The Social Media Learning Lab
3.4K views | +3 today
Follow
The Social Media Learning Lab
Learn to be the type of person online that others would want to follow. Devote 20 minutes a day to have clients calling you. For the BEST of the BEST curated news in performance, change, agile learning, innovation, motivation, social media and careers, SUBSCRIBE to Reveln.com/Tools/
Your new post is loading...
Your new post is loading...
Scooped by Deb Nystrom, REVELN
Scoop.it!

Scammers Are Using Google Drive to Steal Your Logins – Here’s How to Stay Safe

Scammers Are Using Google Drive to Steal Your Logins – Here’s How to Stay Safe | The Social Media Learning Lab | Scoop.it

Today’s exploit, if genuine, is similar to a scam from March 2014, researchers say. We’ve contacted security firm Symantec, which reported last year’s scam, but they had not responded by press time.

___________________________
   
This...phishing attack via email, titled “Document,” states, “Hi. Please see the remaining document on Google drive,” ...

___________________________

For Google’s part, a spokesperson from the company gave us this statement: “We’re constantly working to protect people from phishing scams through a combination of automated systems, in-product warnings, and user education. We’re aware of this particular issue and taking the appropriate actions.”

Elastica CEO Rehan Jalil told us the company used Google’s automated tool to warn the search giant about the vulnerability about two weeks ago. However, he added, Elastica didn’t follow up with Google before publishing its results. At publication time, the phishing websites were still live.

This is a clever example of a so-called phishing attack that tricks you into giving up valuable personal information, typically your username and password. In this case, the email, titled simply “Document,” states, “Hi. Please see the remaining document on Google drive,” and then provides a long link to click on.

Once scammers have your Google credentials, they can log on to any service that uses your Google login, read your email, access personal files stored on Google Drive, reset the passwords to any other online service that has your Gmail address, and change your password so that you would be unable to log back in. 

Fortunately, you can avoid falling prey to this scheme, and any similar, by abiding by the following guidelines.

Don’t trust any old email

...One clever trick on the part of these likely cybercrooks is that the note comes from a Gmail address. This, according to Elastica, may have tricked Google’s spam filters into allowing the message to get through. 

Deb Nystrom, REVELN's insight:

Take care with ANY link embedded within an email - using a gmail address can = phishing by the latest scammers.  

~  Deb & The Social Media Learning Lab

more...
No comment yet.
Scooped by Deb Nystrom, REVELN
Scoop.it!

Dropbox squashes desktop client bug, offers free Pro upgrade to those who lost files

Dropbox squashes desktop client bug, offers free Pro upgrade to those who lost files | The Social Media Learning Lab | Scoop.it

Those who rely on Dropbox to store their personal files may have lost some of their data. The service has experienced some issues regarding a bug in older versions of its available desktop apps. This bug deleted files uploaded by affected users who activated the Selective Sync feature, leading some to find they'd lost a large amount of files. 


...Should you be one of the select few who have been affected by this bug, Dropbox has been reaching out to customers via email with an apology and offer for a year's worth of Dropbox Pro for free.

Related tools & posts by Deb:

         

      

          

     
  • Stay in touch with Best of the Best ScoopIt news, taken from Deb's  NINE multi-gold award winning curation streams  Preview it here, via REVELN Tools.

                    

Deb Nystrom, REVELN's insight:

Hacker or bug problems are a drawback if you rely on the cloud, yet storage systems can fail.  Saving in two locations makes sense.  ~  D

more...
No comment yet.
Scooped by Deb Nystrom, REVELN
Scoop.it!

LinkedIn confirms reports that 6.5 million passwords have leaked online

LinkedIn confirms reports that 6.5 million passwords have leaked online | The Social Media Learning Lab | Scoop.it

"LinkedIn confirms password hacking, about 6.5 million accounts affected. Time to change your passwords."

A user in a Russian forum is claiming to have hacked LinkedIn to the tune of almost 6.5 million account details.


For safety's sake, for all LinkedIn users, it's good practice simply to update your passwords today.


Excerpts:


Affected users will receive an email from LinkedIn with instructions on how to reset their password.


This doesn't appear to be the standard password reset procedure, either — any affected user will automatically be locked out of their account, and the password reset email being sent by LinkedIn won't contain any links to the site.


LinkedIn will also be sending affected members a second email from their customer service department detailing the circumstances behind the breach. 


More details here - via http://www.theverge.com/2012/6/6/3068652/linkedin-member-passwords-stolen


Access LinkedIn's blog post on this news here.


more...
No comment yet.
Scooped by Deb Nystrom, REVELN
Scoop.it!

Still Using Hotmail, AOL or Yahoo Email? Really? Security reasons to Update

Still Using Hotmail, AOL or Yahoo Email? Really? Security reasons to Update | The Social Media Learning Lab | Scoop.it

Anyone that still uses an Hotmail, AOL or Yahoo email address is publicly admitting that technology has passed them by. It is not that they are just uncool, they are a security risk. If you are running a business via AOL or Yahoo email, you need to know that your customers and contacts are at risk from receiving malware, spyware or other damaging payload via your email account.


