Thursday, August 26, 2010

"The best laid plans of mice and (wo)men often go awry.”

Well, so much for keeping up on my blogs. After taking quite a long hiatus from online selling, I am back at it again. Going through inventory, ordering supplies, setting up a new storefront, updating pictures - how do you set priorities when everything needs doing at the same time? You plug away at it and little by little, you get there. At least I hope it works that way. lol

Rather than repeating myself here you can hop over to my other blog, Disney Watches from TwigsPlace.com, to see what's been in the works. I haven't quite decided which direction to take this blog but for now I will leave the previous posts since I think safe online shopping is something to be taken very seriously.

Not much more to say tonight but I'll be back with more updates soon. I hope life is treating you all well ~ Twig aka Jill

Wednesday, April 25, 2007

Emails using Virginia Tech tragedy as phishing front

OK, I thought the scammers had sunk to a new low with the puppy scam but this one is the lowest.

Please, if you receive an email with a link promising footage of the Virginia Tech shootings DO NOT CLICK THE LINK. Clicking the link may download a trojan virus to your computer.

Please click here to visit the Sophos site for more information about this particular email threat.

While you're there, please also check out their "Simple Steps to Avoid Being Phished". It's a great article to print and keep at your desk for reference.

Labels: , ,

Monday, February 19, 2007

eBay Password Security

Following is an article written by Allison Hartsoe and posted at Auctionbytes (title above is link to original article); it's directed towards eBay passwords, but easily applies to any online passwords you may use.

eBay Password Security (Vendor Monday)
By Allison Hartsoe
AuctionBytes.com
January 01, 2007

In today's AuctionBytes "Vendor Monday" column, Internet Business Skills founder Allison Hartsoe exposes vulnerability for eBay sellers: insecure passwords. Each week, AuctionBytes.com runs an article submitted by a vendor or marketplace in the online-auction industry about a topic helpful to online sellers. Story submissions are welcome by emailing the editor.

It never ceases to amaze me the number of eBay sellers who have fairly insecure passwords. Even the larger companies I deal with are prone to creating simple, highly insecure passwords. Judging by the number of sellers I personally know who have had their accounts compromised, eBay is a prime target for password attacks.

Now, like you, I hate to create a complex password I can't remember. So here's a little background on what it takes to hack an eBay password and how you can create highly un-hackable password you can remember.

Rule #1 - Create a password longer than 4 characters
The more characters in a password, the harder it is to crack. You probably knew this already, but did you know that a password of 4 characters or less can be hacked instantly using any number of commercial programs?

Rule #2 - Use upper and lower case letters in your password plus digits
Lowercase letters are the easiest to break. Adding upper case letters increases the level of difficulty, but is still not the best solution. Adding a digit is also a good idea. See Rule #3 below.

Rule #3 - Incorporate the full set of ASCII characters in your password
What's an ASCII character? Anything on your keyboard is an ASCII character, but the characters above the numbers (!,@,#,$,%,^,&,*,(,)) are particularly useful in creating a powerful password. Here's an example. If my password is "ebay" a password-breaking program would crack this instantly. If my password is "ebay3" it would take 2 minutes to get into my account. If I added an uppercase letter and made my password "eBay3" it would now take 12 minutes to gain access. But if I added an ASCII character, "eBy!3" it will now take 4 hours to get into my account.

Rule #4 - Choose an uncommon or non-existent word
Common English words are subject to Dictionary attacks. This is where a password cracking program runs through every word in the dictionary to find your password. Even if you put two common words together to create one that is not an actual word, for example "sidebook," a dictionary attack can still find it.

Now, here's a simple way to create a secure password you can remember that complies with all the rules above. Think of a sentence that describes something you can remember. For example, "I lived at 45 Maple Street in Ohio" or "My 3rd grade teacher was Mrs. Snyder at McKnight. Then, create your password by taking the first letter or number from each word in the sentence. So, our first example would become "Il@45MSiO" and the second would be "M3gtwMS@M".

Want to know how long it would take a program to crack those passwords? 44,530 years. Yes, it would take a program that long. If you remove the @ sign and replace it with the letter "a" it drops to 178 years, but still a very powerful password.

