VERY IMPORTANT

I think there are people who are making a big thing out of this with explanations that mean nothing to me.  It was my intention to bring this to the attention of the members.  I guess the next time I see this type of email sent to me I will keep it to myself.

I think you did one heck of a lot of good and the conversation has been very helpful.  Please don't be frustrated.  I, for one, thank you.

I think there are people who are making a big thing out of this with explanations that mean nothing to me.  It was my intention to bring this to the attention of the members.  I guess the next time I see this type of email sent to me I will keep it to myself.

I don;t think it is really a "big deal" to us as much as it is an interesting topic of conversation that miraculously does not revolve around shaving or the current state of world affairs. It's something different and we have all had experiences that are very similar to one degree or another...

At least it generated some thought and some conversation...

+1

I think there are people who are making a big thing out of this with explanations that mean nothing to me. It was my intention to bring this to the attention of the members. I guess the next time I see this type of email sent to me I will keep it to myself.

I totally agree that you did a great thing, both to warn people and to raise awareness of cyber crime. The conversation moved away from that to several different topics, though I think it has been a good thread and I especially appreciate your looking out for others.

I've tried everything to educate her. Sent her articles and photos with flow charts outlining when to open things or to discuss personal information over the phone. Nothing has changed.

If she is non-technical, then you need to give her a very high-level explanation. Explaining technical details to such people merely makes them feel lost and frustrated. Being non-technical in a world where 10 year-olds often have greater computer expertise, they are likely feeling rather lost and frustrated to begin with. There are a lot of people in the same boat as you - folks trying to help out the technology unaware or even the technology averse.

She called my wife, who was in the room and had heard the conversation, in tears. She said she just wanted help opening the attachment and I made fun of her without actually helping her open the attachment... The next day her employer announced that they or their insurance company had been breached and everyone was going to be enrolled in identity protection for 2 years...

Yet she will have to be enrolled in credit monitoring protection for a lifetime. Does her employer plan to do the right thing, or just give the employees the middle finger, say sorry, and avoid the post-2 year expense and responsibility? If her W-2 form was compromised and she is married and filing jointly, then her husband's identity was also compromised. In addition to the credit monitoring, she should also contact the three major credit reporting bureaus - Experian, Transunion and Equifax - and have a block placed on her credit reporting. She will need to pay a fee to each bureau each time she locks or unlocks credit reporting. That fee is waived if she files a local police report about her identity theft. Each bureau will give her an ID number. She needs to make two copies, one for home (locked in a secure location) and another that goes in her safe deposit box. If she ever loses those ID numbers, she is well and truly screwed. They are required to lock and unlock credit reporting. The ID theft also needs to be reported to the Social Security folks, as well as to the IRS and state tax board. Ditto for her husband if she is married and filing jointly.

She's gotten calls from the "IRS" demanding payment over the phone to avoid being "arrested" and my wife now gets very bizarre phishing calls on her cellphone asking for her by her maiden name.

I love those calls! It is sooo much fun pranking the caller. The last time one called, he asked how much I had paid for the previous year's taxes. I said that I had never paid taxes, and did not believe in paying taxes. The caller was so shocked he did not say anything for a moment. Then he said I owed a huge tax bill and had to pay it over the phone or be immediately arrested. I told him I would not pay the tax bill, was a member of an anti-tax extremist group and had five wives, and they didn't pay taxes either. He then asked for my credit card number. I said it was "7". When he asked for the rest of the digits, I insisted there weren't any, just 7. Or maybe is was a 9, which is pretty close to 7. Eventually Mr. IRS started cracking up with each answer I gave, so I hung up. I am surprised that the caller didn't. My five wives thought he was rude for laughing at me.

Also, those IRS and Microsoft You Have A Virus calls are not related to her identity theft.

I'm sure the stuff I know about is only the tip of the iceberg. She's called us and said that she's gotten calls from people claiming there has been an accident involving a relative and that she needs to confirm social security numbers for the morgue.

Why not tell her to tell the caller the Social Security Number is "7"? It is an easy and simple answer to remember.

I worry about what personal information my mother-in-law has given out willingly and unwillingly as well. I'm sure her pride prevents us from ever really knowing. I love her and realize that her inherent kindness and trust make her the prime target for this kind of thing. It's not like I can rip her beloved iPad out of her hands. It's a difficult situation to have to tell someone that their best qualities make them especially vulnerable.

If she is an older person, then the local senior citizen's center might be the best bet. If she is younger than that, an online course might help. They can teach her how to deal with scam artists and fraudulent email. Dealing with the problem by denial or ignoring it and hoping it will go away will only lead to disaster. Maybe you could install an antivirus / antimalware app on her iPad?

I think there are people who are making a big thing out of this with explanations that mean nothing to me. It was my intention to bring this to the attention of the members. I guess the next time I see this type of email sent to me I will keep it to myself.

Ignorance is very definitely not bliss. If you don't understand what people are saying here, I strongly advise educating yourself on safe computing basics. Failure to do is likely lead to very poor outcomes. This computer security slide deck for non-technical folks includes links to some useful websites at the end: https://www.slideshare.net/zcobb/cyberse...ntechnical. For all those who harbor unreasoning paranoia about LinkedIn, yes, SlideShare is owned by LinkedIn. Better to be LinkedIn than CheckedOut.

Oh, by the way, a lot of online shopping carts are notoriously insecure. That has improved in recent years, but one way to avoid problems is to buy a Visa gift card and use that for online purchases. You only pay three or four bucks for the card. If one of the shopping carts you used was hacked, then you will lose at most what is left on the card. Often, the card will be used up before any of the shopping carts get hacked. With a regular credit card, you can cancel the fraudulent charges, but your card number will still be out there.

Interestingly, the FBI is this part of the country spends more time on education about preventing a breach than pursuing the criminals. The reason is that the criminals are in countries that have little interest in cooperating with US law enforcement.

Here is a link to an interview with the FBI Special Agent that leads the regional cyber crime team.  He talks about both individual and business,  though its at a level that applies to both.

Don't want to click?  Do a Google search on score-on-business-fbi, which is the end of the link above, and it's one of the top hits.


http://www.newschannel5.com/plus/score-o...siness-fbi

Show of hands: How many of you use public, unsecured Wi-Fi? You folks with your hands up? You're identities waiting to be stolen.

How many of you leave your Wi-Fi and Bluetooth on you phones turned on when you're not using them? You're victims waiting to be exploited, too.

On the other hand, if you have or ever had a national security clearance, the Chinese government learned more about you than your family probably knows when they hacked the Office of Personnel Management.

Show of hands: How many of you use public, unsecured Wi-Fi? You folks with your hands up? You're identities waiting to be stolen.

Just use Nord VPN, Torguard, or for the propellerheads in the audience, Algo. Or a tinfoil hat. A VPN is safer in lightning prone areas.

Show of hands: How many of you use public, unsecured Wi-Fi? You folks with your hands up? You're identities waiting to be stolen.

Just use Nord VPN, Torguard, or for the propellerheads in the audience, Algo.  Or a tinfoil hat.  A VPN is safer in lightning prone areas.

I agree with the idea behind both statements. The problem is, a lot of the people who use public Wi-Fi networks also have no idea what a VPN is…

The tinfoil hat is your best option.

Re: Public Wi-Fi. It's a simple matter for a bad actor to spoof a legit hotspot/access point and lure you in. More sophisticated crooks (and cops and feds) with the right tools can even access your devices without you even knowing about it.

The only 100% secure option is to power down and get off the grid. Barring that, use your common sense and never use public Wi-Fi for anything you don't want the whole world to know - shopping, private communications, etc.