AI used to fake voices of loved ones in "I've been in an accident" scam

Here's an interesting article from Malwarebytes, well worth reading - Allen Roochove NCC Techno Buddy 22.01.24

Posted: January 17, 2024 by Pieter Arntz

The San Francisco Chronicle tells a story about a family that almost got scammed when they heard their son's voice telling them he'd been in a car accident and hurt a pregnant woman.

Sadly, this is becoming more common. Scammers want to spread panic among their victims, and to do this, they feign an emergency situation. That may be a car accident, unexpected hospitalization, or any other scenarios which instantly cause concern and cause victims to act quickly.

Sometimes it's a pregnant woman who is hurt, sometimes it's a diplomat.

In earlier days of scams like these, success depended a great deal on the criminal's skills at social engineering, but rapid advancements in Artificial Intelligence (AI) mean scammers can now easily and convincingly fake the "voice" of the relative that is the supposed victim of the accident.

What better way to make the victim believe that something bad has happened than hearing their loved one cry out for help in their own voice. With the help of various AI powered tools, criminals can easily compose fragments based on a short voice clip they found online.

FBI Special Agent Robert Tripp said:

"Now criminals can fabricate a voice using AI tools that are available either in the public domain for free, or at a very low cost."

The criminals will keep that part of the communication short, so the target is unable to ask the relative any questions about what happened. While it is possible to fake entire conversations with the help of AI, the tools that can do that are much harder to operate. The criminal would have to type out the responses very quickly and the target might get suspicious. In the story from the San Francisco Chronicle, the phone was "taken over" by the so-called police officer at the scene of the accident, who told the parents that their son would be taken into custody.

This was later followed a cold call by someone posing as legal representative for their son, asking for money to for bail. The intended victims got suspicious when the so-called lawyer said he'd send a courier to pick up the bail money.

The FBI says it has received more than 195 complaints about this type of scam that it refers to as "grandparent scams." It reports nearly $1.9 million in losses, from January through September of 2023.

How to avoid scams like this

One of the main tools for the imposters is the amount of information they can round up about the target. Their main sources will include social media and phishing.

There are a few simple precautions to lessen the chances of falling victim to such scams:

  • Avoid letting third parties know too many personal details about you.
  • Do not answer telephone calls from numbers you do not recognize or calls from private numbers.
  • Ask for the caller's telephone number and check it.
  • If necessary, try to reach your allegedly implicated family member by phone. If you can't reach them directly, call someone else who might know where they are.
  • Hang up if in doubt and never give financial or personal information to the caller.
  • If you receive or have received such a call, please notify the police immediately and under no circumstances respond to the perpetrators' demands.

Visit the Malwarebytes website:-     https://malwarebytes.com 

----------------------------------------


Should you allow your browser to remember your passwords?

Here's an interesting article from Malwarebytes, well worth reading - Allen Roochove NCC Techno Buddy 06.11.23

Posted: November 2, 2023 by Pieter Arntz

At Malwarebytes we've been telling people for years not to reuse passwords, and that a password manager is a secure way of remembering all the passwords you need for your online accounts.

But we also know that a password manager can be overwhelming, especially when you're just getting started. Once you've stored your tens or even hundreds of passwords, a password manager is relatively convenient to use and keep updated. But you have to get to that stage first and not everyone is at the same level of computer literacy.

So, you may have wondered if there's another way. No doubt, you'll have seen the pop ups in your browser asking if you'd like it to save your password for next time. In fact, many browsers refer to that as their password manager.

It's very convenient, since your browser is usually the application that needs the password, but is it a good idea?

As usual, there are pros and cons.

Encryption. With a browser password manager, someone with access to your browser could see your passwords in clear text, although Windows can be set to ask for authentication (the same you use at startup of your device).

The "Show password' option

To see the passwords in an actual password manager, an attacker would need to know the password for the password manager or the recovery phrase, which are usually a lot harder to find out than the Windows authentication (if set).

A word of warning here, some password managers have the option to keep you logged in for hours or even days. If there is any chance that anyone may acquire physical access, such settings defeat the added security of a password manager, since the attacker could open the password manager and look at your passwords in more or less the same way as they could in your browser.

