Importance of Strong Passwords

Importance of Strong Passwords

Creating A Strong Password

Image of wallet, cards and a lock on top of a keyboardExperts say that you should have a different password for each of your accounts, so if a password is compromised it would not affect all of your accounts. In addition your passwords should contain a minimum of 8 characters or more but the more characters the better (14 or more would be best). You should also mix character types (letters, numbers and special characters like %&* etc.) and alternate upper and lower case letters.

Change Your Password Periodically

You should also consider changing your password periodically (every 3 months or more often). This makes your passwords a moving target and makes them much harder for scammers to compromise.

How Would I Possibly Remember My Password?

This is the tough part, keeping track of your passwords. There are certainly ways to create these passwords in a way that you will easily remember. For example perhaps you can use the first 3 letters of the website account (Yahoo) in lowercase followed by your dog’s name (SPOT) in uppercase separated by special characters (Characters above first 4 numbers) and followed by the year you were born (1949). This could look like [email protected]#T$1949 which produces a password 15 characters long with 4 special characters. This would be easy to remember and be different for each account.

You could also create a list and keep it in a safe and secure place.

A strong password goes a long way in helping you keep your identity safe!

All You Need To Know About Ransomeware

All You Need To Know About Ransomeware


Image of dark hoodies with red words, hacker, ransomware, virus, instead of faces Ransomware is evolving like an uncontrolled virus. Don’t be the next victim! Here’s what you need to know about ransomware:

What is ransomware?

Ransomware is a subset of malware that isolates a victim’s data and then demands a payment for release. It is often embedded inside seemingly harmless software and applications. It activates as soon as the user launches the program. Devices can also be infected through email links or malicious websites.

How does a ransomware attack work?

There are two primary types of ransomware: locker and crypto.

Locker ransomware locks victims from using important device functions, like accessing a desktop or browsing the internet.

Crypto, the more common form, encrypts files using a unique algorithm and demands a ransom payment.

Cybercriminals usually demand payment in bitcoins. This form of digital currency allows you to pay for goods or services remotely, using a mobile app or a computer. Every bitcoin transaction is anonymous, making it the payment method of choice for cybercriminals.

To pay or not to pay?

Experts are on the fence about this million-dollar question.

Joseph Bonavolonta, the ASA in charge of the FBI’s Cyber and Counterintelligence Program, claims that the FBI often advises people to pay the ransom, explaining that when more people pay the ransom, it keeps ransoms low. He also believes that most scammers keep their word and will decrypt the victim’s files.

However, other FBI officials urge victims not to pay the ransom. They say there is never a guarantee of the files’ return and that paying the ransom encourages more attacks.

Everyone agrees, though, that victims should seek assistance from law enforcement agencies and share the details of the attack. The law enforcement agents will tell them whether they’ve seen this group attack before and whether it tends to decrypt files in return for payment.

If your computer has been infected and you decide to pay the ransom, your payment can be anywhere from $200 to $10,000. Before you pay, though, do a quick search to find out if there’s a decryption tool online.

If you decide not to pay the ransom, shut down your computer and disconnect from your network. Scan your computer with an anti-virus or anti-malware program and let it remove everything on your device.


Be proactive. Strengthen your email’s spam filter, don’t ever click on suspicious links, and never download mobile apps from unfamiliar application stores.

Make sure your operating system is protected with a strong firewall, spyware and sufficient, updated anti-virus software.

Finally, back up your files on an external hard drive or on a USB every few weeks.

If the unthinkable happens, contact a law-enforcement agency for assistance and check for a decryption tool online. If you do decide to pay, be sure to take preventive measures against future attacks.

Look Before You Pump! Don’t Get Skimmed At The Gas Station

Look Before You Pump!

Don’t Get Skimmed At The Gas Station


Two Young Women with coffee at pumping gas into carGas-pump skimming is an old crime making a comeback, and your card may be at risk. Since skimmer devices are almost invisible, they can be difficult to spot. And Bluetooth technology lets the scammer remotely obtain the info it collects from as far as 100 yards away.

While EMV-enabled cards are more commonplace, gas stations have until 2020 to update their systems, making them vulnerable. Protect yourself against this hack by learning about card skimmers. 

How it works 

Hackers usually outfit the pump farthest from the convenience store with their skimmer. This way, they are out of the range of any security cameras at the shop’s entrance. The hacker places a skimming device on top of the pump’s card reader or inside the pump itself, and then leaves the area. 

Choose your payment method wisely 

You may seek extra protection by using a credit card or cash to pay at the pump. A credit card lets you easily dispute fraudulent charges. And, depending upon your financial institution, a debit card may not have much purchase protection. At [credit union, we . . . ]. 

