Page 3 of 39

Scam Electricity-Saving Devices

January 9, 2024 / Jesse Mueller / 0 Comments

This post is not really a computer tip, per se, but I’ll cover it anyway. Scam electricity-saving devices are rather tangential to what I write about here, and quite a few people are asking me about them. So heads up! Here’s what I can find and say about these things:

Power Saving Devices

These things go by a variety of names: Watt-Saver, StopWatt Energy Saving Device, Power-Save Box and more. If you notice these for sale on Amazon/TikTok/eBay/Facebook/etc., they will promise to greatly decrease your electricity bill! All you have to do is buy a bunch of them, plug them into your household outlets and wait.

But everything about these boxes is made up and the facts don’t matter.

Elon Musk and/or Tesla have had no hand in creating or selling these devices.
They do not reduce your electricity consumption in any meaningful way.
Fox News and other news media have not endorsed or covered this product.

Their marketing also states that it may take a few months for you to notice the reduction on your bills. This is just a tactic to convince purchasers to keep these devices longer than the purchase-return-window.

The Truth

If you really want to cut electricity costs in your home, don’t believe these con artists. Conserving electricity is a little more involved than buying some junk from Amazon and plugging it in. There are plenty of reputable resources out there with ideas for you, and your electric company probably is probably one of them.

“But Jesse, I see these things on Amazon and they get great reviews!” Sorry, you can’t count on Amazon reviews these days. There are countless ways to game that system, so that a bogus product shows many 4- and 5-star reviews.

These devices contain almost nothing of value. YouTube has plenty of videos, where people take apart “power-saving boxes” and discuss their innards. Enjoy!

Avoid Using Registry Cleaners

January 3, 2024 / Jesse Mueller / 2 Comments

The Windows operating system has this central database that it uses constantly, while your computer is running. Better know as the Windows registry, it is essential for your PC’s operation. It’s hidden away where you won’t see it, and only advanced users ever meddle with it. And yet, some helpful apps offer to clean and maintain it. I need to warn you off of that sort of thing, right now. Please: Avoid using registry cleaners!

The Windows registry can take care of itself. Some cleaning software may purport to be able to improve your system performance, by tweaking your registry, but please be wary. Microsoft has long held the stance that you don’t need to “maintain” their registry. Running a registry cleaner can put your system at risk! Malwarebytes echoes this view, and also suggests that registry cleaners only appear to help, due to the placebo effect.

There are plenty of other warnings out there about the uselessness and dangers of registry cleaners, but let me be the latest: You can seriously harm your PC by using a registry cleaner. An explicit example: Joe Customer just called me about his computer that suddenly will not boot up. He presses the power button, the Windows Logo briefly appears, and then he gets a BlueScreen error. His system then restarts and loops back to the same message. As of now, he’s “dead in the water.” And the last thing he did, before this problem, was he ran his Registry Cleaner and then rebooted.

I can get him back on dry ground, with a System Restore, or a Windows Reset. With some luck, we won’t need a complete system wipe. But Joe is currently anguished and panicked, and very worried about his files. I don’t wish these kinds of feelings on anyone. Save yourself some stress and avoid using registry cleaners.

Flea Power

December 27, 2023 / Jesse Mueller / 1 Comment

Computers and other tech devices retain small amounts of electricity even when turned off and unplugged. Some of it is deliberately stored in capacitors on circuit boards. Other energy is incidentally caught up as a static charge. In any case, this minute amount of electricity is called Flea Power.

It’s a Bug, Not a Feature

Sometimes you need to drain this residual power, to revive a device. Here are some scenarios where you should try a hard reset (or power drain) to deplete that stored power:

A laptop begins to boot, but shows nothing on the screen.
A desktop tower flashes its power button as if it were asleep, but it won’t easily wake up or turn all the way off.
A printer turns on, but the Wi-Fi just won’t work or connect.
Some component, like your audio port or all USB ports, aren’t working.

Draining the flea power is not a cure-all, but it is a crucial troubleshooting step, that should be used early on, before you invest time and patience into a hardware problem.

Getting Rid of Flea Power

For computers that are stuck or troublesome, you would:

Disconnect the power cord from the back or side of the system.
- Remove the battery, if possible.
Disconnect other cables and devices attached to the computer.
Press and hold the computer’s main power button for 15-30 seconds, and then release it.
Reconnect only the power cable, and press the power button briefly, as you would to turn it on.
If the system turns on, reconnect your other cables and devices. If the system does not turn on, try steps 1-4 again.