Lookalike phishing sites. Both a standalone password manager and the one in your browser will protect you here. They will not fill out your password if the domain doesn't match the one you saved the password for, which could indicate a phishing site. This can be very useful and this is where it beats writing down the password on a piece of paper or storing it in a text file. I should add that the domains that are worth setting up a fake site for are usually the ones that we would advise you add multi-factor-authentication (MFA) to.

Syncing. If you've stored your passwords in the browser and have chosen to synchronize your browser between devices, your passwords will port over as well. This is obviously very convenient, but it's also a potential danger if someone gets access to one of your devices. A true password manager doesn't rely on syncing between the same browser on different devices. Once you have the password manager installed on a device, you have it handy to use in any browser or other apps.

Offline. Many password managers cache your passwords locally, so you still have access when your connection is broken. Browser password storage doesn't allow for this.

Business devices. It's hard for the IT department to keep track of which user has which passwords saved in their browser. Password managers for businesses give them a better insight and make it easier to revoke passwords when needed.

Password stealers. There are types of malware that are capable of harvesting passwords from your device. They know exactly where browsers store their passwords and the encryption key, so they can steal and send the credentials to the attacker. Password managers are separate to the browser so they're not at risk in the same way.

Data breaches. Several password managers will warn you if they find that your credentials are involved in a data breach, so you can change them. Browser storage doesn't do this.

Complex passwords. Humans are bad at creating and remembering complex passwords. A password manager and some browsers can help you create a password that meets the required complexity and store it so you don't have to remember it.

Side channel attacks. As we saw with a recent bug in Safari, attackers can use the autofill feature in a browser to harvest login credentials for a site. This only works if you have autofill enabled, so to make things a bit safer you can tell your browser to wait for your OK before it fills out the data. Here's how…

How to disabled autofill

  • Brave: Settings > Autofill and passwords > Password Manager > Settings. Toggle off "Sign in automatically"
  • Chrome: Settings > Autofill and passwords > Google Password Manager > Settings. Toggle off "Sign in automatically."
  • Edge: Settings > Profiles > Passwords > Settings. There you can toggle off autofill for passwords and for Personal data separately.
  • Firefox: Settings > Privacy & Security. Scroll down to Logins and Passwords and uncheck "Autofill logins and passwords."
  • Opera: Settings > Advanced Settings > Autofill > Password Manager > Settings. Toggle off "Auto Sign-in."
  • Safari: Safari (in the menu bar) > Settings > Autofill. Uncheck "Usernames and passwords" and "Credit cards".

So should you allow your browser to remember your passwords?

Your browser password manager gives you "ease of use" but that costs you some of your security. Of course, password managers aren't fool proof either, so it's important to decide for yourself where you store your passwords.

If you're confident the website is safe and anyone that can access it under your account will not learn anything new, feel free to store the password in your browser, but disable autofill so you are the one that is in control.

Use MFA where possible. It enormously reduces the risk should someone get hold of your password. And refrain from using the browser password manager to store your credit card details or other sensitive personally identifiable information (e.g. medical information).

We don't just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

https://www.malwarebytes.com/blog/news/2023/11/should-you-allow-your-browser-to-remember-your-passwords?utm_source=iterable&utm_medium=email&utm_campaign=b2c_pro_oth_20231106_novemberweeklynewsletter_v1_169927472188&utm_content=Woman_using_2FA_factor_on_her_phone  



The devices in our homes are getting smarter all the time. How smart are you about keeping yours protected?

Here's an interesting article which we received today - I think it's well worth reading - Allen Roochove, NCC Techno Buddy (28.06.23)

For many of us, today's home is a very convenient and cool place to live, with more and more devices responding to a tap in an app or the sound of your voice.

However, every device that's connected to your Wi-Fi is also transmitting data which could be of interest to criminals, not least your speakers, voice assistants, cameras, intruder alarms, cameras, door locks and security lighting. Or even your kids' toys.

Not setting up and maintaining the appropriate security measures for your smart devices, their apps and your Wi-Fi network could lead to your information being stolen and even your every movement being observed.

Another consideration is that the data provided by your smart devices – or the information you supply when you set them up – could be used by manufacturers for unwanted purposes, including being sold on to third parties.

