Posts

Alternate Email Domains, and Why You Should Never Use One

Recently my wife came to me with a problem. She was locked out of her account at a major social media site. She said her password wasn't working. She had just changed it recently but had never logged out and back in again so wasn't sure if she had recorded the new one correctly.  She had already tried the password recovery and reset options via email but she wasn't getting any messages from the company in her inbox. I searched her inbox for messages from the company and found a previous password reset email. The email came from security@facebookmail.com.  My blood went cold. A domain name like this is one of the tricks hackers use to get people to trust their emails.  I immediately ran a search of the WHOIS database which contains a listing of who owns particular domain names. I found the facebookmail.com is in fact  owned by Facebook's parent company Meta.  I have seen this from a number of companies. Instead of using a well-established domain name such Faceboo...
Post a Comment
Read more

Identifying Phishing attempts

In modern computer systems the weakest point (from a security perspective) is often times the person sitting at the desk. Tricking the person into opening up their computer can yield the best outcomes for hackers. Remember it is best security practice not to accept something that is offered to you but instead to go through proper channels to get what you may need. Someone coming to you with an offer of help, especially one you may not have known you needed, is much more likely to have nefarious purposes than if you sought them out yourself. Think about in the real world. If someone is too eager to offer help you start to wonder what their angle is. Why are they so keen to offer help? Often it is best to ask for help from a stranger than to accept help from someone who is approaching you offering. The odds that you will meet a nefarious character go way up when they are the one choosing to have an interaction with you. The same concept can apply to computer security. When a window pops ...
Post a Comment
Read more

Email Aliases

 This is the inaugural post for a new series I will be doing called Securing the Tech. I will be publishing information about computer security. Sometimes it will be high level concepts, other times we may dig deep into topics. Hopefully it will remain relevant to what people are needing to know to make their lives more secure. Today we will be touching on email security. All of us have had that moment when we didn't really want to give our email address, but what else could we do? We give our email address at the risk of increased spam or likelihood of identity theft. But what can you do? Two words: email aliases . Most email services will let you set up multiple email addresses tied to the main email address you use. These "alias" addresses will allow you to keep your email address more private, though to be honest an alias won't work in all situations.  Depending on your email provider aliases can work very differently. I am not referring to "plus addressing...
Post a Comment
Read more