Jay Calvert Tips and Tricks

How to Avoid Identity Theft Online

Scammers are always on the lookout for a fresh victim. Readily available information that people share and post online are great starts.

It is important to learn how to protect your identity online, because what you post, and what you are sharing can easily be used against you. Scammers are always on the lookout for a fresh victim and readily available information that people share and post online are great starts. This document is going to focus on Facebook, almost all social media sites will have privacy settings that you can tailor to best protect you and your identity.

Identity Theft

Identity theft is when your image or name is stolen and used by scammers. Sometimes this could be a fake Facebook profile, or worse, they start taking out loans in your name, or even take ownership of your house. There are some real horror stories out there of innocent people losing everything because the other person has more proof of their identity than the person they stole it from!

Impersonation Scams

Impersonation scams can vary from having somebody pretend to be you on Social Media, to having somebody take out loans and mortgages using your identity. This is a very scary part of our existence now and this is becoming an all too familiar scam we hear about weekly in the news. We can limit our risks by being thoughtful about what we share online and offline that can be used against us

Choosing What We Share

Always keep important documents, like birth certificates, tax documents, legal documents, deeds etc secured. Also keep your important items like credit cards, identification and Social Insurance Numbers secure. Carry only the cards you need with you on a day to day basis, keep the others locked away. These can be reissued again to an imposter, but having the originals might help you. Never give out any important information over the phone.

A lot of us like to share our images and updates on sites like Facebook and other sites. It is only natural we want to our lives with our friends and family. Sites like Facebook are great if you are far apart from your loved ones and still want to keep in touch with them. How we have our Facebook and other sites Privacy settings configured, could be letting more than just our friends and family in on our lives, we could be handing this information over to scammers to use. Against us!

When setting up any public profile, always check the privacy settings.

Depending on when you setup your Facebook account, your privacy settings might be a little more open than you’d like. By default there are a few things you can’t hide on Facebook, and that is your profile picture and your name. Those are always public.

Choosing a Safe Profile Picture

Choose a profile picture that can’t be used against you, for example, one that cannot be used to get a new ID. Make sure it isn’t just your face, and if it is, wear sunglasses, or a hat. Ideally, show you at your best, relaxing in a chair or at the beach etc.

Time For a Privacy Checkup

First, let’s confirm that we are setup to have only our friends able to see our posts and pictures.

  1. Log in to Facebook
  2. In the top right corner, you will see your profile picture, click on it.
  3. Choose the menu option Settings & Privacy
  4. Click Privacy Check up
  5. Click Who Can See What You Share, then click Continue on the pop up
  6. For each of the items, click the arrow on the right of the item to choose what others can see.
  7. For most items, you have the choice between Public, Friends, Friends except…, Specific Friends, Only Me, and Custom. More most settings you want it to be Friends, not Public.
  8. Click Done when you have made your choice
  9. Click Next
  10. Continue through the wizard, carefully reviewing each option.

Spear Phishing

Spear Phishing is when you are specifically targeted in a phishing scam. The scammers have done their research about you, with information they have found online about you. They might know that you like to travel, like to knit or make wooden boats. They might even know that you like certain products or follow certain brands. Scammers can even discover the names of your grandchildren because your friend list is exposed to the public on Facebook. They can use this information against you very easily. They can also find out more information about your friends and relatives and impersonate them to get to you.

One of the scariest scams going around is when scammers utilize AI to be able to mimic the voice of somebody you love, see our article here about that.

Jay Calvert Tips and Tricks

How Ad Blockers Enhance Your Online Privacy and Safety

We definitely know the pain of visiting a website or trying to read an article and every few lines is an advertisement. It is frustrating and can be even hard to navigate with all the clutter. There is something you can do though, and that is by adding an Ad Blocker to your web browser.

Ad Blockers have been around for almost as long as the Internet itself, and while some might have changed in the background, they typically block ads, and do it well.

What Do Ad Blockers Do?

Ad Blockers offer the following benefits, to also just blocking ads

  • Speed up web browing
  • Improve your browsing experience
  • Enhanced Privacy
  • Protection from Malvertising (that is where you get malware or phishing attempts from just visiting a site)
  • Control over the online experience
  • You can allow ads on some sites, while blocking all others. You can also allow ads just for the short time you are on the site, and block it again right after.

How Can I Tailor My Ad Blocker To My Needs?