Top tips for your smart devices

  • Consider that buying well-known, reputable brands means that more care has probably been taken in securing the products – for your and your family's security.
  • For smart devices for which you need to log in to connect, replace factory-set passwords with secure ones you create yourself. This is because default administrator passwords may be common to every device shipped, and potentially insecure. If in doubt, check manufacturers' instructions on how to change passwords.
  • Don't use the same password for more than one connected device, nor share passwords with those you already use for other online accounts.
  • Make sure your Wi-Fi network is secure. Read our advice page on Wireless Networks & Hotspots at www.getsafeonline.org 
  • Make sure that all your computers and mobile devices are protected with updated internet security software / app, and that access to these devices is safeguarded with a PIN or passcode.
  • Check the apps associated with your connected devices and install updates as soon as prompted. Also, regularly check manufacturers' websites for updates, as they can be slow to push these out via the app.
  • Limit the amount of information you provide when setting up an app to what is absolutely necessary.
  • Be aware that devices like voice assistants, smart speakers and cameras are always active and potentially recording unless you switch off or disable them.

Get the full story

For everything you need to know about securing your smart devices,please visit www.getsafeonline.org   and search 'Your Connected Home'



PORTUS E-PRO AIO-201 24" 

PRO "ALL IN ONE" PC

 Here are the specifications, from the 'Portus Digital' website, of the new 'All In One' PCs we are installing in the Cyber Centre - we hope all our members will be delighted with them!  

Also, a huge 'vote of thanks' to Neston Town Council for the £2,500 grant we received from them enabling us to purchase the new PCs

https://www.portusdigital.com/ 

PORTUS E-PRO AIO-201 24" PRO ALL IN ONE PC, INTEL i3 12TH GEN/ 8GB RAM/ 512GB Solid State Drive

  • 24" High Definition 1920*1080 Screen
  • Intel Core i3-12100 3.3Ghz (4.30Ghz Boost) Processor
  • Intel UHD Graphics
  • 8GB DDR4 2400Mhz RAM (Upgradeable)
  • 512GB SSD NVME M.2(Upgradeable)
  • Built-in Pop Up Webcam
  • Realtek Wi-Fi 5 AC (1x1) and Bluetooth 4.2 combo (supporting gigabit data rate)
  • Built-in Microphone and Speakers
  • Fully adjustable swivelling screen
  • Windows 11 Pro 64-bit
  • 3 Year Warranty*
  • Portus Wireless Keyboard and Mouse

PORTS

  • 2x USB 2.0
  • 2x USB 3.0
  • 2x USB 3.2 Gen 2
  • 1x USB-C 3.2 Gen 2
  • 1x USB-C
  • 1x Ethernet (Gigabit)
  • Headphone Output
  • Microphone Input

Redesigned from the ground up

After the huge success of its predecessor (The Portus Pro) we have listened to your feedback and are proud to present the new Portus E-Pro, an even better model of our first AIO.

With the ever-evolving computer market, we've introduced a brand-new sleek design and colour to this line-up. Alongside a pair of high-fidelity speakers and new and improved webcam, the difference is night and day.

The time is up on Tower PCs. All-In-Ones are the future today

The Portus E-Pro All-In-One PC saves space and looks great. All our AIO PCs operate with just one cable for power and the rest is done wirelessly with our Portus Keyboard and Mouse included with the product. Every machine is assembled by a team of experts in the UK meaning you can trust your products security and quality.

No compromise on power and speed

Now exclusively using the Intel 12th Generation CPUs you can be rest assured that the Portus E-Pro can handle any task you might throw at it. We only use true Desktop versions of Intel processors unlike other manufactures who often use Laptop versions which are cheaper and slower. Performance can be as high as 40% greater with Desktop chips versus Laptop specs.

To help you store and access your files at lightning speed we use a state-of-the-art Solid-State Drive to boot Windows and a traditional Hard Drive to store those larger files (where applicable). This means that you can be up and running within 30-seconds of turning your AIO on.

Sleek, stylish design

The Portus E-Pro features a Full HD display, displaying vivid colours and visuals. This is coupled with slim bevels on the frame, creating a great user experience. Whether you want to use the AIO standing up or sitting down, you can create the viewing angle that suits you. The screen can rotate 90-degrees to work in Portrait mode which is good for long text documents and creative flexibility.

Environmental Impact

We pride ourselves on being a sustainable company and limiting the amount of tech-waste that ends up damaging the environment. To make our AIOs last longer, we made sure that they can be upgraded easily with new CPUs, extra RAM and storage.