The safest payment method might be cash, but remember that it cannot be replaced if lost or stolen.

How to spot a skimmer 

If you don’t like the idea of using cash, you can still protect yourself by being on the lookout for skimmers. If something looks suspicious, don’t use that pump! 

4 ways to spot a skimmer: 

  • Use your eyes. Do numbers on the PIN pad look newer or bigger than the rest of the machine? Does anything look like it doesn’t belong? Is the fuel pump’s seal broken?
  • Check the tape. Many gas stations place serial-numbered security tape across the dispenser to protect their pumps. If the tape has been broken, or there’s no tape on the dispenser at all, it’s likely been compromised.
  • Use your fingers. Feel the card reader before sliding your debit card into the slot. Do the keys feel raised? Is it difficult to insert your card?
  • Use your phone. There are several free skimming apps, like Skimmer Scanner, that can scan a card reader for a skimming device and alert you if one is found. You can also check your phone’s Bluetooth for any strange letters or numbers appearing under “other devices.”

General card safety 

It’s always a good idea to practice general safety when using a card to pay at the pump. Choose the pump closest to the store and always cover the number pad with your hand when inputting your PIN. It’s also a good idea to periodically check your account statements for suspicious charges. 

Don’t Be A Victim Of A Social Security Scam

Don’t Be A Victim Of A Social Security Scam


TOlder Woman Reviewing Social Security Statementhe Federal Trade Commission (FTC) is warning of a surge in Social Security scams heartlessly targeting the elderly who depend on Social Security benefits for basic living needs. The scammers also know that the elderly can be overly trusting, making them easy victims. And, unfortunately, these scams are too often successful.

Here’s how these scams work:

The victim receives a phone call from an alleged Social Security employee telling them their benefits have been suspended and need to be reactivated. To lift the suspension, they say, the victim must share their personal information.

Alternatively, the victim receives an automated voice message instructing them to call a specified number to reactivate their Social Security benefits. Upon calling the given number, the victim will be asked to provide their personal information.

In yet another version, the victim receives an email looking like it came from the Social Security Administration (SSA). The email includes a link asking the victim to update their personal information, and giving a similar backstory as above.

Protect yourself and your loved ones with these tips:

The Social Security Administration will never call about suspended benefits

Don’t believe a caller claiming your benefits have been suspended. Government agencies rarely make phone calls to private citizens. When they do, the citizen will always know in advance to expect that call.

Never share personal information via unsecured means

It’s best not to share personal information over the phone or the internet. If you must, verify you are interacting with the party you believe you’ve reached. The best way to do so is by contacting the SSA yourself at 1-800-772-1213.

Report all scam attempts

If you receive a phone call or an email from an alleged SSA employee requesting information, don’t respond. Instead, call the SSA at 1-800-772-1213 and ask if there is actually a problem with your benefits. If, as is likely, you’re being scammed, the SSA will be better equipped to stop the scammers.

You can also fill out a Public Fraud Reporting form at 

Tell your friends and family

Tell anyone you know about these scams and warn them not to share their information on the phone and online.

Keep your money safe and send those scammers packing!

How To Spot an Investment Scam

How To Spot an Investment Scam


Image of Lock with the word securityYou’re online, and there’s a contest open to all. You know the answer, and the free gift is enticing. Should you enter?

You go into a shopping mall and are asked to fill out a form to enter a sweepstakes to win a car. You’d love to have the car, and, hey, someone’s going to win it. There’s no purchase necessary, so why not? “Don’t do it!” says Eric Stein, a scam artist who was interviewed (while in jail!) by The Wall Street Journal. He should know. In his interview, Stein provides the following information that will prove useful in avoiding the investment scams you so often read about.

  • Don’t respond to email or snail mail that you didn’t request, no matter how legitimate it looks. Scam artists have become very professional and will produce something slick, glossy and easy to understand. Don’t fall for it.
  • The online contests and car sweepstakes you see in stores are both used by scammers to target names and addresses. Don’t fill them out.
  • Avoid funds that are advertised as “low risk, high return” or “safe,” or promise an outrageous return such as 25% per quarter. If it sounds too good to be true, it probably is.
  • Don’t purchase financial products because a friend or clergy person recommends them. They may have already fallen for the scam without knowing it.
  • Don’t talk to a financial salesperson on the phone if you don’t know him. Don’t be polite – simply hang up. Anyone can call himself a “financial adviser” or a “business consultant.”
  • Buy stocks only from a licensed, registered broker.
  • Don’t buy unregistered securities. Keep your eyes open.
  • Don’t let the fact that traditional investments aren’t giving you the returns you want turn you into bait for scammers.