bertfixessome
Well-Known OPE Member
- Local time
- 1:35 AM
- User ID
- 9993
- Joined
- Jul 20, 2019
- Messages
- 68
- Reaction score
- 90
- Location
- Australia
Have not been here for a while but the Hyjacked thread shows me that a lot of you are pretty lax when it comes to cyber security.
Now if you have a Google or face book account in your real name then forget it you are already perminantly compromised .
If not then there are a few things that one can do to make life difficult for internet criminals
1) do not use free email hosts like Yahoo / Gmail / AOL etc as your principle email host, for jooining forums or social groups , sort of OK.
The old addage of if it is free then YOU are the product applies to all free mail hosts.
Pay to get an email only account with any ISP you like , and this does not have to be the one you use to access the www with and by prefference should be a different one .
When you sign up they will all give you an account name and email address generated by them .
It will usually be some sort of jibberish like 1four4pqt@sleasebag.com.
Never ever use this address for anything other than setting up other email addresses.
Most of these accounts will offer some where between 10 to unlimited email addresses plus aliases for each of them .
Now set up you email accounts and do not use your real name in any of them.
For your personal communications use something that your friends & family would associate with you like "redford52@sleasebag.com" etc
Then set up another one for dealing with government departments like "thievingratbags9@sleasebag.com"
And another for each & every financial instution you deal with , including paypal and use a different address for ebay / amazon etc .
Another for organizations who have no valid reason to demand an email address like "stickybeaks9@sleasebags.com"
Then some more for forums like this one like "opef123@sleasebags.com"
I think you get the idea
Never use a real single word in the name because web bots will go to an ISP and send emails with every word in the dictionary as the account name plus every known name @ that isp fishing for real live email accounts .
For supposedly more secure log ins that require a phone number, buy the cheapest SIM only plan with a phone number .
Activate the account then remove the sim card and never put it back in unless you need to use that number and turn off SMS if not answered
Thus when it gets checked, it will appear as a real number but not available .
Anything where your real name is not vital ( like this forum ) put your name in backwards or inverted so if that forum is hacked you get messages that look real but have your name spelled backwards or inverted so you know that "unclaimed tax refund" email is spam because your name is backwards and it came in via an email address that the IRS does not know you have.
This is not as difficult as it sounds and works very very well.
In the past year Medibank down here got hacked and since that time I have had dozens if not hundreds of emails with my real name & address in them supposedly from every bank down here ( including both of mine ) , the vehicle registration department, the tax department etc etc.
All of them appeared to be genuine, but they were sent to the wrong email address for the sender so I know they are fakes .
The other thing is even when an email looks genuine I ignore it for about a week to see if the same email appears in another address so again I know it is fake .
And of course never ever click on any link, open a new browser window or use a different device to contact the sender if you think it is ligitimate .
In my case I run 4 browsers and 3 email clients on my main computer.
Then all of the hobby interests , motorcycling, fishing etc are on an old computer that is only used for that purpose, when I have the time to catch up on my motorcycling buddies or fishing pals .
As for 2 step authentications, IMHO all that does is link your real name with your real phone number , hackers treasure chest ,( hence the reason for joining with a fake name & unused phone number ) and while I am sure everyone does their very best to keep this information secure , in reality it is not secure and never will be so if you treat it as being vunerable from the start then you are even less unlikely to wake up one morning by the moving van with the people who think they have just bought your house or to find all your money is gone & all your accounts are frozen the evening of a public holiday or have the bailiffs at your door because you have not paid back that $ 2,000,000 loan that YOU did not take out .
Now if you have a Google or face book account in your real name then forget it you are already perminantly compromised .
If not then there are a few things that one can do to make life difficult for internet criminals
1) do not use free email hosts like Yahoo / Gmail / AOL etc as your principle email host, for jooining forums or social groups , sort of OK.
The old addage of if it is free then YOU are the product applies to all free mail hosts.
Pay to get an email only account with any ISP you like , and this does not have to be the one you use to access the www with and by prefference should be a different one .
When you sign up they will all give you an account name and email address generated by them .
It will usually be some sort of jibberish like 1four4pqt@sleasebag.com.
Never ever use this address for anything other than setting up other email addresses.
Most of these accounts will offer some where between 10 to unlimited email addresses plus aliases for each of them .
Now set up you email accounts and do not use your real name in any of them.
For your personal communications use something that your friends & family would associate with you like "redford52@sleasebag.com" etc
Then set up another one for dealing with government departments like "thievingratbags9@sleasebag.com"
And another for each & every financial instution you deal with , including paypal and use a different address for ebay / amazon etc .
Another for organizations who have no valid reason to demand an email address like "stickybeaks9@sleasebags.com"
Then some more for forums like this one like "opef123@sleasebags.com"
I think you get the idea
Never use a real single word in the name because web bots will go to an ISP and send emails with every word in the dictionary as the account name plus every known name @ that isp fishing for real live email accounts .
For supposedly more secure log ins that require a phone number, buy the cheapest SIM only plan with a phone number .
Activate the account then remove the sim card and never put it back in unless you need to use that number and turn off SMS if not answered
Thus when it gets checked, it will appear as a real number but not available .
Anything where your real name is not vital ( like this forum ) put your name in backwards or inverted so if that forum is hacked you get messages that look real but have your name spelled backwards or inverted so you know that "unclaimed tax refund" email is spam because your name is backwards and it came in via an email address that the IRS does not know you have.
This is not as difficult as it sounds and works very very well.
In the past year Medibank down here got hacked and since that time I have had dozens if not hundreds of emails with my real name & address in them supposedly from every bank down here ( including both of mine ) , the vehicle registration department, the tax department etc etc.
All of them appeared to be genuine, but they were sent to the wrong email address for the sender so I know they are fakes .
The other thing is even when an email looks genuine I ignore it for about a week to see if the same email appears in another address so again I know it is fake .
And of course never ever click on any link, open a new browser window or use a different device to contact the sender if you think it is ligitimate .
In my case I run 4 browsers and 3 email clients on my main computer.
Then all of the hobby interests , motorcycling, fishing etc are on an old computer that is only used for that purpose, when I have the time to catch up on my motorcycling buddies or fishing pals .
As for 2 step authentications, IMHO all that does is link your real name with your real phone number , hackers treasure chest ,( hence the reason for joining with a fake name & unused phone number ) and while I am sure everyone does their very best to keep this information secure , in reality it is not secure and never will be so if you treat it as being vunerable from the start then you are even less unlikely to wake up one morning by the moving van with the people who think they have just bought your house or to find all your money is gone & all your accounts are frozen the evening of a public holiday or have the bailiffs at your door because you have not paid back that $ 2,000,000 loan that YOU did not take out .
Last edited: