Security

– USAA Tips to Be Cyber Smart.

Published December 3, 2022 | By Glenn

USAA Tips to Be Cyber Smart.

USAA is committed to protecting its members from fraudulent activities and cybersecurity threats. We encourage you to become a more vigilant online consumer by reviewing and embracing the following tips.

Fraudsters are smart, but you’re smarter.

Identify the imposter. Imposters pretend to represent USAA, another bank, a government agency, or a close family member. These fraudsters are impersonating USAA employees through text and phone calls. Even if it looks or sounds like us, we’ll never call you and ask for login information or one-time codes. Ever.
If it’s too good to be true. You found that perfect job online. You get hired quickly and receive a check to buy supplies. You’re asked to deposit the check and send back the money you don’t use. Unfortunately, their check bounces, and now you’re at a loss. If you’re ever asked to deposit a check and send money elsewhere, don’t do it. It’s a scam!
Protect yourself from phishing emails. Pay attention to any email claiming to be a bill or a security alert. If anything looks odd such as misspelled words, your name not appearing on the email, links that don’t appear to go to the right place, requests for you to “verify” your account or personal information, delete the message, and report these requests to [email protected].
Recognize pressure tactics. Fraudsters will create a false sense of urgency to get you to act. Don’t fall for it.
Go to the source. Trust your gut. If you’re questioning the person who called you, texted you, or sent you an e-mail, hang up and call the phone number on the back of your card.
Be a smart sender. Never send money to someone you don’t know in real life, especially through third-party services such as Zelle®, Venmo, and Cash App. Don’t send payment with gift cards. Legitimate businesses will never request a gift card to satisfy a bill.

Stay secure with these best practices.

USAA won’t ask you for that (or any other financial institution). We’ll never call you to request a one-time verification code, USAA PIN, password, or other personal identification details.
Enable multifactor authentication. USAA offers a “remember me” feature to help you log in without compromising security.
Use strong passwords. Traditional passwords aren’t secure enough. Use the strongest authentication options provided, and don’t share or save these details on public devices.
Monitor your accounts frequently. Keep a close eye on your accounts, respond to fraud alerts and report unauthorized transactions immediately.
Don’t respond to unsolicited messages. Ignore and delete random texts and e-mails that ask you to click a link or provide personal information. Don’t ever click links from untrusted sources.

Posted in Security, Tips

No, LastPass Didn’t Expose Your Passwords

Published December 2, 2022 | By Glenn

No, LastPass Didn’t Expose Your Passwords – By Neil J. Rubenking PCM
When you heard that LastPass got hacked, did your heart sink? Did you imagine that all your accounts and passwords had been captured by random hackers? If so, I have good news: Your passwords are safe. The breach involved the kind of customer information that any site must track, not the specialized and thoroughly encrypted vault that holds your passwords.

Posted in How it works, Security

Lessons from a Professional Password Cracker

Published December 1, 2022 | By Glenn

Lessons from a Professional Password Cracker – by Julia Angwin The Markup

Ever since my Twitter account was hacked a decade ago—because of a weak password—I’ve been passionate about creating and using better passwords. I use a password manager for most accounts, and my most important passwords are long word combinations that are stored both in my head and using pen and paper.

Posted in Learning, Security

Should I Use My Password Vault for Two-Factor Authentication As Well?

Published December 1, 2022 | By Glenn

Should I Use My Password Vault for Two-Factor Authentication As Well? – By Ask Leo! YouTube

Posted in How it works, Security, Tips, Video 784-441

Switch Password Managers Without Risking Your Data

Published December 1, 2022 | By Glenn

How to Switch Password Managers Without Risking Your Data – By David Nield Gizmodo India
Using a password manager or web browser to store all of your login credentials is a convenient and secure way of managing access to your accounts, but you don’t necessarily want to keep all of your passwords in the same place forever. Maybe the pricing structure has changed in the app you’re using, or you just want to upgrade to something more sophisticated.

Posted in How it works, Security, Tips

Turn on your free VPN with your Pixel 7 and 7 Pro

Published December 1, 2022 | By Glenn

Turn on your free VPN with your Pixel 7 and 7 Pro – Here’s how – By Andrew Romero 9to5Google

Google’s Pixel 7 and 7 Pro both come with a free VPN from Google as an added benefit for its newest Tensor G2-powered devices. This guide will show you how to run it and manage it to keep you safe online.

Posted in Pixel, Security, Tips

Email-based scams are on the rise.

Published December 1, 2022 | By Glenn

Email-based scams are on the rise.

With billions of emails sent globally each day, it’s no wonder that email compromise has become one of the largest and most financially damaging online crimes. In an email-based scam, fraudsters send an email that appears to come from a known or reputable source with a legitimate request, such as updating a mailing address or payment instructions.

Stay aware of email-based scams involving home purchases.

We’ve noticed a recent increase in email-based scams for homebuyers. In this scenario, a person is purchasing property and receives authentic instructions from the title company about wiring funds, followed by updated wiring instructions from the fraudster. Fraudsters are able to accomplish this because they have compromised the client’s or title company’s email.

