OmniTech Newsletter 01: Security & Scam Awareness

Tom Koch, OmniTech: Apple/Mac Tech, Security and Tutoring.

Hi there!

You are receiving this because you have been a client of mine at some point in the past and Im trying an experiment of sending out helpful periodic newsletter-like emails that contain useful hints on computer usage, security and general news of the Apple world.

I frequently get questions from my clients about upgrades, cutting cable, or security issues with email scammers, and these emails may answer some of the questions you may have too.

If you feel you have gotten this email in error, or wish to stop receiving, please reply and let me know and Ill remove you from the list.

Lets talk Security.

Never let anyone remotely access your computer unless you absolutely know who they are.

There has been quite an uptick of emails and texts masquerading as fake tech support companies claiming your computer has been compromised, fake purchases on PayPal, fake Norton/LifeLock subscriptions, USPS shipping issues, iCloud non-payment and storage issues, or notifications of unwanted and expensive purchases, just to name the most recent common ones.
They are all, for the most part, fake.

Stop and think before you react to what you are reading, and have a closer look at the email or text. Is it addressed directly to you? Or just Dear,? Is there bad grammar and spelling, or weird formatting and graphics?

Similarly with other emails claiming to be from Apple/iCloud, shipping or other scary warning emails/texts you may receivego to the source. Verify your Account, or access the companys support directly through the company's website (dont Google it) before you pay any money to anyone.

Never call the number or click the link in the email. Go to the source!

For example: you receive an email saying someone has bought an iPhone on your Amazon account. Dont click on anything in the email, go directly to amazon.com, and check your Amazon Account purchase or credit card history. If there isnt an iPhone there, then you are good to delete the email.

Communications from Apple, for example, usually contain some kind of reference to your name or email address in the body of the text. Apple will never ask you to call them by putting up a pop-up on your screen telling you that your machine has been hacked.

Another clue if the email is fake: look for who the email is from in the name at the top of the email. The process varies a bit from the Mac to iPhone, but generally you can click on the email senders name then click on the > to the right, and the actual email address from which the email was sent will be shown. If the part of the email right before the .com, .net, or .whatever doesnt match the company that is supposedly sending it, then just Delete, or better yet, Junk the email.

There are many variations of these scams going around, and they are getting better and better all the time. I have even seen some that fooled me for a few seconds, but there is always something that gives it away.

If it still looks real, but you have a gut feeling, then trust your gut—it is probably right. Think for a bit before reacting, and it could save you lots of money and grief.

Never give money to anyone over the phone if you are unsure as to who they are.

If you are still unsure as to the legitimacy of an email or text message, feel free to forward it to me and Ill let you know if it is fake or not.

~~~~~

Well, I think thats a good start! Ill leave it here and send out another in a month or so.
If you enjoyed this, want to see more or have suggestions, please let me know.

And, as always, if you have a question, problem, or tech issue youd like to discuss, contact me and Ill help you out.

-t

PS: Cheat Sheet: Copying and Pasting text or photos can save you lots of time. Below are the helpful quick key commands.
Ive also included a few other quick commands below for you to add to your tools.
(One of my wifes favorites is Command Z, which will Undo your last action, including deleting or moving files).

To Copy and Paste:
1. Select an item by click-hold-and-dragging (can be a word, emoji, picture, etc).
2. Press the Command key along with the letter C on keyboard to Copy.
3. Click your cursor to where you want the copied item to be pasted.
4. Press the Command key along with the letter P on the keyboard to Paste into the new location.

Useful quick key commands:
Command Z (Undo)
Command S (Save)
Command X (Cut)
Command C (Copy)
Command V (Paste)

Safe Computing!

-t

OmniTech Security News Flash!

‼️There is a new exploit circulating which is an email from a “friend’s" email address which contains an Evite or other digital invite to a party or other event, usually coming from a “punchbowl.com” email address.

This is FAKE!

If you were to click the “Open Invitation” link, it pops up a sign-in window having you choose your email provider (Yahoo, AOL, Outlook, etc), then takes you to a window that wants your login email and password for that email service.

After you enter the info, it presents you a blank page—but they just harvested your email login info.

If you don’t have 2 Factor Authentication set up on your mail account, they will be able to login to your email, extract your whole email address book, and mail copies of the fake invite email to all of your email contacts, and sends itself as if it were from you, using your name and email address.

Then, it continues to exploit as many of those in your address book that clicked the email, and so on, sucking up email addresses and passwords as it goes.
I have also seen the scammers set up email rules to redirect your email away from your inbox, or delete certain emails as they come in.

If you received this email and clicked it, many of you probably got text notifications. This means your 2 Factor Authentication is on and working, sending you a notification that there was an attempt to access your account by a non-authenticated user.

Let me know if you have seen this email recently, or if you’re unsure if you have 2 Factor turned on or not.

If you clicked it and gave up your login info without having 2 Factor on your email account…while it isn’t a great thing that the content of your address book is out there, know that there isn’t any way the exploiters can steal anything else from you with just those contacts.
They make money off harvesting and selling large email address databases to advertisers and spammers.