Watch out for Bad Actors and Scams

There are a lot of bad actors and scams out on the internet (and social media). Here are some hints to help you protect yourself and your accounts.

You don’t have to friend everyone. If the account looks suspicious, you can ignore the request or block the person.

Watch out for the lovelorn widowers, sad stories looking for money, and handsome men looking for friends. These are often bots or other bad actors. They friend you and your friends to start up friendly conversations that usually end up with some kind of request for money.

Watch out for spoofed accounts, friend requests from someone who is already your friend.

There are some scams where you are tagged to a group post that looks like it’s from the social media company. The message is usually something about being locked out of your account for a violating some kind of standard. They provide a link for you to rectify the problem. It’s really a link to gather your private information. The social media platforms do not notify you in a group post. Untag yourself and block it.

You can report offensive, harassing, or dangerous accounts to the social media company. You can also untag yourself from messages or posts. Use the block or ban feature to prevent that account from contacting you again.

You can also set security parameters on your account and posts that will limit who can see your items or contact you.

Here are some hints that may help you spot a suspicious account:

  • It’s a request from someone who is already your friend.

  • There are very few posts on the person’s site, and most of them are from another user (not the account owner).

  • There is very little background or biographical information and often only a few pictures on the account.

  • Many times, there are no recent postings.

  • If you receive a random direct message, it’s often a “ping” with a “hello” or something else to see if you will respond.

  • Posts or direct messages are full of spelling and grammatical errors. (Though this is improving with AI.)

  • There are lots of pictures of military personnel, flags, puppies, kittens, and flowers on the “person’s” site.

  • The account may flood your page with likes and comments that don’t quite fit the topic.

  • Some “digital marketers,” “book promoters,” “professional book reviewers,” and “social media promoters” are often accounts who are looking for authors to buy their “services.” The friendly chat will quickly turn into an expensive sales pitch.

Be vigilant and stay safe out there. The bad actors are always trying to work a new scam.

Watch out for Mobile Malware

Malicious software that targets devices and accesses your sensitive information is called mobile malware. Applications, email, texts, and webpages are ways that this software can affect and infiltrate your devices.

Here are some tips to help you protect your mobile devices and accounts:

  • Stay current with your software updates. These contain patches to fix vulnerabilities. If you skip updates, your device isn’t protected.

  • Use secure WiFi. This can limit attackers from introducing malware on your device.

  • Don’t click on questionable links in texts and emails. This one should be on the list multiple times. This is the easiest way for you to let a bad guy in.

  • Be aware of who you’re responding to in texts. Attackers often impersonate people you know or might respond to. These are called smishing attempts/attacks.

  • Only download apps from reliable sources (your trusted app store). You take a chance if you download from a link or an unknown website.

Be careful out there. There are a lot of bad actors. You have to be vigilant all the time.

Secure Your Mobile Devices - Tips for Writers

Mobile devices do get infected with malware and can be hacked. Applications, texts, websites, and email are ways that malware can infect your equipment.

Here are some ways to protect yourself.

  1. Always keep your software current. Patches and fixes correct the latest vulnerabilities that can damage your device.

  2. When you are away from home, use secure WiFi. Unsecure WiFi (ones that don’t require a password) make it easier for bad actors to infect your device.

  3. DON’T CLICK ON QUESTIONABLE OR UNFAMILIAR LINKS. If it looks suspicious, don’t click.

  4. Only download apps from reputable services (e.g. your device’s app store).

  5. Turn your device off periodically. This clears the temporary memory and forces automatic updates.

  6. Avoid accessing your sensitive or private data on public WiFi.

  7. Avoid using public phone charging stations. Many of these have malicious malware that can infect your phone.

Don't Click on That Link - Ways Authors Can Protect Themselves

click.png

October is Cybersecurity Awareness Month. The threats out there are constant and dangerous. We have to be vigilant all the time. It only takes one slip to cause big problems. Make sure that you’re protecting yourself. Here are a few suggestions:

  • Don’t click on any links or attachments that you can’t verify.

  • These attacks can come via email, text, phone call, or social media friend/connection requests.

  • Legitimate contacts don’t ask for your login or password.

  • Never use the link or the phone number in a suspicious email or text or one that a unsolicited caller gives you. Call/email using a verified contact that you already have or use a search engine to locate the company’s official page and contact information.

  • Hackers use social engineering to find ways in. You don’t have to accept every friend request. If it looks suspicious, delete or block it. When you accept them, you give them access to your information. This allows them to harvest information about you and others. Also, it provides them legitimacy when they send a request to your friends. It may look benign to you, but gathering information about causes, vacations, travel, and interests gives them additional ways to appear to connect with you and to lull you into a false sense of security.

  • Many of the scams are lonely hearts, causes asking for money or support, or fake friend accounts. If you’re already linked to someone, and you get a second request, be cautious.

  • Many of these scams create a sense of urgency or emergency. You need to provide what they’re asking right now or your service will be cut off, you’ll be arrested, you’re in violation, etc. That’s a red flag. When people are rushed or frustrated, they don’t think things through, and they often click or provide information that they shouldn’t. Stop and think before you respond.

  • Clicking on a link or an attachment is just as bad as providing your personal information. Many of these install malware or viruses on your computer. They can track your keystrokes, collect personal information, and even turn on your camera and microphone to see/hear what you’re doing.

  • Take a minute to look at your security settings on your social media sites. Is all of your information open to the world?

  • Make sure that you download your security patches regularly. Security threats change constantly, and you need to make sure you plug any holes in your operating system or applications. Updates take time, but unpatched systems are easy targets.

  • Computers running extremely slowly, frequent/unplanned shut downs, pop-ups appearing on your screen when you’re not on the internet, and your friends receiving social media requests or strange emails from you that you didn’t send are signs that you’ve been infiltrated. Change your passwords and get your system scanned and cleaned.

As authors, we want to build our platforms and increase our following. Just be careful. Bots and hackers aren’t the followers you want. Don’t put yourself or your personal information at risk.

Cybersecurity Tips During the Pandemic

cspan.jpg

Recently, I attended a Risk/Security conference for the day gig. I always get excited over the new technologies and possibilities, but the warnings and dangers always make me want to hide under my desk. (And I turned into fan girl when Neil deGrasse Tyson presented one of the keynote speeches.) Here’s what I learned about cybersecurity and working during the pandemic:

  • The pandemic has taught us that we need to be flexible and ready to change. Everyone has had to adapt to new ways of doing things.

  • Because users are not always working in their traditional offices, they expect applications, systems, and websites to work on different devices. If they don’t they often go elsewhere. (This means that your website/blog needs to be mobile friendly.)

  • Hacks, phishing campaigns, and ransomware attacks have increased with everyone working at home and connecting remotely. You need to be alert and careful.

  • Do NOT click on anything (e.g. links, email addresses, attachments, pictures, recipes, games, surveys) that you don’t know where it came from. If it looks fishy, delete it.

  • Data is extremely valuable to hackers.

  • Nomoreransom.org is a valuable resource if you experience a ransomware attack. Help and good advice are available. It also has some deencryption tools. (Ransomware is when someone installs malware on your device. It becomes active and encrypts your files. You’ll receive a request for payment in order to return your data. Often, this malware also steals copies your data.)

  • Human error or human behavior (clicking on things) causes 90% of the cyber attacks.

  • As a consumer/user, make thoughtful decisions and know how to avoid security risks.

  • Email is one of the top ways that hackers get access to you.

  • Make sure that you back up your files regularly. Your data is important.

  • Use a SPAM filter to get rid of unwanted email.

  • Make sure that you have anti-virus software on your computer and that it is current.

