This advice is for anybody using computing devices, even though my professional specialty is Apple equipment:
I’m now hearing of random phone-calls telling my clients that they need to change their Apple ID password, and claiming to be from Apple. I have also heard that there are “Microsoft Support” folks out there, doing the same thing for Windows… “A virus has been found on your computer”.
IT’S ALWAYS A LIE. Don’t fall for it. For that matter, if you get a random phone call from somebody with an East Indian accent, they are NOT on your side, and want to scrape some money off of your hide.
Lately, I am hearing about this stuff at an increasing rate. Since I don’t charge folks for calling me and asking questions, I get a good amount of feedback, which is my intention – I want to keep my finger on the pulse of what is happening outside of my home business.
Here is my theory of WHY this is accelerating: Windows 10, MacOS and IOS operating systems are getting truly stout and secure, so the only way that the big-city sharpies, scammers and confidence men can succeed is if they can FOOL nice, open-hearted neighborly folks, like everybody on NextDoor.com.
It’s best to be suspicious, in 2017 and beyond. The lack of reputable, certified and competent support-people out there has created a huge gap for the swindlers to step into. Folks are so desperate for help, they will allow some stranger in a foreign land to have remote access to their device. MOST times, the faceless stranger just makes the screen do flashy and important-looking things, while the clock runs, and the costs ticks ever upward.
As I have written here before:
– Don’t fall for it. If it seems suspicious, hang UP, without being nice about it. If they call back, tell them “The police have been alerted to your scam. Remove me from your list”. If you don’t, they will sell your information to other scammers. That seems to work, most of the time.
– If they have succeeded in charging your card, call the toll-free number on the back of the card and cancel the payment. They didn’t earn it, and they don’t deserve it.
– DON’T USE THE SAME PASSWORD FOR EVERYTHING!@#$!%! One of my clients got ripped-off for $400,000.00 two years ago. She used the same password for her Gmail account, as well as her Cayman Islands tax-dodge, which contained their entire nest-egg. Funny thing: If my credit union detects a suspicious transfer of money (six bucks, even), they cancel the card and I get an alert. Those dodgy Cayman Island accounts, not so much. I had warned her for years to change her passwords, and when she called, the first thing she asked was “Is there any way to un-do this?” No. There isn’t.
– Our brains are not evolved for the Password Wars. Every one of my clients has a book, or a few sheets of paper next to their computer. These have zillions of entries, crossed-out and scrawled in the corners. They are never 100% up-to-date, because of course… We simply can’t keep up, and I include my 61-year-old self. So, we have to have a SYSTEM:
– Let’s say that my tired, weary brain can only easily come up with one killer, secure and memorable password. Anything else is a chore and a burden. Something like “TonyL1nds3y”, which is a random example that I am using for illustration, and not my actual password. It’s my name, with some capital letters, and some numbers swapped in. If I create a new online account, then my password could be “TonyL1nds3y” with a capital letter at the end:
– Gmail: TonyL1nds3yG
– Apple: TonyL1nds3yA
– Whole Foods: TonyL1nds3yW
See the pattern? Why would it be secure? Because the scammers are like whales – They need lots of teensy prey in order to profit well. They will only dedicate teams of bright people to follow you all over the Internet, and analyze your overall pattern if you are a billionaire. I assume that you are not.
On Apple devices, there is a built-in system called “Keychain In The Cloud” – This is a really good way to have all of your Apple devices handle all of your passwords automatically. Once it has been set up, here are the rules:
– ONLY use Safari as your Apple web-browser for password-related transactions. No more Chrome or Firefox. They save your passwords, alrighty, but don’t allow the same info to flow to all of your current and future devices in the easy-to-access way that Safari does.
– If Safari asks if you want to save or update your password, ALWAYS SAY YES. YES YES YES. Why? Because the folks out there on the other end (Target, Yahoo, whoever) have screwed up really, really spectacularly in the past, and are no longer allowed to ask that question. If Safari asks if you want to save the password, it is because the loving, helpful device in front of you is going to handle it for you from now on, and you can TRUST it. Nobody else has access of any kind to your password: Not Apple, the FBI, scammers. Nobody.
If you are running Windows, there are plenty of excellent password managers out there, of which I know nothing. I will happily defer to my excellent, competent and wise PC buddy Dave Ussell in San Diego (dussell @ ascii27.com) to share any of his recommendations. I only work on Apple devices, and he only works on everything else.