Thursday, September 20, 2012

I Didn't Order That?

Think before you Click!

So frustrating, isn't it? Our technology tools provide ways of interacting, serving one another and much more. However, so do those that want to shortcut these systems.

Recently, a spam that appears to come from Amazon, confirming your order showed up in Inboxes everywhere. You see, this particular spam was pretty good.

You are working hard, check your Inbox, and wow, there's an order confirmation from Amazon for a $742.61 44 inch LED TV. Your first impulse is, wow, I didn't order that, wish I had been able to, but I can't afford that right now. And, after those initial couple of seconds of wondering how in the world you would have mistakenly ordered something that expensive, your second impulse is to click on the item and check it out.

You click, and an Amazon looking web site pops up, you log in and, uh oh!! You're caught, and you didn't even know it. These spammers now have your Amazon account information. Beyond just getting into your Amazon account, if your like me, you have Amazon Prime, a Kindle, Amazon Streaming and just about every Amazon tool offered. This spammer now can order, read and watch movies, books, whatever, using your money!

Many online services are setting up two factor authentication. You can turn it on for Google right now.. Two factor authentication provides two different sets of authentication before you can get into a service. I'm guessing we'll see Amazon provide this soon, and when they do, I'd recommend using it.

For now, here are some precautions:

  • As hard as it is, set up different passwords for your services. This prevents one account compromise from spilling over to another. For example, we recommend you don't use your Letnet credentials for anything else but Letnet.
  • When you get an email from a service you use, FedEx, your bank, Amazon, etc., don't click on the email you get. Go to their web site outside of your email, log in and review your account and orders there. For example, in this instance, go to http://amazon.com first, don't click on the order in your email.
  • Always hover over a link in an email, if your device allows it, and check out the link before clicking. In this case, you can quickly see it's not from amazon.com.
It's a frustrating world we live in.God has called us as His servants to have dominion over what He has created. Our fallen sinful nature enters into our calling, and we continue to learn to be diligent together.



Thursday, September 13, 2012

Really? Helpdesk Upgrade Alert?

Have you ever received an email with this subject, "Helpdesk Upgrade Alert"? It came from your LETU IT Department, right?

Well, let's check...

If you already suspected that it's not the LETU Help Desk, you'd be right.

The “From” line indicates it’s not an LETU.edu address (we always send from letu.edu email addresses)





The link they provide in the email is not an letu.edu address (we typically send you all IT-related links in the form of an letu.edu address)

The signature they provide at the end is generic, and non-representative of the way we personalize our signatures at LETU IT.


Nice catch. Being able to identify the elements in a suspicious email or web page will go a long way towards keeping you (and LETU) protected online.


Wednesday, September 12, 2012

OUCH!

I know, what a title, OUCH! It's a monthly publication we receive from the SANS Institute, a information security training and security certification organization.

Wow, that sounds like an IT person talking. 

One of the frustrations of living with technology is that we still live in this falling world. God has called us to fill the earth and subdue it. Those that are looking for ways to abuse the technology we use are looking for even more ways of hacking, stealing and faking us out. 

This months issue of OUCH! speaks about what to do if you are hacked, a very polite way of saying, someone stole your computer information!

Check it out:  OUCH! September 2012


Contact Us