This is a repeat of a blog I published two years ago.  I am repeating it because I continue to get calls from customers who either have fallen for this scam or are about to.

Here is the blog:
Over the past two weeks, I’ve had two customers hacked in very similar ways. Both involved the hacker gaining access to my customers’ email accounts and then sending emails out to all of their contacts. One was a sbcglobal.net account and the other was an att.net account. Both these email systems are actually implemented by Yahoo, so really they were both hacks of Yahoo accounts.

In the first case, my customer was pretty sure that she fell for a phishing attack in which she thought she was entering her email password for a legitimate reason (securing her account), but really she was entering her password on a forged website made to look legitimate. In the second case, my customer had no idea how the hacker got her email password. Yahoo has had several massive attacks where accounts and passwords were stolen, so perhaps that is how it happened. 

In the first case, this is the email the hacker sent out from my customer’s account:

Subject: Favor…..<customer’s name>

Hi there,

I need a favor from you. I’d appreciate if you could email me back asap.

Thanks
<customer’s name>

If replied to, this was followed by:

I need to get a Nordstrom Gift Card for my Nephew, Its his birthday but i can't do this now because I'm currently traveling. Can you get it from any store around you? I'll pay back as soon as i am back.

Kindly let me know if you can handle this.

 <customer’s name>

In the second case, this is the email the hacker sent out:

Subject: Help…...<customer’s name>

I hope your week is going great? Actually, Please I need to get an eBay Gift Card for my niece, its her birthday but I can’t do this now because I’m currently traveling, Can you help get it from any store around you? I’ll pay back as soon as I am back. Kindly let me know if you can handle this so I can tell you how much to get.

Thank you so much,

<customer’s name>

If the victim (i.e, the person receiving the email) falls for this, the hacker will then ask for the gift card numbers after which they can easily drain the gift card of it’s cash value.

Upon being contacted by my customers, here is what I did and what you should do should this happen to you:

1) Via any web browser, log into your email account
2) Change the password. If you used the same or similar password on other accounts, change them there too. Pick great passwords!
3) Check all your email settings to make sure they are correct. In particular:
. Check the reply to field to make sure it is your email address
. Check if an automatic forward or automatic reply has been set (if you can’t find these settings, you may need to change your email view to basic; this is the case on Yahoo)
. Check email rules and filters to make sure none have been set
. Check your signature if you have one
. Check your account recovery information
. Add two factor authentication
. Change the answers to your security questions so that they are false. You should do this here and everywhere. It can simply be done by adding another word to the end of your security question answer.
4) Email all your contacts and let them know you have been hacked and to ignore any emails asking for gift cards or looking unusual in any way. Encourage them to call you if they receive a strange email from you before replying to make sure it really came from you.

In my customers’ cases, I found the following settings:
. Every email was automatically forwarded. In one case, a gmail account had been created in the customer’s name to receive the forwarded emails
. A rule with the name of “.” was created to move every received email into either the Archive folder or the Trash folder
These settings meant that every email my customer received would be sent to the hacker and deleted from my customer’s inbox.​

This hack can happen to anyone. Be vigilant in case it happens to you!

The latest macOS operating system is now available. It is called Ventura or macOS 13. Like all new major operating system releases, it has many new features and is free to install on existing hardware. In this blog, I will tell you how to prepare your Mac for installation.

Let me begin by recommending that you do NOT install Ventura – at least not yet. A new major operating system release is a big deal and I always recommend that you wait until one or two bug releases have been made available. 

Supported Macs

These are the computers that you can install Ventura on if and when you are ready to proceed:

• 2017 iMac/iMac Pro and later
  
• 2018 MacBook Air and later
  
• 2017 MacBook Pro and later
  
• 2019 Mac Pro and later
  
• 2018 Mac mini and later
  
• 2017 MacBook and later
  
• 2022 Mac Studio and later
  

If your Mac is older than the above models, know that Apple still releases security updates and new Safari updates for Big Sur (macOS 11) and Monterey (macOS 12) and large app developers such as Google and Microsoft usually support even older versions, at least for a year or two. But be aware that if you are running the latest version of iOS on your iPhone or iPad, you might run into some compatibility issues if you fall behind on your Mac.
Storage
You can check on your storage situation by going to About This Mac and selecting the Storage tab. Ventura requires about 35gb of free storage. So, if you don’t have at least that much free, you need to get busy deleting.
Backup
Before beginning the installation process, make sure you have a current backup. Use of Apple’s Time Machine and an external hard drive is the simplest way to create a robust backup.
Installation
The simplest way to install Ventura is to either go to System Preferences and select “Software Update” or go to the Apple Store and find it there.
There are many new features in Ventura you will find interesting. Just Google “macOS Ventura features” to learn all about them.
Finally a word about Windows 11: if you are being nagged to install Windows 11, that means your computer is compatible with Windows 11 and you certainly good go ahead and upgrade. However, there is no rush since Windows 10 will be supported until October 14, 2025. There are many things different about the Windows 11 user interface, so if you don’t like change, I would stay with Windows 10 for now. However, if you like the challenge of learning new things, then Windows 11 might be just for you. If you do decide to upgrade to Windows 11, be sure to back up your files first. And if you do upgrade and decide you don’t like Windows 11, you have 10 days in which you can roll back to Windows 10.
Good luck!

This is a repeat of a blog I published two years ago.  I am repeating it because I continue to get calls from customers who either have fallen for this scam or are about to.  In particular, the pop-up warning approach (the second bullet below) seems to be particularly prevalent.  If you experience the pop-up, simply restart your computer (by if necessary holding down the power button until the computer shuts down and then starting it up again) and it should disappear.  

Here is the blog:
At least once a quarter one or more of my customers fall for a tech support scam. These scammers want you to believe your computer is full of viruses and that you need to hire them to resolve these issues. They get you to allow them to remotely connect to your computer and they ask for hundreds of dollars for services or products you don’t need. They might also take the opportunity to steal your passwords, upload other personal data, and install their own viruses.

These scams typically occur in one of three ways:

• Phone Calls: your phone rings and the callers state they are from Dell, Microsoft, Apple, or some other well known company. They say they have detected a serious problem with your computer and they need to access your computer to run a diagnostic test.
  
• Pop-up Warnings: a window suddenly appears typically while surfing the internet, often with blaring background sounds, stating that a serious issue has been detected and that you must call a provided telephone number immediately.
  
• Online Ads and Search Results: you are searching for help and the resulting ads or search results lead you to the scammer instead of a legitimate company.
  

Legitimate tech companies will never contact you by phone, email or text message to tell you there is a problem with your computer, and security pop-up warnings will never ask you to call a phone number.

If you are scammed to the point where you allowed the scammer to remotely connect to your computer, then you should assume that the scammer now has all of your online passwords and that your computer is now compromised. Your should immediately do the following:

• Power off your computer. On another computer, change all your online passwords and take the opportunity to create very strong passwords.
  
• If you paid the tech support scammer with a credit or debit card, call the credit card company or bank and try and stop the payment and cancel the card. If you paid with a gift card, contact the company that issued the gift card and see if you can get a refund.
  
• If you have a backup system image prior to the scam, restore the computer from that system image. If you don’t have a system image, then reinstall the operating system and all the apps (of course backing up your data first).
  

These scammers are really convincing and experts at what they do. Falling for a tech support scam is extremely frustrating, costly, disruptive, and time consuming. Don’t give away your passwords, credit card info, social security number, driver’s license number, or any other personal information to a stranger over the phone. Don’t let this happen to you!!!!!

Adobe Flash was predominantly a web browser platform that expanded a browser’s capabilities with features like streaming video and gaming graphics. It was originally developed by a company called Macromedia in the late 1990s and was acquired by Adobe who intended to make it the cross platform programming technology for streaming and gaming. Many software development companies embraced it, including YouTube, HBO, and Disney. But unfortunately it was riddled with security risks and other problems which led developers to slowly abandon it. Things really went downhill for Flash when Steve Jobs barred Flash from the iPhone. In 2017, Adobe set December 31, 2020 as the date for the end of life of Flash.​

Browser developers have made it increasingly difficult to enable Flash and now that the end of 2020 is near, have begun to eliminate it completely. Furthermore, if you have Flash installed, you may have already noticed messages telling you to uninstall it.

Since the end of life announcement in 2017, software developers have been moving away from Flash to other platforms. You may have heard of HTML5 which is one of the more standard choices.

In general, you can safely uninstall Flash, unless you are running an old application or accessing an old website which has not been updated to use something besides Flash. If you are, you best start looking around for a replacement, because one way or another, Flash will either disappear from your system or stop working.

On October 13th Microsoft is ending support for Office 2010. This does not mean that the Office 2010 suite (Word, Excel, Powerpoint, Outlook, and others) will stop working the next day, but it does mean that updates that fix bugs and close security holes will end, resulting in increased risk with continued usage.

You could chose to continue using the Office 2010 suite at your own peril, or switch to one of these options:

Office on the web: this free option from Microsoft only requires a Microsoft account, but these web versions of Word, Excel, PowerPoint, and OneNote are limited, scaled down versions that require you to be on line at all times.

LibreOffice: this option is also free and may be used in commercial environments. I blogged about it last September, so you can read about it here: https://steve.gimnicher.com/technology-blog/libreoffice I’m a big fan because it is completely free and unrestricted, offers a lot of functionality, and it supports the Microsoft Office file formats.

Office 2019: this is likely the last Office version that can be purchased for a one-time license, but you will be locked into whatever functionality it comes with (i.e., Microsoft will not be adding new functions via updates). Also, you must have internet access to use this suite. Office 2019 comes in three different versions, ranging from about $150 to $440 from Microsoft.​

Microsoft/Office 365: this option is where Microsoft would like you to go and offers continuous updates and support as long as you are paying the monthly or yearly subscription prices. There are different packages for Home and Business, so be sure you purchase the right option that meets your needs.

I have blogged a lot about how important backups are to protect your crucial data in the event of computer failure, virus attack, or theft. Now there is a new reason to backup your data: mandatory evacuation.

Living in California, the possibility of a mandatory evacuation due to the threat of fire seems to be the new normal. Obviously, you will want to grab things like medication, money, face masks, etc, but what about your computer?

If you have been implementing a comprehensive backup strategy, then depending on your approach, you won’t need to grab much. If you are backing up your data files to one of many available cloud-based storage services (e.g., OneDrive, Dropbox, Google Drive, iCloud Drive, Box, iDrive, or others), then in terms of those files, you don’t need to grab anything. If you are backing up your files to an external hard drive or a network drive via backup software (e.g., Windows 10 File History, Macrium Reflect, Apple Time Machine, etc), then you just need to grab the drive.

A common mistake is not checking whether the backups are actually working. Things change on your computer all the time. Just because backups were working at one time does not mean they are still working. It is crucial that you periodically confirm that current backups are taking place.

If you don’t have a backup strategy or backups aren’t working, then you will have no choice but to grab the entire computer, but that is certainly not ideal.​

Setting up backups is not difficult. Why take the risk of losing documents and pictures? Please – if you haven’t done so, get backups in place; if you have set up backups, make sure they are working!

5G cellular networks are beginning to role out. As of this writing (June, 2020) all four major major US carriers now have some form of 5G cellular wireless. There are three major variations of 5G, which makes the offering confusing. But it is important to understand the differences.

Historically, when new cellular technology roles out, there are early implementations of networks and devices, which don’t work very well. As the networks expand, the implementations in the devices improve. Finally, as the networks and devices become robust, new applications appear that leverage the faster speeds. This was the case with 1G, 2G, 3G, 4G, and is the case with the fifth generation of cellular wireless technology: 5G. This entire sequence can take years to become stable, reliable, and widespread.

With each evolution of cellular wireless technology, the wireless channels get bigger (to increase the speed of data), latency is reduced (to improve responsiveness), and the capacity increases (to be able to connect more devices).

So, with that as a background, lets clarify the confusing part. With 5G, there are three options: low, middle, and high.

Low-band 5G
​In practical terms, low-band 5G won’t be much faster than 4G. But it’s spread and capacity are much greater. One low-band 5G tower can cover up to hundreds of square miles. Published download speeds vary greatly, but on average expect around 50Mbit/s.

Mid-band 5G
Mid-band is likely to become the common offering in all major metropolitan areas of the United States. It offers about double the speed of low-band, but towers need to be a few miles apart. This is the sweet spot of 5G. You can expect download speeds to be between 100 and 400 Mbit/s.

High-band 5G
High-band is really the ground breaking technology, offering blazing speeds, low latency, and huge capacity. But, distance is very limited. You can expect to see high-band 5G towers in locations that serve huge numbers of people, such as dense urban environments, sporting and concert venues, and conventions centers. Unless you are very lucky to live very close to a high-band 5G tower, you will not be able to take advantage of what it offers. In perfect conditions, download speeds can be 1Gbit/s or even faster.

The emerging deployment of 5G is very exciting and will certainly affect all of us in a positive way. But, be knowledgable about the differences and set your expectations accordingly.