Now, make a resolution for the New Year to keep your eBay account secure and change that flimsy password to something powerful!
---
Allison Hartsoe is the founder of Internet Business Skills (http://www.internetbusinessskills.com). Internet Business Skills is the only company providing inventory-based analytical intelligence to eBay sellers in order to reduce fees. IBS enables eBay PowerSellers to reduce their eBay listing and marketing fees by 20-50 percent while increasing their staying power as an eBay PowerSeller. Before founding Internet Business Skills, Allison worked both as the Director of Business Development for Vericept Corporation, a security start-up, and served as the Executive Director for the Colorado chapter of the Front Range Forum for Women Entrepreneurs. In 1996 in San Francisco, Allison co-founded iSyndicate, a marketplace for digital content. iSyndicate grew to 230 employees with 6 domestic offices and 3 international before being acquired by a competitor in August 2001. While at iSyndicate, Allison led the International Team where she opened iSyndicate's first European office in London, and later struck a 50/50 joint venture with media powerhouse Bertelsmann. Allison has appeared on programs such as CNN Europe, CNBC Europe, NPR's Real Computing, and spoken at Internet Content West and Internet World 2000. Outside work, Allison is equally determined; she climbed Mt. Kiliminjaro and biked across the USA.

Tuesday, February 06, 2007

Puppy scam

Just when you think scammers can't sink any lower, now they're promising puppies that they never intend to deliver.

From the original article at www.cleveland.com (link to full article below):

"Victims are lured to Web sites offering rare dog breeds at affordable prices. Photos and text are often stolen from Web sites of legitimate breeders, McConnell said.

The puppy purchaser is told to wire payment in advance, and the seller continues soliciting money until the buyer gives up. By then, however, the money is irretrievable."


Once again this goes to show - never wire money to anyone for payment of an item unless you're sure you know who you're dealing with. It's always safer to use a payment method which offers the buyer some form of protection, such as a credit card.

An even better idea if you're looking for a 4-legged companion is to check out your local animal shelter :)

You can read the entire article by Leila Atassi here.

Monday, January 29, 2007

Jury Duty Scam

Even though this item doesn't pertain to online sales, I still thought it worth mentioning here since it could lead to identity theft.

I received an email about this jury duty scam and checked it out at Snopes.com (great site for checking out hoaxes by the way - save your friends some unnecessary worry before forwarding all of those warnings you receive by checking them out there first). Snopes has verified that this scam does indeed exist.

In a nutshell, here's what happens: someone calls you pretending to work for your local area court and says a warrant has been issued for your arrest because you failed to report for jury duty. Of course you say you never received the notice (because it was never sent), then they proceed to ask you questions to verify your identity.

The caller then may ask for your Social Security number, birthdate, possibly even credit card information or other personal information. NEVER GIVE OUT ANY OF THIS INFORMATION - court workers will not call you and ask for this type of information over the phone! If anything, they would snail-mail you something to follow up.

If in doubt, pick up the phone and call your local court house directly - they'll be more than happy to verify if you have indeed been sent a notice for jury duty!

Please click here to read the entire article located at Snopes.com.

Monday, December 18, 2006

Safe Shopping Tips from the FTC

FTC Consumer Alert titled "Holiday Shopping? How To Be On Guard When You’re Online" - great tips that everyone should read no matter what time of year it is.

The site also contains a link to OnGuard Online, which goes into more detail about ways to protect yourself.

From the OnGuard Online site:

"OnGuardOnline.gov provides practical tips from the federal government and the technology industry to help you be on guard against Internet fraud, secure your computer, and protect your personal information."

There's also a fun little "Auction Action" game you should play while you're there, it will test your smarts about using online auction sites. Unfortunately I can't provide a link since it opens in its own pop-up window, but you'll find it near the top center of the page at the OnGuard Online site.

Thursday, December 14, 2006

Helpful links for smart online shoppers

Greetings everyone! With the holiday shopping season in full swing, I thought it was a good time to post links to some helpful information.

The link below will take you to one of Firemountain's blogs - it's chockfull of tips to keep you safe while you shop online:

Fraud Prevention Tips from Firemountain

Here is a link to another of Firemountain's blogs; full of more good info, but be especially sure to read the section called "Common Internet Scams & Warning Signs":

Fire on Fire - Online Safety Tips

Shopping online isn't the only thing we need to be educated about these days; keeping our computers safe while being online is also a concern. For information on viruses and Internet security, be sure to check out M&D Creative Concepts' blog:

M&D Creative Concepts Security Communications

Thanks to Firemountain and M&D Creative Concepts for allowing me to share these links with you. Be sure to also visit the stores of these fine sellers, their customer service is second to none - I know first-hand!

The Store at Firemountain
M & D Creative Concepts

Happy Holidays to all!