When you install and Ad Blocker it will block most of the ads. The pages look so much cleaner and less cluttered. Some ads will still be displayed though, these are not typically served up ads. These are ads that are hard coded into the website. They aren’t overly common, but you will still see some ads. . But, some sites do have a problem with them and will force you to disable them (typically journalism websites).

There are other times where I appreciate the site and the content they provide. I also understand that they make money from the advertisers based on how often that the ad is shown. I will enable ads on those sites. It is a toss up though, and you can make that decision when you come to it.

Different Ad Blockers

Please note, that AdblockPlus and AdBlock are two different companies and not different versions.

Each of the above are really good and top of their game.

They all have the same features and all are free for the basic purpose of blocking ads, but offer premium, subscription based versions for more features like blocking Cookie pop up messages. uBlock Origin is the only one that doesn’t have a paid version and is, what is called Open Source and is 100% free.

I personally have been using AdblockPlus free edition and have been very happy with it.

Installing An Ad Blocker In Your Browser

Click on the link for the desired Ad Blocker above, it will take you to the installer page. For AdBlock you will need to click the big red button in the middle of the page labelled ‘Get AdBlock Now’ It will detect the browser you are using an take you to the appropriate web store.

How To Use It

By default, it will try to block all ads on all sites, but as mentioned there will be times you want to disable it for a particular site, Find the icon for the Ad Blocker either in the top of your browser or in your Extensions which can always be found in the settings icon in the top right corner typically in all browsers, it might look like a hamburger with 3 horizontal lines on top of each other, or a string of dots. Click that and you will see Extensions listed. Find your ad blocker and choose your settings for that site. For AdblockPlus below, you move the slider to off for this website, and allow it to refresh the page, or refresh it on your own to have change take effect.

Do you have a favourite ad blocker? Tell us in the comments!

Jay Calvert Tips and Tricks

Cookie Banners: Accept, Reject, or Customize?

This one is a bit long, but worth it. I recommend you read until the end so you can find out why these cookies are important and how you are being tracked and having tailored ads shown to you.

Have you noticed over the last few years, every site is now showing you a little pop up banner about cookies? Well, they added a privacy law in Europe in 2018 (article on Wikipedia about that), that demands that any site shown to a European must disclose how they are using cookies on their website, and since Europeans visit websites all over the world, the rest of the world complied.

And they are not even the delicious cookies you can eat. Nope, in computer lingo, a cookie (aka web cookie, Internet cookie, browser cookie) is a little tracking document that is stored on your computer or device.

Cookies allow websites to store useful information on your computer instead of having to store on their site. For example, you go to a website that sells these cool handtowels, and you add a few items to a shopping cart. You decide to think about it for a while and close the window. A month goes by and you go back to the site, and your items are still in your cart waiting for you. That is how that happens.

Some will store authentication cookies, they allow you to visit multiple pages of a website without having to log in each time.

Tracking cookies, are used to track what websites you have been to and are put there by the advertisers on the webpages you go to. They are given permission to that one advertiser to store and read the file on your computer. Remember that hand towel site you were on earlier, as you browse the internet, you will start to notice ads for hand towels. That is how that works!

These Tracking cookies are also called Third Party Cookies.

What To Do When You See A Cookie Banner

You usually, have 3 options,

  • Accept
  • Reject
  • Customize / Manage My Preferences (this can vary from site to site, but you get the idea)

If you Accept, you are allowing that website and its content to create little files on your computer to store information about you. Remember, this can be useful, for remembering items in your shopping cart, preferences you have setup for the website, or even where you left off when reading a long article.

If you Reject, you lose the above functionality, but are also not going to get tracked.

If you Customize, you can choose what you want tracked and not tracked. Let’s look at a sample I gathered from an website that shall not be named, but it is a famous Canadian brand.

Strictly Necessary Cookies

Here we see, that there are Strictly Necessary Cookies, that we can’t disable, but, we have the option to click the + beside it see what it will be storing. In this sites case, they state that these cookies are necessary for the website to function and if you disable some of these features in your browser, some parts of the website will not work.

Performance Cookies

These cookies allow them to count visits and traffic sources so they can measure and improve the performance of the site. They help them know which pages are more popular and which ones are not. They go on to state that this information is Anonymously gathered. You can turn this one off, but they won’t be able to know you visited the site

Functional Cookies

These cookies allow the site to provide enhanced functionality and personalisation. If you do not allow these cookies, some features may not work correctly. These ones sound like the ones that are tracking what is in your basket, what coupon codes you have loaded etc, even your shipping destination and email address info (without creating an account).

