKSTATIONS
No comments:
Post a Comment