To carry out an email compromise scam, fraudsters will often:

	Create a fake email account or website: Slight variations of legitimate email and website addresses, such as one including slight misspellings, can make fake accounts appear authentic.
	Send spearphishing emails: These messages, which seem like they’re from a trusted sender, can cause victims to reveal confidential information and result in criminals accessing personal or business accounts, calendars, and data to carry out schemes.
	Use malware: Malicious software also lets criminals gain control of mobile phones and personal computers, which provides them undetected access to confidential data, such as passwords and financial account information.

Here are five steps you can take to protect yourself:


•	Set up two-factor (or multi-factor) authentication on any account that allows it.

•	Be careful with the information you share online and the details others share about you online. Scammers often use personal or common information, such as pet names, schools you attended, links to family members, and your birthday, to send phishing emails, guess your password or answer your security questions.

•	Think before clicking or downloading. Don’t click on anything in an unsolicited email, text, social media, or messaging application message asking you to update or verify account information. Never open an email attachment from someone you don’t know, and be wary of email attachments forwarded to you.

•	Verify email addresses. Carefully examine the email address, URL address, and spelling used in emails or text messages. Scammers use slight differences to trick your eye and gain your trust.

•	Compare the From address to the Reply-To address. Scammers are sometimes able to spoof a legitimate email address. Before sending a reply, confirm that the reply-to email address is accurate.

Posted in Security, Tips

Last Pass Security Incident Notice

Published December 1, 2022 | By Glenn

Last Pass Security Incident Notice

Dear valued customer,

In keeping with our commitment to transparency, we wanted to inform you of a security incident that our team is currently investigating.

We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate, GoTo. We immediately launched an investigation, engaged Mandiant, a leading security firm, and alerted law enforcement.

We have determined that an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers’ information. Our customers’ passwords remain safely encrypted due to LastPass’s Zero Knowledge architecture.

We are working diligently to understand the scope of the incident and identify what specific information has been accessed. As part of our efforts, we continue to deploy enhanced security measures and monitoring capabilities across our infrastructure to help detect and prevent further threat actor activity. In the meantime, we can confirm that LastPass products and services remain fully functional. As always, we recommend that you follow our best practices around the setup and configuration of LastPass, which can be found here.

As is our practice, we will continue to provide updates as we learn more. Please visit the LastPass blog for the latest information related to the incident: https://blog.lastpass.com/2022/11/notice-of-recent-security-incident/.

We thank you for your patience while we work through our investigation.

Sincerely,
The Team at LastPass

Posted in Learning, Security

How to Set Up Your LastPass Account

Published December 1, 2022 | By Glenn

How to Set Up Your New LastPass Account – by LastPass

Suppose you are looking for a simple way to protect your privacy and secure your online accounts. In that case, password security is a great place to start, lots of breaches involve compromised credentials, and most involve a human element. If a bad actor can guess or steal just one of your passwords, they may be able to use it to get into your other accounts.

How is LastPass safe? – by LastPass

lastpass-security-model-snapshot

Posted in How it works, Learning, Security, Tips

A Lost-Second-Factor Tale of Woe

Published November 25, 2022 | By Glenn

A Lost-Second-Factor Tale of Woe and How to Avoid Your Own – By Ask Leo! YouTube

Posted in Security, Tips, Video 784-441

PLEASE Set Up and Maintain Account Recovery Information

Published November 25, 2022 | By Glenn

PLEASE Set Up and Maintain Account Recovery Information – By Ask Leo! YouTube

Posted in Learning, Security, Tips, Video 784-441

Thinking about taking your computer to the repair shop? Be very afraid

Published November 25, 2022 | By Glenn

Thinking about taking your computer to the repair shop? Be very afraid – By Dan Goodin Ars Technica
If you’ve ever worried about the privacy of your sensitive data when seeking a computer or phone repair, a new study suggests you have good reason. It found that privacy violations occurred at least 50 percent of the time, not surprisingly with female customers bearing the brunt.

Posted in Learning, Security, Tips

Why You Should Use a Credit Card to Shop Online

Published November 25, 2022 | By Glenn

Why You Should Use a Credit Card to Shop Online – By How-To Geek How-To Geek
Credit cards add an extra layer of insulation when you’re purchasing online in the form of chargebacks. However, they bring the risk of overspending, so you should weigh that possibility when deciding whether to use a credit card.
If you’re buying anything online, whether it’s physical products or digital subscriptions, you may be worried about scams, payment issues, or other shenanigans. There is a simple way to avoid a lot of these issues when paying online, and you likely already have it in your pocket: your credit card.

Posted in How it works, Security, Tips

They Set Up My Computer and Now My Ex Is Spying on Me. What Can I Do?

Published November 25, 2022 | By Glenn

They Set Up My Computer and Now My Ex Is Spying on Me. What Can I Do? – By Ask Leo! YouTube