Social Media Cookies

These cookies are set by a range of social media services that they added to the site to enable you to share content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests.

Targeting Cookies

These cookies may be set through the site advertising partners. They may be used to build a profile of your interests and show you relevant adverts on other sites. They don’t store personal information but identify you by your browser and device.

Choices, Choices, Choices….

Looking at the above options, it is proof that you should read what that cookie banner is telling you and not to blindly ‘Accept All’. There is proof in those descriptions that social media companies and advertisers can track you if you don’t choose to disable these options.

It is totally up to you how you want that site to use your information. Do you want it being shared with third parties that you have no control over and they are using that information against you by serving up ads targeting and tailoring just for you? You can get by with ‘Accepting All’ each time you go to a new site, but be aware that the websites you visit are being recorded and shared, or, you can tailor it to best suit your needs. Keep the necessary tracking cookies enabled, but turn off the Social Media and Targeting cookies.

You typically only have to do this once, the first time you visit the site.

Jay Calvert Tips and Tricks

What is Multifactor Authentication?

Multifactor authentication, or Two Factor Authentication (sometimes abbreviated as MFA, and 2FA respectively) is a secure way to log in to websites using more than one method of authentication.

Types of Authentication

  1. Something you know – a password, a pin, a passcode etc
  2. Some you have – an authenticator app on your cell phone, an email address, a text message
  3. Something you are – Biometric, fingerprint scan, face scan

You probably use all of these methods on a daily basis anyway, you use a thumb scan or faces can to log into your iPad, you use Passwords to log into websites and services, and you probably receive text or email verifications to proof who you are.

Combining more than one of the above Types of Authentication is Multifactor Authentication.

How It Protects You

By having Multifactor Authentication enabled on your online accounts, you are stopping cybercriminals from logging in as you if they managed to get a hold of your account password. They will also need to have that other component, your cellphone, access to your email* etc, to complete the verification process.

Most sites and services these days support Multifactor Authentication and it is the recommended way to secure your accounts along with a unique password on each site and service you use.

* always make sure to use separate passwords on each account, if they know one password you use, they will try it on your email account and could intercept that Multifactor Authentication request on your behalf

Jay Calvert Resources

Have I Been Pwned?!

https://haveIbeenpwned.com

Have I Been Pwned? – An amazing service that keeps track of all the companies that have been hacked and had their data breached. They find the accounts included in the breaches and load the email addresses a website that can be searched to tell you if your account details or other personal information has been leaked. 

Huge companies have been hacked and lost their customer data to hackers – Facebook, LinkedIn, Sony. Nobody is immune, even huge companies whose focus is security have been breached.

What does it mean?

Well, it means that a service or website you have an account on has had a breach at somepoint and some personal information was stolen. This varies on what types of information about you was stolen, it could just be your email address, or could include your password, your address even your credit card data. This of course varies from breach to breach

What can you do?

Not too much unfortunately. It has become the price we pay for having accounts on services. We put our trust in them that they will securely store our personal information. Sometimes that trust is broken and the data is able to be retrieved and accessed.

Hopefully, and in most cases, your passwords and sensitive information like credit card numbers are stored encrypted and remain encrypted so that information should be safe in a breach.

When you search for your email address, it might display a list of breaches your email account is associated with. It will detail what kind of information was included in the breach.

If you see your email address in the list, don’t panic. Just change your passwords. Remember using the same password on every site is a bad idea, if they get one password that they know you use, they will try it everywhere.

What does “pwned” mean? (paraphrased from their website)

It is [internet lingo] typically used to imply that someone has been controlled or compromised, for example “I was pwned in the Adobe data breach”.

Jay Calvert Tips and Tricks

The 4 P’s of Fraud

I came across this researching recently, this is from The Department of Social Security Administration (SSA)  in the United States. And this is perfect. It highlights the 4 main characteristics of a scam.

Pretend they will pretend to be somebody, an organization you trust, or a person you know

Problem the present you with a problem, an issue, something that you need to take care of 

Pressure they pressure you to act immediately, you have to do it or else there will be consequences

Pay They want you to pay / or will trick you into paying unknowningly by gaining access to your funds, or request gift cards, online transfers, or money orders.  May be multiple payments in small increments.


Remember the 4 P’s when thinking if you are getting scammed, it the call, email, text, or website sounds just like this, walk away.