“Phishing” scams getting bolder, more aggressive and a lot smarter

There’s an arms race between us and the phishers. The more savvy we get the more inventive they get. The latest that I’ve heard about is one that can take over your computer and lock you out while the scammer searches your computer for your passwords. This happens when a screen pops up on your computer telling you one of your programs, such as your security software, is out of date. A link is provided to install an update.  If you click the link a scammer suddenly has control over your cursor and you no longer have any control.  Your cursor goes seemingly on a mission of its own looking through your computer files where you might have stored lots of your passwords, for example in a file or folder you’ve created for yourself and given a name that hints what it is, such as “passwords,” or the name of a bank.

You can protect passwords in a number of ways. There are services that will store your passwords for you much like your own computer will do if you allow it, such as the key chain in a Mac computer. If you allow the key chain on a Mac or whatever it’s called on a Windows computer to store your passwords, it’s then very handy to log in to all your favorite sites that require a login, such as your bank or credit card, but anyone who gets physical or virtual possession of your computer can also. There are third party sources that will create a key chain for you that is not on your computer and which you access with just one password that you can memorize.  The cost of this services might $10 to $20 a month but it will be a lot cheaper than having your identity stolen or your bank account cleaned out by a scammer.

The “take over” scam works the same whether you are using a Mac or a Windows machine. Most people, except John Podesta, already know not to click on any link in any email. We must also be wary of clicking any link that pops up on the screen. Use an ad blocker to keep pop-ups to a minimum. A link on a website you’ve accessed on your own and is a site you trust is still OK. If that gets taken over by scammers the internet will become a whole lot less usable and efficient.

If it isn’t already, computer fraud should be a federal offense with a mandatory 5-year prison term and a life time ban on owning, possessing, or even touching a computer, with a national registry much like the sex offender registry.

I do all my banking and bill paying on my computer. The  password for my bank account is a long and complicated one that I have commited to memory. So is my screen name for logging in. Neither of these is written down anywhere.  When I die my wife won’t need these, all she will need to do is provide a copy of my death certificate along with a copy of the court order appointing her as my executor, and she will then have complete and legal control over my bank account. A bank account in joint tenancy with right of survivorship is even easier, requiring merely a death certificate to transfer control to the survivor. A pay on death instruction to your bank works the same way.  There is never a reason to have your bank account password and screen name written down anywhere if you commit it to memory, which is easy because it’s one you use often.

There are several neat mind tricks you can use to help you easily memorize one or two passwords. One many people like is to use the middle name of a long deceased relative, such as a great grand parent, and the year of their birth and/or death. This is especially good if the middle name is one that is no longer common.

If one of your great grandfather’s middle name was Virgil and he was born in 1851 and died in 1923, you can make a great password out of that which you can remember by spelling his middle name backwards and reversing the order of the year numbers of his birth and death: ligriv15813291 Nobody will guess that and no computer algorithm will derive it in any time frame that matters. You’ll remember it because you’ll use it a lot and even if you forget it there will be sources for you to access the relevant information about your great grandfather again. Just make sure you don’t write it down anywhere, and don’t tell any relative except your spouse how clever you’ve been. You’ll always tell your spouse all about every bit of cleverness you’ve ever accomplished, you just can’t help it.

Warning: Let your spouse know he/she has no need to remember the number. You don’t want them writing it down anywhere. Maybe don’t actually tell them the number, just the method you used so they’ll see how clever a choice they made in marrying you, and how glad they are to be married to a genius. I remind Mrs. TeeJaw of this regularly, lest she forget.

There are lots of sites you can go to for further information. I found a ton of them with this Google search: Phishing scams that take over your computer

Print Friendly, PDF & Email

Subscribe to Blog via Email

Archives

%d bloggers like this: