more dangerous, but people are increas-ingly more savvy to the most egregious hacks. Fewer and fewer unsecured re-tail web sites (those that begin with “http” rather than “https”) conduct transactions, but it’s still something to keep in mind.

This requires ever-more subtle phishing campaigns to trick people into giving up their personal infor-mation via credible-looking fraudulent emails. And there’s always a new scam around the corner.

“Another popular scam is through online dating apps,” said Whitney Joy Smith, president of The Smith Investi-gation Agency. “Scammers look for vulnerable people to build a relationship. After that, they ask for money or get enough personal in-

Identity crimes in-clude scenarios like a hacker who steals your credentials to break into your ac-counts or assume your financial identi-ty, or someone thou-sands of miles away from you who runs up charges on your credit card and takes out loans in your name.

If you need some-thing else to keep you awake, the FTC describes identity theft scenarios in which a thief gets a credit card in your name, sends the bill to another address, and (of course) never pays. Or he uses your personal infor-mation to steal your tax refund or pre-tends to be you if he’s arrested.

It can be hard to un-tangle yourself from identity theft, both legally and financial-ly. And the damage

to your credit history can be long-lasting. If there ever was a sce-nario in which an ounce of prevention is worth a metric ton of cure, this is it.

How Your Identity Can Be Stolen Unfortunately, your identity is low-hanging fruit, able to be plucked in tons of ways. Offline, crimi-nals steal mail from mailboxes or dump-ster dive through trash, both of which might be chock full of credit offers and per-sonal finance infor-mation (which is why you should own a shredder). Skimmers connected to gas pumps can capture your credit card info and so can restaurant staff. And recently, a cash-ier was arrested for stealing 1,300 credit cards he’d memo-rized.

Online, it’s even

How to Protect Your Identity Online

Monthly Reminders:

Run Malwarebytes

Run Super Anti-

spyware

Manually Update

Windows

Run computer

clean-uo

SVECC Newsletter Sunland Village East Computer Club

Volume 17 Issue 1

January 2020

S V E C C

Identity 2

Idenity 3

Idenity 4

Memories 5

Calendar 6

Passwords 7

Exit laughing 8

Inside this issue:

formation to conduct identity fraud.”

And then there are plain old hacks, such as when databases full of personal infor-mation are cracked.

How You Can Pro-tect Yourself “Unless you’re willing to take extraordinary measures, like aban-doning all technology and relocating to the Amazon to live with an uncontacted tribe, real privacy is almost impossible to achieve,” lamented Fabian Wosar, chief technology officer at Emsisoft. But Wosar also acknowl-edged there are rea-sonable and prag-matic precautions people can take.

Many of these are part of the usual cy-bersecurity hygiene you’ve heard for years. But to be truly be protected, you need to do these things, and regularly. After all, identity theft is usually a crime of convenience and op-portunity, so your goal is to make your-

self the smallest tar-get possible.

And while the more precautions you take, the better, the reality is not everyone is go-ing to be ultra-diligent. With that in mind, we’ve separat-ed the precautions you should take into three levels: Com-mon sense (the stuff everyone should be doing), heightened security (for the sav-vier), and bunker-mentality (for those who are willing to take extreme measures).

Common Sense Precautions If you’re not doing these things, you might as well stop locking your front door and leave your unlocked car idling in your driveway:

Use strong pass-words: The con-ventional wisdom is that a strong password is some combination of up-per- and lower-case letters, num-bers, and special characters. The

reality is the long-er your password is, the harder it is to crack. XKCD did a good job breaking it down.

Use a unique pass-word for every site and ser-vice: This should go without saying, but it’s still routine to encounter peo-ple who re-use passwords. The problem with this is if your creden-tials are compro-mised on one site, it’s trivial for hack-ers to retry those same credentials at thousands of other sites. And according to Veri-zon, 81 percent of data breaches are possible due to compromised, weak, or re-used passwords.

Use a password manager: A tool like Dashlane or LastPass is table stakes in the games of online security. Accord-ing to Dashlane, the average inter-net user has over 200 digital ac-counts that require

Page 2

How to Protect Your Identity Online

SVECC Newsletter

And while the

more precautions

you take, the

better, the reality

is not everyone is

going to be ultra-

diligent.

passwords. And the company ex-pects that number to double to 400 within the next five years. It’s pretty impossible to manage that many strong, unique passwords without a tool.

Beware of public Wi-Fi: Don’t join a free public Wi-Fi network unless you’re certain it’s trustworthy. You could join a net-work set up exclu-sively to monitor your traffic. And if you use a public or shared comput-er (such as to print a boarding pass when you’re on vacation), make sure you don’t al-low the browser to remember your credentials—clear the cache when you’re done.

Heightened Securi-ty As the saying goes, you don’t have to run faster than the bear; you just have to out-run your buddy. If you implement these security best practic-es, you’ll be well

ahead of the majority of the online popula-tion:

Never use your so-cial media profile to sign in to oth-er sites: When you sign up some-where new, you often get a “single sign-on” option to log in with your Facebook or Google account. While this is con-venient, one data breach exposes you in multiple ways. And “you risk giving the site access to the per-sonal information contained in your sign-on account,” warned Pankaj Srivastava, chief operations officer of the priva-cy compa-ny FigLeaf. It’s al-ways better to sign up with an email address.

Enable two-factor authentica-tion: This effec-tively prevents bad actors from using a password reset to take con-trol of your ac-counts. If you re-

quire two factors, they need access not just to your email account, but to your phone, as well. And you can do better than this, too (see the bun-ker advice below).

Minimize your so-cial media foot-print: Social me-dia is an increas-ingly dangerous landscape. Also, don’t accept con-nection or friend requests from an-yone you don’t know. Bad actors use that as an op-portunity to re-search a phishing campaign, or she might use you as a jumping-off point to attack your con-tacts.

Dial back your so-cial media shar-ing: “The more you post about yourself, the more a hacker can learn about you,” said Otavio Friere, chief technology of-ficer at SafeGuard Cyber. “And the more effectively you can be targeted.” There might be enough in-formation on your Fa-cebook profile right

How to Protect Your Identity Online

Volume 16 Issue 11 Page 3

Social media

is an

increasingly

dangerous

landscape.

now (email address, school, hometown, relationship status, occupation, interests, political affiliation, etc.) for a criminal to call your bank, pose as you, and convince a customer service rep. to reset your password. Simon Fogg, a data privacy expert at Termly, said: “As well as avoiding using your full name and date of birth on your profile, consider how all your information connects. Even if you don’t share your home ad-dress, your phone number could be used to find it. When combined with ge-otagged photos, you might be surprised how much of your daily life you’re re-vealing to strangers, and how vulnerable you have made your-self to threats.”

Into the Bunker There’s no end to the security precautions you can take—we didn’t even cover us-ing a TOR browser, for example, or mak-ing sure your regis-trar keeps the WHOIS information

on your website (if you have one) pri-vate. But if you al-ready do everything we mentioned in the previous sections, these remaining pre-cautions should put you in the top one percent of safe inter-net users:

Never use your phone number for two-factor au-thentication: “Phones can be cloned,” said Initial Coin Offering (ICO) consultant, Steve Good. That makes your sec-ond factor in two-factor authentica-tion less secure than you might think. Thankfully, it’s easy to set up Google Authenti-cator or Authy to consolidate all of your two-factor-authentication needs.

Encrypt your USB flash drives: How do you transfer files between computers? With flash drives, of course. And these devices are often the weak link in

your security regi-men. If you lose it, anyone can pick it up and read it. You can encrypt individual files, but a better solution is to encrypt the en-tire device. King-ston offers a fami-ly of drives—the DT2000—that range from 8 to 64 GB. They have built-in numeric keypads, and pro-tect your data with hardware-based, full-disk AES, 256-bit data encryp-tion—no software required.

Monitor your-self: “Periodically reviewing your online presence will help you dis-cover how much of your personal information is pub-lic,” said Fogg. It’s easy to create Google alerts for yourself which can help you get a sense of what the internet knows about you.

Page 4

How to Protect Your Identity Online

SVECC Newsletter

Even if you don’t

share your home

address, your

phone number

could be used to

find it.

Someone asked the other day, 'What was your favorite fast food when you were growing up?' 'We didn't have fast food when I was growing up,?? I informed him. 'All the food was slow.' 'C'mon, seriously. Where did you eat?' 'It was a place called 'at Home,'' I explained. 'Mom cooked every day and when Dad got home from work, we sat down together at the dining room table, and if I didn't like what she put on my plate I was allowed to sit there until I did like it.' By this time, the kid was laughing so hard I was afraid he was going to suffer serious internal damage, so I didn't tell him the part about how I had to have permission to leave the ta-ble. But here are some other things I would have told him about my childhood if I fig-ured his system could have handled it : Some parents NEVER owned their own house, never wore Levis, never set foot on a golf course, never traveled out of the country or had a credit card. In their later years they had something called a revolving charge card. The card was good only at??Sears Roe-buck. Or maybe it was Sears & Roebuck. Either way, there is no Roe-

buck anymore.?? Maybe he died. My parents never drove me to soccer practice. This was mostly because we never had heard of soccer. I had a bicycle that weighed probably 50 pounds, and only had one speed, (slow)

We didn't have a television in our house until I was 11. It was, of course, black and white, and the station went off the air at midnight, after playing the national anthem and a poem about God; it came back on the air at about 6 a.m. And there was usually a locally produced news and farm show on, featuring local people. I was 19 before I tasted my first pizza, it was called 'pizza pie.' When I bit into it, I burned the roof of my mouth and the cheese slid off, swung down, plastered itself against my chin and burned that, too. It's still the best pizza I ever had. I never had a telephone in my room. The only phone in the house was in the living room and it was on a party line. Before you could dial, you had to listen and make sure some people you didn't know weren't already using the line. Pizzas were not delivered to our home.?? But milk was. All newspapers were deliv-ered by boys and all boys

delivered newspapers--my brother delivered a newspa-per, six days a week. It cost 7 cents a paper, of which he got to keep 2 cents.?? He had to get up at 6 AM every morning. On Saturday, he had to col-lect the 42 cents from his customers. His favorite cus-tomers were the ones who gave him 50 cents and told him to keep the change. His least favorite customers were the ones who seemed to n ever be home on collec-tion day. Movie stars kissed with their mouths shut. At least, they did in the movies. There were no movie ratings be-cause all movies were re-sponsibly produced for eve-ryone to enjoy viewing, with-out profanity or violence or most anything offensive. If you grew up in a genera-tion before there was fast food, you may want to share some of these memories with your children or grand-children. Just don't blame me if they bust out laughing. Growing up isn't what it used to be, is it?

Memories

Volume 16 Issue 11 Page 5

My parents never

drove me to

soccer practice.

This was mostly

because we never

had heard of

soccer.

words everywhere. But who can remember hundreds or even doz-ens of strong pass-words? A password manager can remem-ber if for you. You re-member your pass-word manager’s mas-ter password, which unlocks your secure vault. Your password manager can randomly generate strong pass-words, remember them for you, and log you into websites with them.

1Pass-

Using a password manager is crucial. The biggest risk to your ac-counts online is pass-word re-use. If you use the same passwords over and over, a breach at one website means your email and password is out there. Attackers will try to use that email and pass-word to log into other sites. This simple trick is how accounts are often “hacked” these days.

The solution is using strong, unique pass-

word, LastPass, Bitwarden, and Dashlane are all reliable, stand-alone password managers. The open-source KeePass is okay, too, but it doesn’t have built-in sync fea-tures.

