Internet

Who’s listening to you?

~ grant.gallagher ~ 1 Comment

Author ScotShot Scott is an NRA and USCCA certified Instructor and Training Counselor in a range of firearms, and home and personal defense disciplines. In an Alternate Universe, he is a husband, father, grandfather, scientist, musician, educator and grumpy old professor. Just your average reactionary, short, fat, old, bald guy!

Hands up if you’ve seen the recent TV advertisement for the “WhatsApp” messenger app. The gist of the ad is that it is not ‘secure’ to send regular text messaging using an SMS messenger such as the one that comes on your phone. The ad suggests that if you switch over to using WhatsApp for messaging, no-one will be able to see your texts except the person to whom you sent it.

WhatsApp is more secure than regular text apps. However, it’s also owned by Facebook. So, the ad is simply designed to drive even more of your information and data to that company. It’s just another scam.

This then begs the question: who does harvest information from us? Our phone calls, location, internet use, and text messages all contain saleable information. As for who is doing the selling, the answer is “pretty much everyone”. The phone manufacturer, the people who write your favored apps, your home internet provider, your phone service provider, Uncle Tom Cobley, and the Man who owns a dog called Bingo. The list is pretty much endless. Did you ever notice how you can be talking about something with a friend, and the next time you’re on the web, there are ads for that very thing?

So, let’s stop for a minute and ask ourselves, “Do I want people I don’t know to sell my information?” That information can be our location, the number of times a day we text, or make calls out of state. Do we want them to harvest keywords from our emails to push ads to us? Do we want the things we think of as our private business to be part of our someone else’s business model? For me, the answer is “no!”

The question then becomes, “what can we do about it?” So it’s basically impossible to stop it, but with a few simple changes, it’s very possible to minimize it. It’s all about the tools we use.

Text messaging: Texting is probably the way people communicate most often now – way more frequently than an actual phone call. However the pre-installed messaging app on your phone isn’t secure (yes, even the one on your iPhone, although it’s pretty good when texting another iPhone). Two recent studies, one from 2018 and one from 2022 provide the answer. The best messaging app to use on iPhone and Android is “Signal“. This handy-dandy summary from the FBI lays it all out. So, use “Signal” Download it from your App Store, and have your friends and family do, too.

Searching for webpages: aka “googling”. Well, there’s a reason that Google is a fabulously wealthy company. It sells your search data, and scans your emails for keywords that it uses to push ads to you. Ever wondered where those ad links at the top of your Gmail come from? They come from your email. Google also uses algorithms to push certain search results and suppress others, much as Facebook does.

Not every search engine does this. There is one that protects your privacy and it’s called “DuckDuckGo” (I have no idea why). It is true that DDG is a (slightly) less mature product than Google and has a (slightly) lesser scope, but the key difference is that it does not store your information (especially your ip address) that can identify you and be used to target you with ads. There are multiple articles that discuss this and the key privacy that DDG affords, here and here and here, for example. So, the next time you fancy a Google, try a duck instead…!

OK – so you’re ready to jump on the web? How? In other words, which browser do you use? Well if you’re using a Mac, it comes with “Safari”. “Firefox” is common on both MACs and PCs. Microsoft promotes it’s “Edge” browser, and Google has “Chrome”. I’m sure some if not all of these sound familiar. Chances are that you’re using one of them right now. But, you’ve guessed it, all of these vacuum up your data and browsing histories like so much pocket-change scattered at a Scottish Wedding, and turning them into real money for themselves.

It’s important to use a secure (or at least, more secure) browser than the one that comes on your machine. Secure browsers don’t only block pop-up ads and pesky auto-play videos, they also protect you from malware, viruses, hacks and so on. Personally, I use “Brave”. It runs on Macs and PCs. At the time of writing, it has blocked 1,013,727 ads and trackers from my computer. Perhaps the most secure browser, and the only one that allows you to be completely anonymous is “Tor”. Tor was designed from the ground up to be secure, but it is the browser associated with the “Dark Web” and so many people don’t like to use it. So, be brave, and use “Brave”.

What is a VPN anyway? When you log into the internet from the comfort of your sofa, generally you use the service provided by the people you get your TV from (eg, Comcast, Optimum, Verizon etc). Well they harvest and sell your search and brower history, too. So, imagine you just loved looking at “Netflix”. Every time you go there, your Internet Service Provider (ISP) makes a note and uses that for commercial purposes. Every time you log into Gmail, or Foxnews, or CNN, they log this away and learn a little bit more about you. Are you a prepper? Do you read firearms news? You can prevent this information gathering by using a Virtual Private Network, or “VPN”.