_______________
   
It is not that they are just uncool, they are a security risk. 

 _______________



Most people with Hotmail, AOL & Yahoo accounts have no idea what two-factor authentication is or how to enable it. Because of that, these email accounts are very susceptible to someone cracking the password and sending email to all of your address book and people that you have ever sent a message to or received a message from. Despite the embarrassment of having your account hacked, it is a liability to your continued business success.

Gmail still has some cachet, but anyone using email for a business purpose can register a domain for $10 and enable email within about 10 minutes. That along with two-factor will help keep your good name solid and secure.


Click on the photo or title to see the full post.

Deb Nystrom, REVELN's insight:

Two factor authentication means that Google, Facebook, Amazon, twitter, or others want an extra bit of identification, like a zip code, or to send a code to your mobile phone so that you can verify that you are who you say you are.  

From CNet:  "2FA is nothing new. When you use your credit card and you must enter in your ZIP code to confirm a charge, that's an example of 2FA in action. You must provide a physical factor, the card, and a knowledge factor, the ZIP code."

Personally all of my email accounts, old and new, are forwarded through Gmail.  The spam is cleaned out well, and my business email account, has the personalized name REVELN.com, but is really a Google business app.  It's been so helpful to keeping spam out of my way and prioritizing messages as "important."

I may use something else if there is a need for high security, but for now, my clients and communication are fairly safe.    What do you use to keep your email and communication safe and usable?


~  Deb 

more...
No comment yet.
Scooped by Deb Nystrom, REVELN
Scoop.it!

Confide: An app that could have prevented Governor Chris Christie's traffic scandal

Confide: An app that could have prevented  Governor Chris Christie's traffic scandal | The Social Media Learning Lab | Scoop.it
Disappearing text messages aren't just for high schoolers anymore.


There is a new app that could eliminate such scandals in the future (albeit not the rotten underlying acts). It's called Confide, and basically acts like Snapchat for professionals.


[It features] private, end-to-end encrypted, screenshot-proof messages which use email addresses rather than phone numbers that disappear shortly after they are sent.


Uses could be everything from discussing the next employee to fire or complaining about your boss or... well, causing massive traffic gridlock out of spite.



Related posts & tools by Deb:


  • Don't miss a thing:  We'll send Best of the Best news, from Deb's @Deb Nystrom, REVELN (change, agile learning, performance, social media, careers), once a month via email, directly to you, for free.  Preview it here, via REVELN Tools.
    
Deb Nystrom, REVELN's insight:

Necessity is the mother of invention, and that would include smart use of confidential text and email messages, that disappear, once the communication is sent.  It's a good idea for simple, ethical confidentiality.  For a humorous perspective on this, here's link to (essentially worthless) email disclaimers.  

more...
No comment yet.
Scooped by Deb Nystrom, REVELN
Scoop.it!

Privacy Practices: How to Muddy Your Tracks on the Internet, The New York Times

Privacy Practices:  How to Muddy Your Tracks on the Internet,  The New York Times | The Social Media Learning Lab | Scoop.it

"No Romulan cloaking device (or Harry Potter invisibility cloak) for your digital footprint, including email? The Times shares easy & many free ways to create less of a lighted trail."


Sharing on FBook, Google+ and ScooptIt. Heh.  


That said, I'd also say there's a balance of getting lots of services for free (Gmail, Google Search, Google Apps, tailored results) vs. the tradeoffs mentioned here.    Some say it's cool, not creepy.   Others, as here, say it is creepy, and NOT cool.   Here's a perspective to add to your digital learning landscape.   ~  Deb


Excerpted:


It’s probably impossible to cloak your online activities fully, but there are steps you can take to make them harder to follow.

...

There are no secrets online. ...while it’s probably impossible to cloak your online activities fully, you can take steps, [some] quite easy and many are free.


The trick is to find the right balance between cost, convenience and privacy.


...security experts and privacy advocates said more worrisome were Internet service providers, search engine operators, e-mail suppliers and Web site administrators — particularly if a single entity acts in more than one capacity, like Google, Yahoo, Facebook and AOL. This means they can easily collect and cross-reference your data, that is, match your e-mails with your browsing history, as well as figure out your location and identify all the devices you use to connect to the Internet.


“The worst part is they sell this extremely creepy intrusion as a great boon to your life because they can tailor services to your needs,” said Paul Ohm, an associate professor at the University of Colorado Law School in Boulder who specializes in information privacy and computer crime.


He advised logging off sites like Google and Facebook as soon as practicably possible and not using the same provider for multiple functions if you can help it.


“If you search on Google, maybe you don’t want to use Gmail for your e-mail,” he said.    ...But even with your own mail server, Google will still have the e-mails you exchange with friends or colleagues with Gmail accounts, said Peter Eckersley of the Electronic Frontier Foundation, a digital rights advocacy group in San Francisco. “You’re less exposed,” he said. “But you can’t totally escape.”

more...
No comment yet.