scams

Is a Free Tablet Really Free?

Scratch from MIT

Episode 1780

Christian from Calgary, Canada

Christian got a free tablet from Caesar's Palace. Leo says it's possible that there's a gambling game on it that will pay for itself. So it's important to be "look a gift horse the mouth." There is no free lunch, and any device that gets on your network can "play with things." Even if all they are doing is selling your activity. So how legit can it really be? But Caesar's is a legitimate company, so it may just be worth it to send it to him. The more you play, the more money they will make. That's how gambling works.

How Can I Prevent From Being Bit by a Browser Hijack?

Browser Hijacking

Episode 1773

Heather from Kinderhook, NY

Heather calls in to talk about a client who got bit by a browser hijack. Leo says the first thing to do is get him off Windows, where he's most vulnerable. If that's not an option, get him to run as a standard or limited user and not an administrator. The browser hijack and malware can't install themselves as a standard user. 

Why does her client keep getting hit over and over? Leo says it's because of his behavior. They keep repeating the same behavior that causes them to get hit. The key is to change the user behavior. That's the only way it will stop.

Do I Need PC Accelerator Pro?

PC Accelerator Pro

Episode 1764

Leslie from Calabassas, CA

Leslie teaches the blind to use computers, and one of his students is getting a popup for a "system optimizer." Leo says that it's a scam. Those popups are designed to get user credit cards by showing false positives from the Windows Event Viewer. The popup isn't actively harmful, but it is annoying. He can go into Programs-Features-Find PC Accelerator Pro and remove it. If it isn't there, then he'll need to Google PC Accelerator Pro Removal Guide. But be careful, some of those can be malware themselves.

How Can I Tell a Scam is a Scam?

Episode 1741

Char from Cambridge, MN

Char has discovered a new scam like the old Nigerian scam. Leo says that the Secret Service calls it the 419 scam. This new scam is a variation that seeks to lure one through a lost relative or old school classmate. Leo says that those records are online and they can be inserted. It's very common. So common that Americans were bilked for over $50 million last year. 

And remember, if it sounds too good to be true, it IS.

Check out the book The Confidence Game by Maria Konnikova

Have I Been Scammed?

Thunderbird

Episode 1733

Bill from La Jolla, CA

Bill thinks his network has been infected because his email won't let him send anymore. It's completely missing. Leo says to make sure the SEND port is correctly configured in the email client (in this case Thunderbird). It's the SMTP server and it usually runs port 587. The scam came from "Spectrum" and "Thunderbird Help" that said he was having a driver issue. Leo says that's a scam. Email doesn't use drivers. It just uses an internet connection.

Did I Almost Get Hacked?

https://amzn.to/3aQDZ0L

Episode 1721

Rio James from Escondido, CA

Rio James recently got an email thanking him for payment and comes with a statement attached. But he never made such a payment. He knew right away that it was a phishing scam. Leo agrees, saying that the idea is to get him to open an attached PDF File that has been corrupted with a worm or virus. In many cases, it's harmless if the software and Windows are updated. If not, then it can take over a machine. The whole idea is to play on fear and greed, even curiosity, and get him to click on the link without thinking. So RJ was wise not to open it. 

"Vishing" is the latest online scam to steal your company login information

VISHING

Episode 1721

Much like phishing and spear-phishing, VISHING is the latest online scam designed to steal your logins. Only VISHING uses voicemail to do it, according to the FBI and the Cyber Security Agency (CISA). They are targeted attacks on employees of corporations using voicemail to get users working at home to call back and then use social engineering to steal VPN credentials. Check out Brian Krebs' article here.

How Can I Be Sure My Mom's Computer Hasn't Been Hacked?

Windows 10

Episode 1717

Matt from Portland, OR

Matt's mom got bit by a remote access scam and he's gotta clean up her computer to make sure it's secure. Leo says it's a common scam designed to get one to launching the "event launcher" which will show "red x's", which Leo says are perfectly normal. But if she doesn't know that, it'll make her think there's something wrong with her computer. But there isn't. Then they'll try and get her to give them a credit card to pay to fix it remotely. That gives them her credit card. Once that's done, they'll tell her they need remote access.

Is My Email Compromised?

Episode 1699

Brad from San Diego, CA

Brad says that his company email looks to be compromised. Leo says it's more likely his email address has been "spoofed" by spammers, and it's really easy to falsify or spoof a reply email address. Sooner or later, they will move on to a new random return address. That's why everyone gets spam and even bounced back emails that don't work. So it's unlikely Brad's email address has been compromised, just spoofed.

How can I guard against scams like cross-site scripting?

Cross-site scripting example

Episode 1629

Jay from Providence, North Carolina

Jay wants to know how he can avoid cross-site Scripting attacks. Leo says that you could turn off javascript, but that would make most of the web unusable. Leo uses UBlockOrigin, which is nominally an ad blocker. But it can block cross-site scripting. A good browser like Firefox will protect you as well. In the security settings, you can block a lot of things like cross-site scripting. And load a minimal set of extensions as well.