Using a VPN stops your ISP from collecting your browsing history. It sends your browsing request out to a server somewhere in the world first, and it’s forwarded from there. So, all your ISP collects is the address of a server in Canada, or the UK, or wherever, and it never finds out what you are actually looking at. If you decide to go shopping for a VPN, you’ll find lots of pages such as this one and a lot of recommendations for various VPN providers.

I am sure that the service offered by such widely-used VPNs is excellent, and I won’t say anything against them. However, I don’t use them. I use “Proton VPN”. I use it for the simple reason that it is based in Switzerland. As such it is outside the “Five Eyes” intelligence network. It’s also outside the wider ones such as “Fourteen Eyes”. If you’re going to use a VPN, Proton VPN should be one you consider.

Hey! Shoot someone a quick Gmail about all this! How many people use Gmail I wonder? More than the number of fish in the sea, that’s for sure. Gmail and the suite of tools that go with it are very useful. It’s just not secure. My advice is to get a Proton Mail account. It’s free and secure, and completely encrypted when sent between other Proton mail users.

You can improve your cyber security. So, why don’t you?

How to Spot an Internet Scam

~ grant.gallagher ~ 2 Comments

Author Michael Lindner is a software developer living in Monmouth County, NJ, with his beautiful wife and the youngest of his three sons. His interests are faith, family and freedom, which makes him an anachronism.

The term “Spam” is used to describe any unwanted or unsolicited email or text. Often these “spam” messages are also “scam” messages – messages designed to con you out of money or personal information that can be used to rob you. If you’re like me, you get text messages and emails almost every day from scammers. As a long-time computer professional I can share some tips to spot them and avoid getting scammed. Here are some of the things I look out for – do any of these seem familiar?

Getting messages from a company you don’t do business with. Almost every day, I get a message with a link to a gift for being a loyal Verizon cellular customer. The problem is that Verizon is not my phone carrier.

If you receive a message claiming you are a customer of some company you know you are not a customer of, chances are it is someone trying to trick you into either trying to accept a “free” gift or trying to tell them you are not their customer. Sometimes the message is from a company you have an account with, but is referencing something fake. For instance “Thanks for paying your December bill, here is a gift” when you paid your December bill weeks ago (or haven’t paid yet). Check the source of the email or text, it is probably wrong.

Getting email messages from a suspicious email address. Email and web addresses work from right to left. If you google Verizon you will find their web address is www.verizon.com. The important part is the last two parts, “verizon.com”, which is called the “domain name”. Every web site the company has, and every email the company uses, will end in that same domain name, “verizon.com”. Scammers will usually use email addresses and links that are similar, but different. Some examples might be “verizon.xyz.com”, “verizon.xyz”, “verison.com” or “verizon.com.xyz.org”. Note that they do not end in “verizon.com”.

Most email programs will show you the actual email address if you hover the mouse cursor over the “From” email address on the screen. A few will make you right click or click on “show headers” to see it. But if an email is suspicious, take the extra time to see who it’s actually from, and whether it is legitimate.

Getting text messages from a suspicious phone number. Most large companies use “short codes” to contact their customers. This is a five to seven digit number. If you receive a text message allegedly from your phone carrier or similar that is from a “normal” 10 digit phone number, it is likely a scam. Be careful.

Getting message with a link that doesn’t go to the right web site. Links to web sites look like “https://www.verizon.com/support”. The part after the “://” and before the next “/” is the important part, and just like the email addresses, it must end in the proper domain name, in this case “verizon.com”. An email might have a link that says “click on Verizon customer service” to claim your gift. If you hover your mouse cursor over the link, most browsers will display, at the bottom of the window, where the link actually goes. If that link is not going to the domain you expect, odds are the email is a scam. If the email looks suspicious but you want to go to the site the email allegedly goes to a safer way is to google the address (for example, google “Verizon customer service”) and click on the search results.

Web sites that ask for personal information. Suppose the email looked ok, but when I click on the link the site I go to is asking for my name and birth date, or other personal information, to “verify” who I am? That’s likely not a legitimate site. If you are uncomfortable with the site asking for personal information, look up the phone number of the company it’s supposed to be from, call their customer service and ask if the email and site are legitimate. Most companies are happy to help, and grateful to find out about scammers using their name.

What to do with scam emails, texts, etc. What should you do with a suspicious message? First off what not to do. Do NOT respond to it, even to say “rot in hell you scammer”. The more information they get from you, even just the fact that you are a real person, the more they can do. Ignore ignore ignore.

Most email clients have a “Spam” button that you can click on. Use it. Not only does that keep you from having to see the message, but it gives the email program information on catching future scam messages. Use spam filters if your email/phone provides has them. These take feedback from other users reporting spam to stop such messages from getting through to your inbox in the first place.

Most of all, remember the adage “if it sounds too good to be true, it probably isn’t.”