As with all our AIOs the energy savings are significant with the E-Pro compared to traditional tower PCs. According to studies the average desktop computer setup will use 100 watts of electricity in normal operation, when compared to the Portus E-Pro it uses less than 50 watt which means you're using up-to 50% less electricity.

Operating System

All Portus products now come with either Windows 11 (recommended) or Windows 10 Pro. 

Our AIO PCs are durable and tough performers. We offer 3-years standard limited warranty free with every item. In the unlikely event of your AIO developing an issue, our friendly support team are on hand to resolve it for you. If the computer needs to come back under warranty for a replacement or repair, we cover the costs for return shipment.

If you are looking for extra piece of mind and possible savings down the line, we do also offer an extension to this warranty for an additional 2 years. Therefore, covering your Portus branded product for 5 years in total from the date of purchase. You can increase your warranty to our 5-year option for just £129* – which is less than what other leading brands charge for their shorter 3-year warranty.

DIMENSIONS

  • Min 39.6cm H
  • Max 51.3cm H
  • 51.5cm W
  • 3cm D (Monitor)
  • 13cm D (to stand)
(Allen Roochove, NCC Techno Buddy - 10.03.23)

Here's an interesting article from 'Avast Antivirus' - we are not trying to get members to use 'Avast' since there are plenty of other antivirus programmes on the market to choose from eg Windows Defender/ Malwarebytes/ Bitdefender/ AVG/ Avira etc etc etc   What this article does very nicely is to explain the difference between 'malware' and 'virus'

(Allen Roochove, NCC Techno Buddy (03.02.23)

What's the difference between malware and a virus?

Malware is an umbrella term for any malicious software written specifically to infect and harm the host system or its user. A computer virus is just one type of malware. Just as all squares are rectangles (but not all rectangles are squares), all viruses are malware, but not all malware is a virus.

So if you're wondering whether malware and viruses are the same thing, the answer is a firm "no." The malware category includes viruses, spyware, adware, ransomware, and other types of harmful software. Knowing the differences between viruses and other types of malware is helpful when it comes to prevention as well as removal.

A computer virus is designed to copy itself and spread to other devices as widely as possible, just as a biological virus infects its host, self-replicates, and spreads to new hosts. Computer viruses proliferate by infecting applications and email, and they can be transmitted by removable storage, infected websites, email attachments, and even networking routers.

Exactly what the virus does depends on its level of sophistication. Simple malicious code damages your hard disk or deletes files. A more complex virus might hide on your computer and engage in unwanted activity such as spewing out spam. Highly advanced viruses, called polymorphic viruses, modify their own code to evade detection.

Above malware and viruses is a larger, overarching category: threats. Threats encompass malware, and also include other online threats like phishing, identity theft, SQL injection, and more.

Why are viruses and malware so commonly confused?

Confusion over the difference between virus and malware comes down to entrenched name recognition. Once a word or term becomes ingrained in the collective mindset, it tends to stick. Although cable TV regularly uses a digital video recorder, many people still refer to the recording process as "taping", a throwback to the VHS days. Old habits die hard.

The first malware in the 1970s were dubbed "viruses". The first antimalware programs published in the 1980s and 1990s were called "antivirus," because that was the primary problem at the time; many such tools today continue to use that name, even though they protect against far more than viruses. That's true for Avast One, too!

Does it matter if malware is the same as a virus if you don't have any protection? Not really - without a strong antivirus, you'll be vulnerable to all kinds of malware. Avast blocks over 66 million threats per day, and we'd be happy to keep you secure, too.

So there are other kinds of malware out there, too?

The cybersecurity landscape is evolving. Sadly, there are more "bad guys" than ever before, and they are motivated (financially and otherwise) to innovate. Viruses aren't the only risk facing internet users today:

  • Worm: A self-replicating piece of malware whose primary function is to jump from computer to computer, often without doing anything beyond replication.

  • Adware: Advertising spam that is designed to shower you with ads on your device in order to generate ad revenue.

  • Scareware: It'll tell you that your computer is infected with malware and prompt you to download a solution. Sometimes the download will itself be malware, and other times you'll be pressed to pay for useless software.

