Netflix phishing campaign goes after your login, credit card, mugshot and ID

nflxl-login.png

Can you spot a fake notice from a legit one?

From Sophos' Naked Security blog:

Organisations that had their brands hijacked in this way in the past few days include: eBay, PayPal, VISA, American Express, Bank of America, Chase, HSBC, National Australia Bank – and that’s just a random subset of the list, in one industry sector.

Protecting your brand against abuse by phishers is, sadly, as good as impossible, especially if your brand is well-known and widely advertised.

Full Article

James Gowans' Hybrid Journal

To digitally back up my analog journal, I take a photo each night of that day’s entries and add it to Day One. I tag them with “hybrid” to keep them organized. Sometimes individual log items are copied to their own entry as well if I think they’ll need to be recalled later.

This is a clever idea to digitize your written journal entry. Great method for backing up something that can be damaged by water, fire, or loss. Recommended.

 

Full Article

Yale’s Most Popular Class Ever: Happiness

Psychology and the Good Life, with 1,182 undergraduates currently enrolled, stands as the most popular course in Yale’s 316-year history. The previous record-holder — Psychology and the Law — was offered in 1992 and had about 1,050 students, according to Marvin Chun, the Yale College dean. Most large lectures at Yale don’t exceed 600.

 

It is sad that in 2013, "more than half of undergraduates sought mental health care from the university during their time..." at Yale.

I'd imagine this would be a similar statistic for many higher education institutions. It's hopeful to see such a overwhelming amount of attendees wanting to learn how they can improve their lives.

This course is so popular, that it is offered to the world for free on Coursera. It starts in March. I signed up for it.

 

Full Article

 

Dell is considering a sale to VMware in what may be tech's biggest deal ever

The reverse-merger is one of the more audacious strategic initiatives being looked at by Dell and its advisers, said the people, who asked not to be named because the discussions are private. Dell's board of directors will meet next month to consider a slew of options, many of which are still in the early stages of examination, including the reverse merger.

 

Hail Mary, full of grace, let's try this approach to keep our shareholders happy and in place.

 

Full Article, complete with annoying auto-play video

U.K. Now Has A Minister For Loneliness

From Merrit Kennedy:

According to government figures, more than 9 million people in the U.K. "always or often feel lonely" and "around 200,000 older people have not had a conversation with a friend or relative in more than a month." An increasing body of research has found that feelings of social isolation can have profound health effects; according to a government commission, loneliness is as bad for people's health as smoking 15 cigarettes daily.

"Loneliness can be triggered by a life event, such as a bereavement or becoming a parent, with certain groups, such as young people and carers, particularly at risk," said [Tracey] Crouch [Minister for Sport and Civil Society].

I'm waiting patiently for the day where it will be okay for an American to talk genuinely about feeling lonely without threat of admonition, attacked, or shaming by others. We are not alone in our struggles. There are so many who feel the same.

 

Full Article

 

Gas pump malware tricks customers into paying for more than they pump

The malware caused the gas pumps, cash registers and back-end systems to display false data. It was also able to cover its tracks. It worked like so: every morning, employees would come up with a pretext to leave one of a station’s reservoirs empty – for example, under the pretense of cleaning. When a customer bought gas, the program automatically shortchanged the customer of between 3% and 7% of the gas purchased. But the gas pump itself would show that the entire volume of purchased gas had been pumped into the tank. The stolen gasoline was automatically sent to the tank that the attendants had left empty that morning.

An idea: Next time you're at 1/4 tank, go to a gas station, fill your tank, and take a picture of the end result for future reference. If you consistently refuel when the gas gauge reads 1/4 tank, you'll know how many gallons it takes to reach a full tank for your vehicle.

It takes about 13 gallons to fill my vehicle when it reaches a quarter-tank. Gas prices have been fairly consistent in my area, so it takes about $42 to fill my rig. If I visit a gas station that has fallen victim to malware, and a typical fill-up at 1/4 tank results in $47 or $48, plus I notice that it takes 15 gallons to fill my tank, I would start to ask questions.

Five cents more for a gallon of gas would normally mean a 65 cent increase in my total cost for the fill-up. If the total cost is more than a few dollars, I would surmise that something was up.

Full Article

 

90% of Gmail users could improve their security easily, but don’t

The real problem with 2SV isn’t that it’s irksome to use – it isn’t – but that not enough people have heard or it or, if they have, are confused by the myriad ways of using it across different services.

 

If you aren't familiar with 2FA (2-factor authentication), MFA (multi-factor authentication), or 2SV (2-step verification) you should learn about them ASAP.

It's DIY way to CYA, IMHO.

IDK if you want your email account to be FUBAR, but a simple 6-digit SMS to your phone will decrease your odds of an OMG moment. YMMV.

CYAL8R.

Full Article

Courage in the workplace - Password edition

...IT organizations rely entirely on their employees to manage their passwords, with no technology in place to enforce password strength or the frequency of password refresh, even though they are aware that employees are the weakest link in the security chain.

Businesses know they have a problem, yet they choose to avoid taking the high road. In this case, it's educating their employees and setting standards and policies in place that will avoid compromised data, financial loss, and worse.

Seems like a no-brainer to me.

Full article