Web browsers have been able to remember your passwords for many years, but their password managers are now getting more sophisticated. Still, we recommend skipping the password manager built into your web browser—whether

Page 6

Why You Shouldn’t Use Your Web Browser’s Password Manager

SVECC Newsletter

Why You Shouldn’t Use Your Web Browser’s Password Manager

We recommend using a password manag-er like 1Password, LastPass, or Bit-warden. But modern web browsers have built-in password man-agers, so why install a different one? There are many good rea-sons to avoid your web browser’s built-in tool.

Why You Need a Password Manager

SUN MON TUE WED THU FRI SAT

1 2 3 4

5 6 Computer Club

7 Fix-it Tuesday

8 SLUG

Linux Meeting

9 10 11

12 13 Computer Club

14 Patch and

Fix-it Tuesday

15 16 17 18

19 20 Computer Club

21 Fix-it Tuesday

22 23 24 25

26 27 Computer Club

28 Fix-it Tuesday

29 30 31

January 2020

that’s Chrome, Firefox, Safari, or Edge—and using a dedicated password manager.

Your Web Browser’s Password Manager Is Just Okay Your web browser’s password manager is better than nothing. With no additional soft-ware, your web brows-er can remember all your passwords and securely sync them between your devices. They can be stored encrypted in the cloud. You can use strong, hard-to-remember passwords because your software is auto-matically remembering them for you. This keeps your accounts secure, as you won’t need to re-use pass-words.

The account it’s synced with—like your Google account in Chrome or your Apple ID in Safari—can be protected with two-step authentication to pre-vent people from sign-ing in.

But there are some problems. Built-in password managers in web browsers aren’t as powerful and useful as third-party password managers. They are catching up, but they’re

not as good yet. Here’s why.

Beyond Just One Browser Third-party password managers are cross-platform and cross-browser. Built-in browser password managers are limited to that specific brows-er. Let’s say you use Google Chrome on your PC or Mac and Safari on your iPhone. If you use a third-party password manager, you can have your passwords in any browser. If you use a built-in web browser password manager, you can’t mix and match browsers.

Beyond that, password managers offer good desktop and mobile applications, making it easy to access pass-words, license keys, Wi-Fi codes, and any-thing else you want to store everywhere.

Generating Pass-words Third-party password managers don’t just remember your exist-ing passwords—they can automatically gen-erate strong new ones when you’re creating an account or changing an existing account’s passwords.

Some browsers are now adding built-in password generators—Chrome and Safari now have this fea-ture—but they don’t necessarily offer all the options found in pass-word managers, such as the ability to control how long the password is and what type of characters it contains.

Easily Sharing Pass-words Password managers have easy password-sharing features. Want to share your Netflix password with your family members? You can do it with a pass-word manager with a built-in sharing feature. You’ll all get access to the same password entry and, if you up-date the password, it’ll change for everyone else.

Browsers don’t have built-in password-sharing features. You can send a password to someone else in a text message or email, which isn’t very secure. If you do that, it also won’t be automatically updated if you ever have to change it. Password-sharing fea-tures are a great way to share household ac-counts.

Why You Shouldn’t Use Your Web Browser’s Password Manager

Volume 16 Issue 11 Page 7

Third-party

password

managers are

cross-platform and

cross-

browser. Built-in

browser password

managers are

limited to that

specific browser

Founded for the Residents of

Sunland Village East Mission: To help each other learn about Computers

Membership is open to all residents of SVE

Dues are $20.00 each or $30.00 family per year

Due October 1st

5. Jorge Ber-goglio 6. Anthony Weiner 7. Vladimir Putin 8. Linda Love-lace 9. Saddam Hussein 10. Tiger Woods You had trouble with #5 didn't

Great mental exercise for the over-70 crowd, or those close thereto. Which of the following names are you familiar with? 1. Monica Lew-insky 2. Bill Clinton 3. Obama 4. Adolf Hitler

you? You know all the liars, crimi-nals, adulterers, murder-ers, sluts and cheaters, but you don't know the Pope?

Mental Excercise

Check us out at

svecc.com

SVECC

President

Dick Moon

Check us out at

svecc.com

SVECC

People helping

People