  • Spyware: Just as the name implies, it spies on your actions, recording your keystrokes with the intent of stealing login credentials.

  • Ransomware: A newer and particularly nasty form of malware, ransomware locks up your computer, folders, or files and makes them inaccessible to you, essentially holding them hostage while demanding a ransom payment.

  • Rootkit: The hardest to detect and remove, these kits bury themselves deep in your computer and perform a variety of illegal activities, including stealing user info (similar to spyware), sending spam emails, participating in DDOS attacks, or granting hackers remote access to your device.

Some of these overlap, and the distinctions can be confusing. For many people, ultimately it doesn't matter. The point is that someone is trying to do bad things to or with your computer, and you just want them to stop.

What type of devices can be affected?

Malware can harm any kind of device, though depending on what you use, you'll be at varying degrees of risk. Windows PCs are the most popular target because they are the most widely used computer systems. Mac computers were ignored by malware creators for years because of their then-lower market share, but as they grew in popularity, Mac malware began to appear as well.

Smartphones and tablets can also be infected by malware, despite their comparatively higher security. While you can only download apps on your iPhone via the official App Store, Android users aren't as rigidly limited to Google Play. Still, while both companies patrol their stores diligently, malware sometimes manages to sneak through and infect a few unlucky souls before it gets taken down. If it happens to you, you can learn how to remove viruses from Android or iPhones.

It is also possible to get malware on your smartphone or tablet if you jailbreak it, which removes the device's built-in protective walls. Generally, jailbreaking is only done by very advanced users who know how to do it and know the risks they are taking. Unless you're one of them, think twice before jailbreaking your phone.

iPhone users are typically only at risk from malware if they've jailbroken their devices, while Android is much more prone to attack.

How can I tell which one I have?

Most malware does its best to avoid detection, though there are some types that rely on making their presence known. Ransomware, for example, blatantly informs you of an infection so that you'll hopefully, from its creator's point of view, pay the ransom they want. Other forms of malware, such as spyware, try to be as low-key as possible. Their purpose is to gather information, and it behooves them to do so without detection.

There are some common signs of a malicious infection, regardless of the type. One of the dead giveaways is that your computer suddenly begins to run very slowly. That often means a poorly-written piece of malware is sucking up your computer's resources. Conversely, a slowing hard drive could also simply be on its way out, and while you'd be spared the malware infection in this case, you'll still need to take action to save your data.

There are, of course, other reasons beyond malware that can cause your computer to have performance problems, and we offer advice about how to speed up your Windows PC, ways to improve MacOS performance, and hard disk performance processes. But you should always start by checking whether the system is infected with malware. And since many malware applications block antimalware software installation, ideally you'll have already installed a malware removal tool on your computer.

Because so many types of malware display similar symptoms, it can be tricky to identify the precise variant on your device - unless, like ransomware, it tells you. Regardless of the malware you're dealing with, it's imperative that you take immediate steps to remove it from your computer and prevent it from spreading to additional devices on your network.

Do I need both antivirus and malware protection?

In this day and age, the two are one and the same - there's no distinction when it comes to antivirus vs. antimalware. Nobody's offering software that detects and removes viruses while ignoring worms, Trojans, spyware, and ransomware. Even if the product name says "Antivirus," a close reading should reveal that it offers wide-ranging protection (and if not, don't use it).

Good antimalware software packages also monitor email clients and web browsing, and maintain a database of known and reported dangerous sites. If you try to visit a site known to carry a malicious payload, your antivirus software stops you from even loading the website.

Likewise, if a suspicious attachment comes in via email, your antivirus software detects it and moves the attachment to a quarantine folder where you are barred from opening it. If you verify that the attachment is legitimate, you can move the file to a regular folder and mark it in the antivirus program as erroneously flagged for future reference.

https://www.avast.com/c-malware-vs-virus  


What is malware? Malware definition

Malware, or "malicious software," is an umbrella term that describes any malicious program or code that is harmful to systems.

Hostile, intrusive, and intentionally nasty, malware seeks to invade, damage, or disable computers, computer systems, networks, tablets, and mobile devices, often by taking partial control over a device's operations. Like the human flu, it interferes with normal functioning.

