How to stay relatively safe online


Tony Sumrall Contributing columnist

Tony Sumrall Contributing columnist


On the subject of free broadcast OTA (over-the-air) TV, Nextgen TV (also known as ATSC 3.0) has been rolling out nationally. It enhances the quality of digital OTA broadcasts by adding 4K broadcasts, HDR (high dynamic range) which allows for a wider range of colors, deeper blacks and whiter whites. See https://go.ttot.link/NextGenTV for a more complete explanation of ATSC 3.0.

Staying safe online is something just about all of us worry about. And if some of us aren’t concerned, we should be. I know people who’ve lost their bank accounts and one friend even had his Social Security account hijacked. Following some simple rules could have prevented it.

Rule 1 — Be suspicious. You just heard from an old friend who you haven’t heard from in ages? Maybe it wasn’t them. Contact them via another method and confirm that they sent you a message. Yes, even responding to a message from a scammer can set you up to be scammed. If your friend says they didn’t contact you, just ignore the other message. Do not engage. Why? Often scammers are not working alone. By responding or engaging they know you’re there and word will spread, inviting other scammers to contact you.

Rule 2 — Be suspicious of polls and questionnaires on social media. They may be fun but they inform scammers of your past or your present or your future plans and give them ammunition to engage in social engineering attacks. A good place to read about it is https://go.ttot.link/SocialEngineering, but I’ll briefly go into some of the more important aspects. Social engineering is a way for hackers and scammers to find out things about you that could help them break into accounts or entice you to give them more information about you that could be used to figure out passwords or fool businesses into thinking the scammer is you. See a questionnaire that asks your favorite teacher in grade school, your first pet’s name, or your best friend in high school? Stay far away from it. Answers to those questions could be the basis for a password or the answer to a challenge you’ve set up at your bank.

Rule 3 — Never click on a link in an email or text unless you’ve verified it came from a trustworthy source. Just because it looks like your bank sent it doesn’t mean they did. Call them if necessary, and don’t use the phone number from the email. Use the number you have for them or the one from their website that you went to independently of the text/email. If you get an email that says you owe money for something, ignore it if you can’t verify its authenticity some other way. Almost every day I get spam that says I owe or will be charged for a service with a link to contest the charge. If I don’t recognize the company or service I ignore them. And if I recognize the company or service, I use alternate methods to confirm like independently going to their website, logging in and checking there. I also have alerts set up for all of my credit and bank accounts. Any time there is a charge to one of my credit cards or a deduction from one of my bank accounts I get a text or an email. And, being suspicious, I don’t click on any links in the text or email. Instead, if I question the charge I either open the app associated with the account or independently go to the web site for that account.

Rule 4 — Use a masked or disposable email address whenever possible. How does this help? If you get an email from your bank but it’s going to a masked email address that you don’t use for your bank, you can bet it’s a scam or attempted hack. What are masked/disposable/anonymous email addresses and how do you get them? There are many services, both free and paid, that provide this service — https://go.ttot.link/MaskingServices gives a good description of some of the various services. If you use GMail as your email provider, you already have the ability to create as many email addresses as you want. If your gmail address is [email protected] you can create a new email address that will still deliver to “[email protected]” by adding a plus sign followed by just about anything and put it before the @gmail.com. When you sign up for a LinkedIn account, for instance, you could give them an email address of [email protected] and any email to that address will be delivered to [email protected] You’ll be able to see the full email so you’ll know it was sent to your LinkedIn address. And if it comes from any place other than LinkedIn you’ll know it was either stolen or LinkedIn sold it.

Rule 5 — Be mindful when and where you post. If you’re going out of town, think about what you’re telling the world if you post that before you return. You may have the proper privacy controls in place on our chosen service but that doesn’t mean a friend couldn’t inadvertently leak that info. Unsavory folks could take that as an opportunity to break in and steal from you. While it may not be as much fun, try to hold off on posting pictures and descriptions until you return. And while we’re discussing posts, make sure any pictures you post don’t reveal anything you want to keep hidden. All smartphones that I’m aware of record GPS location, phone type and model (among other things) in your pictures and videos. Be aware which services strip that information from the picture or video and which do not. If anyone gets a picture with that information in it, they’ll know where it was taken. Sure, your friends probably already know where you live, but should everyone? You can turn off your phone’s ability to save your GPS location but, personally, I like having that available when I go through my old photos. Fortunately, most social sites already remove that information from photos and videos you upload (Facebook, Instagram, Twitter but not TikTok). If in doubt do a quick search on the name of the service and GPS data. And don’t forget that those pictures you send to friends by email or text have that information in them. Inadvertent leaks happen.

That’s it for this week.

Email me with questions, comments, suggestions, requests for future columns, whatever at [email protected] and don’t forget that I maintain links to the original columns with live, clickable links to all the references at https://go.ttot.link/TGColumns+Links or https://go.ttot.link/TGC+L.

Tony Sumrall, a Hillsboro native whose parents ran the former Highland Lanes bowling alley, is a maker with both leadership and technical skills. He’s been in the computing arena since his graduation from Miami University with a bachelor’s degree in systems analysis, working for and with companies ranging in size from five to hundreds of thousands of employees. He holds five patents and lives and thrives in Silicon Valley which feeds his love for all things tech.

Tony Sumrall Contributing columnist
https://www.timesgazette.com/wp-content/uploads/sites/33/2022/08/web1_Summrall-Tony-mug-1.jpgTony Sumrall Contributing columnist