Suzanne uses Hotmail and all of a sudden, she's getting hundreds of spam from subscribed newsletters. She also got an email about an order for a GoPro camera bought at Walmart. Leo suspects that someone doesn't like Suzanne or has stolen her identity. It's a new scam where hackers overwhelm your email address with bulk emails to distract you from the actual identity theft going on. It's called "Chaff." The idea is to be so overwhelmed with spam and bulk emails, you miss the stolen credit card activity. Shame on companies that allow signups without a double opt-in via email.
Mara was a victim of identity theft, and just narrowly avoided having her brokerage account drained. Leo says that Mara should change her password and turn on 2 factor authentication right away. Leo suspects the bad guys got her information from a database breach like the Collection #1 or the Marriott hack. Leo also suggests going to haveIbeenpwned.com/passwords and see if her passwords have been compromised and are known.
Yesterday's story about Collection #1 - a package of hacked email passwords, is actually now reported to be a few years old, so the damage is not as great as previously believed. But Leo still says that it's a wise idea to go to HaveIBeenPwned.com/passwords and see if your account has been hacked. And then change your password. In fact, it may be a good idea to change it anyway, and turn on 2 factor authentication while you're at it.
According to the creator of HaveIBeenPwned.com, over 21 million passwords have been hacked and revealed on the dark web. Leo says to find out if your passwords have been hacked and stolen, head over to https://haveibeenpwned.com/passwords and input your passwords. It'll let you know if your passwords have been hacked.
George got an email saying that his email account has been compromised, but it shows an old email. Leo says it's an old scam that is designed to scare him into sending the hackers money. If he's concerned, he should change his email password.
He can also go to HaveIBeenPwned.com to see if his email has been legitimately hacked. But changing the password will fix it. And while he's at it, he should turn on 2 Factor Authentication. He can simply ignore the extortion email, though.
Cheryl is concerned that with the recent Facebook security breach, her account will be hacked. Leo says it's more likely that someone will counterfeit her account, lifting her images, and change it just slightly to fool people she knows to friend it. Facebook has reset all 30 million accounts so that users would have to change their passwords. Leo also would recommend turning on 2 factor authentication.
Jay gets an email of a scam that says it has his login information and knows where he's been online. It even tells him his password. And unless he gives them $800 in Bitcoin, they'll expose him. Leo says it's called ransomware. Leo says it's probably from a data breach.
Bloomberg published a story that China's PRC had installed a tiny chip the size of a grain of rice on all Elemental SuperMicro Motherboard, giving them access to a treasure trove of corporation and national security secrets. These boards are used widely in corporations and even the Department of Defense. Leo says the article was well researched, well sourced, but the day after it was published, everyone, including corporations where 17 unidentified sources worked, have denied it. Even the US Department of Homeland security and the UK CyberSecurity Ministry.
Tom's wife hasn't been able to log into Facebook since last Friday. Leo says that last Friday Facebook logged over 90 million people out of their accounts due to a hack. Many were deactivated until they can prove it's their account. And with over 90 million compromised accounts, it could take awhile. When her account is reactivated, she will have to re-login manually, turn on 2 factor authentication, and it would be a good idea to change her password.
According to Bloomberg, China added a tiny chip, about the size of a grain of rice, to network motherboards that would allow China to Spy on corporations. The chip was discovered by Amazon Security, which notified federal authorities. The servers were created by Chinese company Elemental, and are on everything from network business servers to NAVY WARSHIPS. Investigators have discovered that the chips were installed by the PRC at the manufacturing plant. But here's the twist ... everyone is now denying it.