The motives behind malware vary. Malware can be about making money off you, sabotaging your ability to get work done, making a political statement, or just bragging rights. Although malware cannot damage the physical hardware of systems or network equipment (with one known exception-see the Google Android section below), it can steal, encrypt, or delete your data, alter or hijack core computer functions, and spy on your computer activity without your knowledge or permission.

To read the full article, just click this link   https://www.malwarebytes.com/malware  

(Allen Roochove, NCC Techno Buddy (20.09.21)


Is Free Wi-Fi safe?

By Emma McGowan, "AVAST Security" Newsletter, 31st October 2021

Here's an interesting article which I received today - although it's aimed primarily at students, I think it's well worth reading - Allen Roochove, NCC Techno Buddy (30.10.21)

Can free Wi-Fi ever be safe?  Free Wi-Fi offers a quick and cheap solution - but it's often over an unencrypted connection. Which means hackers can use them to steal personal information, launch man-in-the-middle attacks, or even hijack your browsing. So, what can you do? 

Read this before hooking into that free Wi-Fi all the other students are using

School is back in session, and for many colleges, this means a return to campus. After a full year of distance learning, preceded by a chaotic half-year of distance learning, both faculty and students are now reacquainting with being in person again, not to mention actually out in the world, away from their couch. This reacclimatization will take a little time, but there's one little part of it we need to talk about right now - the free Wi-Fi.

These days, people like to be online 24 hours a day. People also tend to like the path of least resistance, especially when they're in a hurry. If they are away from their home, and they want to use their device or laptop, chances are they'll do a quick skim of their Wi-Fi choices, then hook into whichever one seems open, free, and not shady.

The problem is, hackers know what people like. These low-security hotspots are the perfect places to launch sneak attacks on users who join. Hackers can see all unencrypted connections, which can lead them to steal personal information, launch man-in-the-middle attacks, or even hijack sessions. Hackers could try to trick users into installing malware, or they could try something less invasive, like packet sniffing, a way of monitoring the information that's coming and going. Packet sniffing is not so much an attack as simply data analysis for future use.

Now, it must be known that joining up with potentially unsecured free networks is not just a folly of the youth. Avast set up fake hotspots at the Mobile World Congress to see how many cybersecurity experts would actually fall for it; and in just 4 hours, the attendees had unknowingly run 8 million data packets through our sniffing software.

The easy solve for this problem lies in the sentence, "Hackers can see all unencrypted connections." If you want to stop them from seeing your data, you can simply encrypt it! How? Get yourself a free VPN to go with your free Wi-Fi.

A VPN is a virtual private network that encrypts your internet traffic. Imagine that being online is like cruising down a cyber highway where everyone sees you driving your car - when you use a VPN, your car windows are tinted, and nobody can tell who you are. It's the best way to keep yourself safe while you brave the free Wi-Fi offerings around campus. Install a VPN on your device and laptop, and switch it on before you join Wi-Fi networks like CouldBeShady-2G or NoHackersHereWePromise.

College may look a little different post-pandemic, but there are still a few old adages that ring as true today as they did decades ago. At the top of this list is, "You can avoid a world of complications if you just use protection.

https://blog.avast.com/is-free-wi-fi-really-safe-avast?utm_content=631765&utm_term=209952328_2124_858&utm_medium=email&utm_source=sfmc&utm_campaign=c_oo_a_a_alen_21q4_kz_news10avast_b   



What is a "VPN" (Virtual Private Network)?


When you switch on a Virtual Private Network (VPN), it sends your web traffic through an encrypted tunnel to a server controlled by the VPN company. From there, it exits onto the web as normal. If you make sure to only connect to websites secured with HTTPS, your data will continue to be encrypted even after it leaves the VPN. This sounds simple, and maybe superfluous, but it can have profound effects on your privacy.

Think about it this way: If your car pulls out of your driveway, someone can follow you and see where you are going, how long you are at your destination, and when you are coming back. They might even be able to peek inside your car and learn more about you. With a VPN, it's as if you drive from your house into an underground tunnel, into a closed parking garage, switch to a different car, and drive out. No one who was originally following you knows where you went.

