A weak password can cripple you
Terri Dickerson
One problem most of us have with setting up passwords is we want to create a quick and easy to remember password but this may not be our best strategy if the password ends up being weak and easily hackable.
Readers will often ask me for recommendations for setting up a strong password. While nothing is hack proof some passwords are definitely ones you should avoid. A few passwords that are among the most hacked and best to avoid include: Password, 123456, Qwerty, 111111, 123123, 555555, abc123, and Iloveyou.
Turns out there is a handy resource that you can use that will assist you with setting up new accounts or changing your login credential information with a strong password. Log into http://www.passwordmeter.com/ and plug in your intended password. The formula shows you exactly how strong the password is, thereby allowing you to set up strong passwords on your accounts.
One suggestion is to not use one password for all your accounts so you will want to set up several passwords. Also, do not store your passwords on our digital devices but if you have to write them down, do keep them in a safe place for future reference.
• • •
Watch for phony emails from well-known companies
Scammers have stepped up the flood of emails they have been inundating consumers with in their inboxes from what appears to be house hold company names. A Coeur d’Alene reader sent me a list of five such emails he received in just one day. They were:
• T-Mobile from newsletter@fubfield.com,
• Walmart from EZdonmacidZE@1mpfAlrJr8P68Ox-Skinnerinc.com
• Geico Insurance from local@connections.covered3860service.com
• CV Pharmacy from info@cvonline.magniduu.net
• True Green from guides@digitalmarketselection.com
In each instance, it is clear that the sender has nothing to do with the actual company that is supposed to be sending the email. These are examples of phishing attempts to get the receiver to click on the email then possibly click on any links embedded in the message. This will allow the scammer to install malware on your device.
Here are some tips to avoid phony emails.
Emails from legitimate businesses will not include an IP address (string of numbers) such as http://123.896.333.789/amazon.com. This is a phony site and not tied to the company.
If you get an email regarding an item you didn’t purchase, go directly to your order screen in the company’s website to match what the message is telling you.
If you get emails to update payment information, do not reply. Instead update any payment information directly in the company’s website.
If you believe you may be scam victim, contact the Federal Trade Commission to report any fraud at https://www.ftc.gov or at 877-FTC-HELP.
• • •
Watch those tweets
If you are on Twitter and you get a tweet from a follower raving about a contest for a free iPad, smartphone or some other expensive prize that prompts you to click on a link to learn more, beware.
It is likely that the link will download a “bot” which is a software robot onto your device adding your computer to a botnet of zombies that scammers use to send spam email to. If it seems like you are on a spam list because you get inundated with spam emails, pay attention because you probably are on one of these lists.
With these tweets, scammers are taking advantage of URL-shortening services that allow Twitter users to share links that would otherwise be too long. Since the legitimate services break down a huge URL to a limited number of characters that means users can’t see the actual URL which makes it easier for bad actors to post malicious links.
One way to avoid these potential scams is to check out the profile of the follower from Twitter who sent you the tweet. If he’s following thousands of people but no one is following him, he’s likely a bot that needs to be avoided.
• • •
Uber users are getting targeted by hackers
It might surprise you to know that Uber is the tenth most popular app on Apple’s app store and has been downloaded nearly half a billion times on Android. With such a huge user base, it is no wonder why hackers are targeting the wildly popular alternative taxi service company using fake apps.
These fake apps target customer’s personal data and specifically target Android users using the Android.Fakeapp malware. After the user downloads the fake app, the malware will launch a login screen which looks nearly identical to Uber’s legitimate version. Once the user enters their user name and password and hits the next button, the malware launches the real Uber app, which suspends any suspicion the user may have had about the app.
In order to avoid this scam, only download applications from trusted sources. Other fake apps have made their way onto the Google Play store so be careful.
• • •
Remember: I’m on your side.
• • •
If you've encountered a consumer issue that you have questions about, or think our readers should know about, please send me an email at terridickersonadvocate@gmail.com or call me at 208-274-4458. As The CDA Press Consumer Gal, I’m here to help. I’m a copywriter working with businesses on marketing strategy, a columnist, a veterans advocate and a consumer advocate living in Coeur d’Alene.