A+ R A-

The Tech Report

Tech Talk with Greg Bailey

E-mail Print PDF

In today’s world, e-mail is a very powerful tool. It lets you stay in practically instant contact with friends and family, and is a vital part of any successful business.

The use of e-mail is widespread, from people who only use it for social reasons, to employees keeping coworkers up to date, to people who only use it very occasionally to contact specific individuals.

Regardless of how someone uses email (but especially if that usage involves mass e-mails to several groups of people at once) the time should be taken to learn the proper methods of sending e-mail. When you compose an e-mail, there are three fields that allow you to dictate who receives the message: the “To:” field, the “CC:” field, and the “BCC” field.

Knowing which field to use at which time can prevent e-mail mistakes that may put an e-mail (or an e-mail address) into the wrong person’s hands.

First, the ‘To:’ field. This is the main place to put the address of the people you want to receive the e-mail. Any addresses that are put in this field will get the message once you hit send. Note that I said “addresses”, as in you can have more than one name in the To: field. This can be useful, if you have to send an e-mail to five different people, you only have to send one message to five addresses instead of five separate messages.

What you need to be aware of, however, is that any name put into the To: field can be seen by anyone who receives the email.

If X, Y, and Z are all in To:, then when X opens your message he can see you also sent it to Y and Z. This may not be a problem, but it is possible that you want to keep the addresses of Y and Z a secret from X. Even if you yourself don’t care about secrecy; X, Y, or Z might not want their e-mail addresses known to anyone aside from you. If this is the case, you cannot put the three addresses in the To: field.

‘CC:’ (for carbon copy) is very similar to To:. In effect, they do essentially the same thing; CC: will make and send a copy of the e-mail sent to the addresses in To:. Since they do the same thing, the same problems with e-mail address privacy still exist. To that end, there is ‘BCC:’. The “B” in BCC: stands for blind, as in anyone who receives the email is blind to any address that was in the BCC: field. Following the previous example, if you send an e-mail putting A in the To: field and X Y and Z in the BCC: field, A will only see his own e-mail address, and X Y and Z will only see their own address. To ensure the privacy of the recipients of a mass e-mail, you should put any addresses in the BCC: field as opposed to putting them all in the To: or CC: field.

Entering the right addresses in the right fields will keep the e-mail addresses of those you are messaging private when they need to be, preventing any awkward situations.

This article is part of a series devoted to Internet security, and learning how to keep you and your information safe. Any questions, requests for clarifications, or comments can be sent to gregbailey9@ gmail.com.

Greg Bailey is a Computer Science major at UCR Bourns College of Engineering

Tech Talk With Greg Bailey

E-mail Print PDF

Earlier this week, one of my online accounts was compromised. I still have no idea how it happened, or if there’s anything I could have done to prevent it. While there probably was some way I could have kept the account more secure, the only surefire, no-fail way to keep Internet accounts safe is to not have any accounts at all. The only way to make absolutely sure your computer is never infected with malware is to never connect to the Internet. That being said, this article will talk about what to do when the worst happens: when someone has gained access to your account. When the account is first compromised; it is rarely obvious.

More often than not you might not even realize it immediately. You might start noticing some suspicious activity on the account, or a friend might tell you that the account has been in use while you weren’t on it. Slowly, the confusion from the odd situation involving your account becomes fear when you realize just what’s going on. Once you know the account has been taken over, the first thing to do is take just a moment to calm down. The next few minutes could potentially be very important, especially if you happen to catch the intrusion swiftly. Take the time to collect yourself... but don’t take too long.

Do not waste any time at all in taking action. This seems at odds with the first step, but there is a difference between spending time calming tense nerves that could cause mistakes and spending time doing something that can wait until later. The next hour could make a huge difference, and you should be focused on limiting damage to the compromised account.

The steps you take to recover your account depend on a few things. First, can you still logon to the account, even though it has been compromised? If so, you should change the password immediately. Make sure the new password is very strong, use random numbers and letters.

If you cannot log-in to the account, the password has most likely been changed already. In this situation, the next step is to recover your password. Go to the log-in screen and find the “Forgot Password” option. The website should send your password to the e-mail associated with the account (check your spam folder if you don’t see it in your inbox). The processes for each website differ, but as long as the e-mail used with account hasn’t also been compromised, this should let you log-in to the account, where you can change the password.

If you don’t get the e-mail from the website after using the Forgot Password option, then it is possible that they have changed the e-mail address to one of their e-mail accounts (most websites will send the old e-mail a message when this happens, so keep an eye on your inbox). In this case, there is nothing you can immediately do to get control of your account back. Contact the people in charge of the website, and notify them of the situation.

The website most likely has a set procedure for compromised account recovery, find it in their help section and follow it. Be prepared to give information on the account that only the original owner should know.

Once you’ve either regained control of the account or are waiting to hear back from the website, there are a few other steps to take.

You should quickly notify friends and family that you are not in control of the account. The compromised account may be used to scam people you know; they should be put on guard until you have the account back.

After you’ve done this, there are a few simple things you can do to tighten the security on your computer. Make sure your web browser has been fully updated, since an older version could have vulnerabilities that have since been fixed. Run whatever antivirus software you have, you may have picked up malware recently and not known it.

Keep in mind that while it’s possible that your account information was phished or obtained through malware, it is also possible that it was just guessed through a brute force method. Methods like that are why it is crucial to have strong passwords; the stronger the password, the weaker such an attack is in comparison.

But remember, there is no way to reduce the chances of being compromised to nothing, so if it does happen just keep a cool head and act effectively and efficiently.

This article is the tenth in a series devoted to Internet security, and learning how to keep you and your information safe. Any questions, requests for clarifications, or comments can be sent to gregbailey9@gmail.com.

Tech Talk With Greg Bailey

E-mail Print PDF

Last week I touched on spam; now I’m going to talk about it with a little more depth. Or, to be specific, how to deal with spam. Spam can be better described as junk e-mail. It is sent out by trillions world-wide every year, and is the vast majority of email sent. If you have an e-mail address, you have gotten spam at some point. It is almost impossible to make an e-mail address completely free from receiving spam, but there are definitely steps you can take to minimize the amount of unwanted emails you get.

Spam is pretty easy to recognize. Once you have gotten enough spam, it is simple enough to see that it is spam just from looking at the subject line. I’d provide a list of the more common words, but several of them are inappropriate at best. Look for subject lines involving people trying to sell you something, or trying to get you to watch a video, things like that. Most spam is annoying rather than actively malicious, but should still be properly taken care of.

Most importantly, some spam will have a link to unsubscribe, something along the lines of “If you do not wish to receive any more e-mail from this address, please click here”.

A reasonable (and completely wrong) thought is that clicking on the link will cause you to get less spam. In fact, clicking on that link can make you a target for even more spam. Here’s what clicking on that link does. First, the sender of that spam knows that the e-mail account is an active one; its owner checks it regularly.

Second, the sender knows that you read your e-mails, even if they are spam. Third, the sender knows that you are willing to click links in spam messages. These three things make up one very easy conclusion: send this e-mail address more spam.

Spam wants to be seen, read, and clicked on, and trying to communicate that you don’t want more spam means that you fulfill all three requirements.

The correct response to spam is no response. Do not reply to the spam.

Do not click any link in the message, even if it says you will stop getting spam if you do. Do not even open the message if it is obvious spam. Instead, it should be marked or reported as spam through your e-mail client and then deleted.

A quick word on the spam folder your e-mail client most likely has: most e-mails in it are there for a reason.

Most e-mails. Occasionally an e-mail you are expecting or an unexpected important e-mail will be relegated to the spam folder by mistake.

For this reason, you should make a habit of browsing your spam folder on occasion. You don’t have to open the e-mails, just make sure that there isn’t anything important accidentally lost in the folder. If this isn’t done regularly, it should at least be done before emptying the folder.

If you are very active on the Internet and regularly use your e-mail address for different services, it would be a very good idea to set up a second e-mail account. Whenever a website or a stranger requests an email address, you can give them your second e-mail account. Whenever a friend or someone you know requests an e-mail address, you can give them your main e-mail account.

Your second e-mail account should receive the bulk of the spam you get, keeping your main e-mail account’s inbox much cleaner.

This article is the ninth in a series devoted to Internet security, and learning how to keep you and your information safe.

Any questions, requests for clarifications, or comments can be sent to gregbailey9@gmail.com.

Tech Talk With Greg Bailey

E-mail Print PDF

Last week I talked about how to minimize risk when using a public computer. Now I’m going to be talking about a very similar situation:

using a portal computer to connect to a public wireless Internet connection, or Wi-Fi. In recent years, more and more establishments have adopted a standard of free Wi- Fi. Bookstores, libraries, even many McDonald’s restaurants have begun to offer customers free Wi-Fi.

Riverside itself even provides free Wi-Fi throughout the city! However, coffee shops and other similar businesses remain the main source of Wi- Fi locations.

A mistake many people make is to assume that these places provide free security as well as free Wi-Fi. This is not always the case; instead assume that a free wireless connection is just that: a free connection and nothing else, with no added security.

That being said, it follows that you shouldn’t do anything financial or equally sensitive on a public connection.

Even if the website you were using uses “https” instead of the less secure “http”, it can still be dangerous. That kind of activity should be reserved for your personal computer and connection at home.

An easy thing you can do is activate your computer’s firewall, if it isn’t already on. To do this, simply go into the Control Panel and find “Windows Firewall” (if you only see categories, switch to “Classic View”). After you click it, simply select the On option to start the firewall.

The firewall won’t automatically protect you from any malicious attacks, but it is always a good idea to have it on. Unless there is a specific reason for turning it off, it’s a good idea to keep it on at all times, not just when using a public Internet connection.

Something else you should do is disable file and printer sharing. Any folders you might have marked as shared across a home network could be accessible by anyone on the same public wireless connection.

To disable this option, find your Network Connections page (if it isn’t in the icons on the bottom right in your task bar, go into the Control Panel, and click on Network Connections). From there, right click on the wireless connection you are using and click on Properties. Look for the option “File and Printer Sharing for Microsoft Windows” and disable it. One thing to consider is physical security, by which I mean keeping an eye on your laptop! This is another problem that you shouldn’t have with a home computer, but comes into play when you bring a portable computer out into the world. Aside from your laptop simply being stolen; it is possible for someone to gain information from your laptop if they can get to it. The Internet browser Firefox for example has all of its stored passwords available to check by just a few keystrokes! A stranger could easily walk up to your laptop with a pen and paper, make a few clicks and keystrokes, and be writing down user names and passwords, all within twenty seconds. If for any reason at all you need to turn your back on a laptop, before you do so quickly hold down the Windows key and hit L. This will automatically send your computer into standby mode, requiring that a user reenter their password to get back into the account (and there should be a password attached to your account, even if you are the only one who uses the computer).

And one final note: when you are done with the wireless connection you should leave it the same way you connected to it. There’s no reason to stay on an unsecured network any longer than you have to.

This article is the seventh in a series devoted to Internet security, and learning how to keep you and your information safe. Any questions, requests for clarifications, or comments can be sent to greg@bpcmediaworks.com.

Greg Bailey is a Computer Science major at UCR Bourns College of Engineering

Tech Talk With Greg Bailey

E-mail Print PDF

About a month ago, gaming company Blizzard proposed the following change to their online forums: any post made by a user account would not use a character name, but a user’s real name. Now you need to know that on these gaming forums most people have used character names for years as they interacted with other users from around the world. As a result, this change was not taken lightly.

In other words, if I were to make a post on a forum with that system, the name of the poster wouldn’t be a character or account name, it would just be “Greg Bailey.” The idea was quickly reversed because of a fierce outcry from the community... but this attempt was still very relevant, not only for gamers, but for anyone who uses the Internet. Attaching a real name to an online identity makes it much less challenging to track down your real world identity.

It is very easy to find personal information using the Internet.

As with many other aspects of computing, the public has the misconception that to get information on a person something dramatic like hacking government computers is required. This is not the case, there are search engines that can find out any basic information on a person with simply a first and last name.

If you have more than that, like a state, it becomes that much easier. These engines can find personal information through various ways, but the easiest way by far to get personal details about a person’s life is by checking their Facebook page.

The Internet is a much more social place than it was fifteen, ten, or even five years ago. Hardly anyone had heard of giants like Facebook or Youtube five years ago, but both sites went through dramatic growth to become the powerhouses they are today. Today, people regularly upload information about themselves that they certainly would not have before sites like these existed.

When you post something online, it is not automatically encased in an impenetrable bubble that only people you know can access. It is very possible for a complete stranger to see what you post on sites like Facebook. If you post information that you would like to keep private, ensure that privacy settings on your account are set so that random people on the Internet cannot see your posts, friends, or other information you may not want to be made public.

Here is a very good ground rule for social networking sites: only post things you wouldn’t care about a stranger finding out. If you want to talk about something more private with a select group of friends, there are better places to do that than a social networking site.

Also, and this has just as much to do with common sense as security, avoid posts that you would not want to be tracked back to yourself in the real world. The Internet is full of horror stories regarding people who have posted something along the lines of “I hate my job/boss,” only to realize that they had added said boss as a friend whom could now read that post. There is no end to the embarrassment and awkwardness that could be avoided by simply taking a moment to consider if making a post is a good idea or not.

In addition to making sure your privacy settings are set up properly, another very easy thing you can do to keep yourself more secure is not automatically accept friend requests. If you receive a friend request from someone you do not know and cannot remember ever meeting or talking with, don’t accept the request just because they went to the same high school as you did. In addition, make sure you actually know the people who are already on your friends list.

Social networking sites are a great way to stay in contact with friends you might not be able to interact with otherwise. Just make sure that you’re keeping your privacy intact.

This article is the fourth in a series devoted to Internet security, and leaning how to keep you and your information safe.

Any questions, requests for clarifications, or comments can be sent to greg@bpcmediaworks.com

Greg Bailey is a Computer Science major at UCR Bourns College of Engineering

Page 7 of 18

BVN National News Wire