Some printers will benefit from this troubleshooting tactic, too. If you are trying to solve a problem with your ink cartridges or printer’s network connection, make sure to follow these steps at least once. Also keep this tactic in mind for any TVs and soundbars that give you difficulty.

Draining a device’s Flea Power is generally harmless, so feel free to do it at anytime. However, you should not have to do this often. If you find your device requires this procedure again and again, you may have a deeper problem worth discovering.

Email Your Future Self

December 26, 2023 / Jesse Mueller / 0 Comments

If you’ve ever wanted to send an email to your future self, there’s a great website for that!

FutureMe

You’re welcome to use this website for free, and it does exactly what it says on the tin: You write an email to your future self, and FutureMe promises to send it to you at the date of your choice.

I can imagine a lot of positive uses for this, but if you need examples, check out their FAQ page and their Public Letters page for more info.

Xfinity’s 2023 Data Breach

December 19, 2023 / Jesse Mueller / 1 Comment

Has Xfinity contacted you recently to change your password? This was probably a legitimate request, and prompted by Xfinity’s 2023 data breach.

(I’ll call it the 2023 data breach, because they also had one in 2022!)

It looks like cybercriminals exploited and intruded upon Xfinity’s systems in October of this year, and we’re just now hearing about it. Xfinity has put out a generic statement about the matter. But government websites provide more important details, such as: 35 million customer records are involved. What kind of data was stolen? It could include usernames, passwords, last-four digits of SSNs, DOBs and security questions/answers.

If you are an Xfinity customer, it’s not important whether or not they notified you. Change your Xfinity password now. And if you are willing, consider using additional 2FA protection on your Xfinity account. Update your account security questions. And anything else that Xfinity reps suggest to you (if you call them).

If you want to call in about Xfinity’s 2023 data breach, start with this dedicated number: 888-799-2560. But that number may be swamped, and sometimes rings busy. If you cannot get that phoneline to work, try any other support number you may find on your Xfinity billing.

Addendum

Even though Xfinity customers are quickly securing their accounts, this data breach will likely result in other hazards, down the road. Cybercriminals will study the stolen customer records to see how to use them creatively.

If I had to guess, I’d say we’ll see an uptick in bogus Xfinity phone calls, where scammers promise big discounts or collect money for receiver updates. They can repurpose the data from this breach, to make them sound more legitimate to their victims!

Thank Your Amazon Driver

December 13, 2023 / Jesse Mueller / 2 Comments

Would you like to thank your Amazon driver for what they do? Amazon has started up their driver tipping program, much like last year. Everytime someone sends a thank you to their last delivery person, Amazon will pay them an extra $5.

They make it easy to do. You can:

Visit this website
Type “thank my driver” into the search field of Amazon’s website or app
Speak to your Alexa device, “Alexa, thank my driver!”

It looks like these gratuities will be doled out for the next 2,000,000 thank yous.

How to Recognize Spam

December 6, 2023 / Jesse Mueller / 6 Comments

For some, it’s easy to spot spam in your inbox. But for others, it can be a real challenge. Spammers use a variety of tactics to make their email look tempting, believable and worthy of attention. But much like a spoiled brat or a passive-aggressive boss, we don’t want to encourage a spammer any more than we have to. The following common characteristics will help you recognize spam, so that you can react correctly when it arrives:

Mismatched Sender Email Addresses

When you get an email that you’re not sure about, consider the sender’s address. Many spammers use Gmail/Outlook/Yahoo addresses, because they are quick & easy to create. Other spammers use whatever email address they please, because they’ve spoofed it to look like a trusted domain name. In any case, looking at the email address from which the message came is your first clue to spam.

For example, if you have a curious email about your Norton subscription, but it came from GregoireBandersnatch@harvard.edu, that should immediately tell you that you have spam. A legit email from Norton would likely have Norton.com in the address.

Also imagine: You’re looking at a message from HelloFresh, and it seems to have been sent by Hell0Fr3shMark3t1ng@gmail.com. Wouldn’t the real HelloFresh send their marketing messages from an address ending in “HelloFresh.com”?