  • Stay current with your patches and updates. These include updates and security fixes for vulnerabilities. There are regular patches for your operating system, and often, software you use will have updates.

  • In 2020, there’s been a 71% increase in malware on mobile devices.

IMG_6119.jpg

Computer and Data Security for Authors

I returned from a rainy week in Orlando to buckets of rain in Central Virginia. I went to an IT conference and heard about all kinds of new technology. One of the highlights was when I had liquid nitrogen ice cream. Literally, too cool. The smoky fog (and probably all the rain outside) gave me flashbacks to the "Creature from the Black Lagoon" and "Swamp Thing."

nit.jpg

While I was there, I had the pleasure of attending Dr. Eric Cole's keynote presentation on IT Security. Many of the key points relate to authors. It's important to protect your data and your devices.

He reminded the audience that most people buy security/alarm systems AFTER a break in. Security should be a constant thought in order to defend against hacks and attacks. You need to be prepared.

As a user, you need to be aware of passwords. Don't use the same one for everything. You're giving a hacker the keys to the kingdom. Be careful what you click on and what attachments you open. You are one click away from being compromised.

The risks of compromise will always be there. You need to minimize or mitigate these risks. Don't click on strange links. Make sure that your security settings on your device are set.

Regular patching is important to ensure that known vulnerabilities are corrected. Make sure that your PC/laptop gets its regular updates. 

Know the value of your data. And know where your critical files are. He talked about his million dollar laptop. He has files and client work on his device. Add up the value of what you've stored. Data is king. What would it cost you if you lost that document. Regular backups are important.

Also, free doesn't always mean "free." Games, apps, and services that are free are often mining or monitoring your data. Read the user agreements before you access them. And watch your children's free games. Many of them monitor or share your location. 

If you're traveling to parts of the world where hacking is rampant, he suggested taking a "throw-away" device for use there. Don't access your critical information (e.g. banking, etc.). Don't use the device when you return. 

Security often becomes an after-thought in today's busy world. Be careful. The chances of being hacked are high. Be prepared and do what you can to mitigate the risks.

7 Things Writers Need to Know about Cybersecurity

Recently, I attended RVASec, a cybersecurity conference in Richmond, VA. Mikko Hyponnen of F-Secure was the keynote speaker. He is also the curator for the Malware Museum at the Internet Archive. He focused on where we've been and what's next with technology. He also talked about vulnerabilities and things we need to be aware of in this every-changing world.

Here are seven things I learned from his presentation:

  1. We've experienced the Internet revolution. Right now, we're experiencing the Internet of Things (IoT) revolution. There are thousands of smart devices out there, and you need to consider security. He said that the next big revolution will be Artificial Intelligence (AI). I'm not sure I'm ready for the rise of the machine just yet.
  2. The first case of ransomeware happened in 1989. I thought it would be in the late 90s or 2000s. Cybercrimes have been around for a while.
  3. He reiterated this point several times. DO NOT CLICK on the ENABLE content button on websites. He called this the "please infect by PC" button.
  4. "Data is the new oil." You will not be able to avoid smart devices. Soon, anything that plugs in will have some kind of smart of computer component. He gave lots of examples like smart mattresses and smart lightbulbs. And these devices are sending data and analytics about your use of them back to the manufacturer.
  5. Appliances and other smart devices (that we don't think of as computers) will come with software licensing agreements and configuration instructions. Anything that runs on electricity will eventually be connected to the Net.
  6. Your smart devices (cameras, lightbulbs, thermostats, etc.) are vulnerable. If you take it out of the box and plug it in without reading the instructions and checking the security settings, you could be susceptible to hacks or attacks. (If you can turn a camera on or unlock a door with your phone, so can a hacker.)
  7. Make sure that you set strong passwords on your devices. Things that are easy to remember are also easy to hack.

I love new technology and gadgets, but I think it's also good to have a healthy awareness of some of the dangers of lax security. What's your favorite smart device?