When your VPN is on, anyone snooping around your network can't see what you're up to. This is true even if the snooper controls the network. Public Wi-Fi networks, which are ubiquitous and convenient, are unfortunately also extremely convenient for attackers. How do you know, for example, that "starbucks_wifi-real" is actually the Wi-Fi network for the coffee shop? In fact, a popular security researcher prank is to create a network with the same name as a free, popular service and see how many devices will automatically connect. Another benefit of a VPN is that your true IP address is hidden behind the IP address of the VPN server. This makes it harder for advertisers and others to track your movements across the web. Even a dedicated observer would have a hard time telling whose traffic is whose, because your data is mixed in with everyone else using the same VPN server.

 Allen Roochove, NCC 'Techno' Buddy (23rd Oct '21)                                                                               See article from PCMag UK   https://uk.pcmag.com/vpn/138/the-best-vpn-services                        Also see article  from Malwarebytes https://www.malwarebytes.com/what-is-vpn   




Browsers & Search Engines: Not The Same Thing!

Do you know the difference between browsers and search engines?    Simply, a browser is your access to the internet, and a search engine allows you to search the internet once you have access.  You have to use a browser to get to a search engine

     Browsers

You can choose from many browsers, but the most commonly used right now are 

  1. Chrome
  2. Safari
  3. Firefox
  4. Edge
  5. Opera
  6. Brave
  7. Vivaldi   

     Search Engines

It likely won't surprise you to know that Google is the king of the search engines.  Bing is in second place.  Once you are 'on the web' then search engines allow you to 'surf the web'

Top 10 Most Popular Search Engines in the World (2020)

  • Google
  • Bing - Bing is the second most visited search engine in the world (at least in 2020)
  • Baidu 
  • Yahoo Search
  • Yandex
  • Ask
  • DuckDuckGo
  • Naver
  • AOL
  • Seznam
Allen Roochove, NCC 'Techno' Buddy  (24th September 2021)


'Tips on creating Strong Passwords' 

Make It Long - use a minimum of at least 12 characters - the longer the password, the more secure it becomes.

Add Variety - include Numbers, Symbols, Capital, and Lower-Case Letters: the more you mix up letters, numbers, and symbols, the more potent your password becomes, making it harder for a brute force attack to crack it.

Add Emoticons - while some websites limit the types of symbols you can use, most allow a wide range. Make your symbols memorable by turning them into smiley faces to instantly boost your password strength, e.g.,     :)   :(   8)   ;)   :(   :D  :@   <3   :}   :{

Make It Unique don't use Personal Information that can be publicly accessible such as your birth of date, pet's name, car model, phone number, or street name and address.

Don't use a Dictionary Word - any word on its own is bad. Any combination of a few words, especially if they grammatically go together, isn't great either. For example, "mouse" is a terrible password, and "small brown mouse" is not much better

Avoid Common Substitutions - password crackers are familiar with the usual substitutions. "P@ssword" isn't strong just because the letter 'a' was replaced with the symbol

Creating and remembering Strong Passwords

The key to creating a hard-to-crack password is to focus on making it both easy for you to remember and extremely hard for others to guess.

Creating an odd passphrase of words that typically don't go together is a good way to create the base of a long password. Some sites will even allow spaces - just add symbols and numbers to make it even stronger.

Example: 32 Seagulls deliver bologna sandwiches to Paris    (47 character password)

Example: 32-Seagullsdeliver bologna5andwiches2Paris!       (43 character password)

Use the first digit in each word to create an acronym and add numbers and symbols throughout.

Example:    2BorNot2B_ThatisThe?                                                                                                 

To be or not to be, that is the question - (20 character password)

Example:    1gbeFnw18f:}                                                                                                            I go bowling every Friday night with 18 friends  (12 character password)

        Use Random Words to create a passphrase -

This method does not follow the traditional password advice of not using dictionary words. Instead, use four or five random words and string them together to create a passphrase that involves multiple words. 

The randomness of the word choice and the length of the passphrase are what makes it strong. 

The most important thing to remember is that the words need to be random.   For example, "cat in the hat" would be a terrible combination because it is such a common phrase, and the words make sense together.

But something like "correct horse battery staple" doesn't make sense, and the words aren't in grammatically correct order - that's a 30 character password

Developing on that, we could have something like

"7 Computers 26 Nose hairs & 320 Warts :)"

That's a 42-character password that would be easy to remember and extremely hard, if not impossible, for someone to guess - and the possibilities are endless ...

Allen Roochove, NCC 'Techno' Buddy  (August 2021)