Recently, the entire IT world had a big scare where no system was guaranteed safe. You may have heard the words Meltdown and Spectre, you can read more about them here. Let me break it down for you if this is not the sort of thing you like to read about. It’s a new attack on any kind of computer including smartphones, tablets, etc. Anti-virus can’t necessarily detect it and you may never know you were hit. It breaks down the walls that protect various programmes/apps on your computer from the data in each other including your passwords.
Worried? The best thing you can do is to ensure you run all security patches and updates on your smartphones, laptops, tablets and computers as long as there is a clear and present danger. This means, don’t ignore that update message.
Recently my Mother had a scare where she accidentally gave away her Apple password.
She sent me the email that baited her in, and just as we thought, it was a perfectly formed Apple iTunes receipt for $500.00 that she did NOT purchase, an alert that someone “may have used your account for suspicious activity” and a link to “fix” the damage. So she clicked it, went to a page identical to the apple sign in page and of course, “signed in”.
(Find more on this particular scam here.)
If you have ever found yourself in a similar boat, or fear that you will. Here are a few simple things to watch for to help you navigate your way through the murky waters.
1) Do NOT click the link. I repeat, DO NOT CLICK THE LINK. If you’re not sure. Open a new web browser, go to the website from scratch (ie. Google it) rather than following the link provided in your scammy scummy email.
2) Check who sent it. If it doesn’t look like a real email address, ignore it.
3) Why are they sending you emails at all? These companies do NOT reach out to you. Yes, you own a Windows computer, does this mean that “Windows” service reps call you from the far flung corners of the globe to “help” you with a problem on your computer you didn’t know about? No. The most certainly do not. The world is not that kind, people.
4) Look for language. This one had a few of my fave’s “please check you’re billing informations” and “thank’s” I know they’re only multi-billion dollar international corporations, but the least they can do is get a grammar checker.
How can you help protect yourself using Exess or other password-sensitive software?
1) Do not save your password to your browser. Protect them, memorise them, look after them. The number of times I’ll be talking to an Exess user that doesn’t have their password because they’re not on their computer and “it’s only saved on my computer”. We warn against it, but it still tends to happen because it makes life “easier”.
2) Know that we will never ask for your password, by phone, email, or other.
3) Do not write you passwords down in a book and while we’re on it, do not tape your password anywhere near your computer or monitor.
4) Do not share them with each other, under any circumstance, each and every Exess user has their own login and password so they DO NOT NEED YOURS.
Time to work smart, people.
Better living everyone.