To Prevent Spear Phishing, Set a PIN or Passcode on Your Cell Phone Account: Los Angeles IT Consultants

Spear phishing. It’s no longer just a tropical ocean sport that could provide seafood for dinner. In today’s tech world, spear phishing is when someone targets you specifically, usually with the goal of taking over your online accounts. Once that’s done, the attacker will try to siphon money from your bank account, impersonate you in an attempt to deceive family or colleagues into sending money, or attempt to ruin your reputation.

You’re probably thinking, “No one would ever target me. I’m not interesting enough.” It is true that the people who should worry the most about spear phishing attacks are high profile or have a high net worth, but modern online criminals aren’t that fussy. In particular, they’re more likely to go after older people. Why older people? Older people tend to be relatively well off and less likely to notice the symptoms of a spear phishing attempt. You should also be concerned if you’re a politician or journalist, have ever been involved in an ugly divorce or legal battle, or can easily think of people who have it in for you.

As we’ve said many times, it’s imperative that you use a secure password manager like 1Password or LastPass to create, store, and enter a strong, unique password for each of your online accounts. Plus, we strongly recommend using two-factor authentication—where you have to enter a one-time code in addition to your password—on all accounts that support it, particularly important ones like your email and banking accounts. But even if you do all that, you may be vulnerable to another tactic favored by spear phishers—the cell phone SIM takeover.

Here’s how it works. Every cell phone, including every iPhone, has inside it a SIM card that gives it a phone number. Swap that SIM into a different phone and it will adopt the SIM card’s number. The problem is that support reps at cellular carriers like AT&T, Sprint, T-Mobile, and Verizon can also move your phone number from one SIM card to another. That makes it possible for you to lose your iPhone, buy a new one, and have your phone number associated with the new one. It also lets you port the phone number to a different carrier, if you wish to switch.

All an attacker has to do is call your cellular provider, pretend to be you, say that they’ve lost their iPhone, and ask to have the number ported to a new device (one they control). It’s likely that the support person will ask a few simple questions to verify your identity, but a clever attacker will likely know your address and be able to learn details like your mother’s maiden name, first-grade teacher’s name, and favorite color, all thanks to Facebook. Criminals can acquire even information like your Social Security number through other data breaches.

Once the attacker controls your cell phone number, they can try to reset the password on various accounts, receiving any verification codes that would normally have been texted to your phone. They’ll probably focus on your email account first because, with control over it, they can reset passwords elsewhere even more easily. And once the attacker has access to your accounts, it’s game over, and you’ll be faced with the difficult and complex task of retaking control and mitigating damage.

How can you protect yourself from such an attack? Whenever possible, it’s better to generate authentication codes with an app such as 1Password, Authy, or LastPass. That removes some of your exposure, but for better or worse, your cell phone number is still the most basic form of identity for many things.

The most important thing to do, then, is to set up an additional PIN or passcode that the carrier will ask for before making any changes to your account. You’ll also have to provide it when logging in to your cellular account online. Such a PIN or passcode is different from a two-factor authentication code that changes continuously—you set your PIN or passcode just like you do for your iPhone or ATM card. And, of course, make sure to store that PIN or passcode in your password manager alongside your other credentials so you don’t forget it.

Learn more about how each of the major carriers supports PINs and passcodes at the links below, and if your carrier isn’t listed, call the company’s support line:

Don’t put this off—if you don’t already have a PIN or passcode on your cellular account, set it up right away.

(Featured image by Gerd Altmann from Pixabay)


What to Put at the End of Your Email Messages: LA IT Services

Email has been around for decades, but there are no hard-and-fast rules for how you should close a message with either the signoff or the signature block. If you’ve always wondered about the best ways to finish off a message or are uncomfortable with what you’ve been doing, here’s our advice.

Use the form of your name that you want the recipient to use. If your given name is Mohammed, but everyone calls you Mo, use that for signing most of your messages. Otherwise, they’ll have no idea you prefer the shorter version. (The reverse is true too; if you’re not sure how to address someone, look at their signoff for a hint.)

However, for formal correspondence with people or organizations who would usually refer to you as Ms. So-and-so, stick with Elizabeth instead of Betty.

Match the formality of your closing to that of your recipient. When writing business email to someone you don’t know, it’s best to stay formal at first with closings like “Sincerely” or “Yours truly.” Once you know the person a little better, you could move on to “Kind regards” or “Best wishes.”

With friends, family, and people you know well, try “Cheers,” “Talk soon” (if you mean it), or even a quick “Later.” Finally, it’s never inappropriate to use “Thanks!” if you truly are thanking them for something.

Create context-specific signature blocks. We all wear many different hats in today’s world. Your email signature should match the role you’re in for the particular email message. For instance:

  1. Work email should probably include at least your title, department, and formal organization name. If you work for a large organization, you may have been provided with a template for your signature. If much of your communication takes place outside of email, include your phone number and postal address.
  2. If you serve on a nonprofit board or have a side gig—like as an author or musician—messages you send in those contexts need their own focused signatures with appropriate links.
  3. For email to friends and family, there’s no need for a signature at all.

Avoid clever sayings and inspirational quotes. Although it’s tempting to instill some personality into your signature with a quote, don’t do it. The quote might be entertaining the first time someone sees it, but after that, it’s just one more thing to ignore. Part of combatting email overload is to keep messages short and to the point, so you want your signature to have less text than the message itself.

No fancy formatting or pictures. Along the same lines of avoiding quotes, keep your signature simple. Stick to plain text and links, and don’t insert your company’s logo or a picture of your pony just because you can. Just imagine how awkward it would be if someone were to look at a long email thread and see your signature repeated ad infinitum, taking up more space than your actual messages.

Don’t assume anyone will read your signature. Keep in mind that some email apps automatically hide signatures so your recipients may not see it at all. There’s usually a way to view a hidden signature, but never assume that everyone will see it.

Consider automation tools for inserting signoffs and signatures. Many email programs, including Mail on the Mac, let you create multiple signatures and attach them to messages you send from specific email addresses. For even more flexibility, think about using a macro utility like Keyboard Maestro or a text expansion tool like TextExpander to insert custom signoff and signature combinations. Such options are commonplace on the Mac but much less so in iOS or iPadOS.

(Featured image by John-Mark Smith from Pexels)


AirDrop Reception Not Working? Here’s the Likely Fix: IT Services LA

AirDrop has become a fast and reliable way to transfer data from one iPhone to another that’s nearby. Just tap the share icon and in iOS 14’s activity view, either tap an AirDrop shortcut in the top row or tap AirDrop in the second row and select choose a person or device in the subsequent AirDrop screen. But what if your iPhone doesn’t appear for the person who wants to share with you? Assuming Wi-Fi and Bluetooth are both on, the fix is generally to go to Settings > General > AirDrop and select Everyone. If you’re concerned about unwanted transfers, switch to Contacts Only afterward.

(Featured image by GĂĽnther Schneider from Pixabay)

Make Sure to Test Your Backup System with Occasional Restores: Los Angeles IT Consultants

Be sure to take a few minutes to make sure you can restore files from a Time Machine backup or whichever backup software you are using, see if you can boot from your bootable duplicate, and generally verify that your data really is being backed up successfully. If you haven’t done so recently, today is a fine day to make up for it with a quick test.

(Featured image by Adam Engst)

The iPhone 11 Camera App’s Shutter Button Works Differently—Here’s How – IT Support Los Angeles

With the iPhone 11, iPhone 11 Pro, and iPhone 11 Pro Max, Apple changed the way the Camera app’s shutter button works in ways that could cause confusion. Tapping it once still takes a single still photo, but if you press and hold on the shutter button, it now captures a quick video. (Previously, pressing and holding on the button took photos in burst mode; to do that on the iPhone 11 models, slide the shutter button to the left.) Once you’ve started taking a quick video, slide your finger to the right to lock recording, so you don’t have to keep holding the button down. Tap the white shutter button to take a still image while recording; tap the red record button to stop recording. For even easier quick video recording, press and hold either of the volume buttons; a single press still takes a photo. Note that quick videos always record with mono sound and at a resolution of 1920-by-1440; for stereo sound and the resolution set in Settings > Camera, use the Camera app’s Video mode.

(Featured image by AgĂŞ Barros on Unsplash)