Gobbledygook Email Address

While you’re checking the sender email address, any kind of gobbledygook you see there is another tip-off. If the message came from d4H3f9a2fb1@serenitynow.com, you can probably consider that as spam.

Homoglyphs

Even though this may be new vocabulary to you, you probably already know what this is from past spam. A homoglyph is a character or symbol that is very similar in appearance to another. Homoglyphs can be used in humorous or creative ways, such as in l33tspeak or slangy texting, but spammers use it a lot in their subject lines and message bodies. Homoglyphic substitution helps their email get past some spam filters, while preserving the overall meaning for their recipients.

Șó aṇỿtɨmе yóu sее an еmaɨ| mеssagе that |óóks |ɨke thɨs sеṇtеṇçе, knów that ɨt ɨs spam and trеat ɨt as suçh.

Spelling and Grammar

Some spam employs flawless English, while other spam does not. If that message from WholeFoods is horribly written, or that offer from Wal*Mart misspelled the word “coupon”, beware! A big company surely has an editor on staff to review any mass communications, and would almost never broadcast anything so unprofessional.

Incidentally, I should remind you that spammers intentionally send spam with misspellings and poor grammar. They’re not ignorant. They do this as a tactic to target their audience and get responses from the people who are more likely to fall for their scams.

Outlandish Claims

“Extraordinary claims require extraordinary evidence.” Please do not believe or react too quickly in response to any email making outlandish claims or promises. I assure you that:

The Grand Vizier of Mazumba Province is not going to bequeath $10M to you
You are not going to get rich quick by investing in a secret Bitcoin opportunity
Secret Shoppers are not being hired in your zip code and you will not make $100k in your first year
That payout from a casino or lottery (that you’ve never heard of) is not going to make you rich

These emails persist, because they can sweep people up in their hopeful emotions and take advantage of our trusting nature. Don’t fall for it. Practice critical thinking skills and research things without haste, without responding to such spam.

Urgency

Is an email urging you to Act Now Before Time Runs Out? Is their special offer only good for another 15 minutes, and the message even shows an animated clock, counting down? Or is there a veiled threat of bad things coming, if you don’t act in a timely manner?

In any case, if an unexpected message is conveying a sense of urgency, that’s a big red flag. Legitimate offers won’t push or rush you into any decision. Hurrying you to decide something is a tactic meant to compromise your judgment.

Nearly Empty Messages

Some spam plays their game in the other direction: Their message shows up blank or mostly vacant of any real text. What little there is in the message is a lure.

Sometimes, the spam contains only a single sentence or phrase. It’s usually vague but just interesting enough to entice you. And it will be a weblink; you will instinctively know that you could click it to learn more. Don’t click it! It’s a trap!

Other times, the spam will have absolutely no text in the body. there will be only a single large image, and your email program may ask you if you want to Display Images? This, also, is a trap. Never ask your email app to display images from any unknown sender.

Anyone tricked by these messages will confirm to the sender that they’ve read the email and interacted with it. That leads to more spam and scams in their inboxes. Also, clicking links could expose them to malware downloads, phishing websites and worse.

This post should end with a recap on what you should do, and not do, with spam.

Just delete it, OR
Mark it as Spam/Junk mail (if your email offers you such an option)
Feel free to open and read any potential spam message, BUT
Do NOT reply to spam, do NOT call any phone numbers shown in spam
Do NOT click any links inside of spam, do NOT open any attachments
Do NOT unsubscribe from spam. Any unsubscribe options, even when offered by Google, can result in your receiving MORE spam.

Some good news on the horizon: Google is adding AI to their spam filtering software. They claim this will make them more successful at blocking homoglyph abuse and other sneaky spam. And if Google is deploying this new technology, I bet Microsoft and other big tech firms will follow suit.

Vishing

November 28, 2023 / Jesse Mueller / 0 Comments

I didn’t think we needed a specific term for scam phone calls, but here we are. Following in the footsteps of smishing and quishing, we also have the term vishing. Vishing is another portmanteau, created from voice + phishing. When you see or hear about vishing, they’re referring to any phishing/cybercrime carried out over the phone or through other verbal means.

Vishing Examples

You may know of some of these vishing scenarios already, but they’re worth rehashing. Some of these employ live human voices, while others might use recorded messages or even AI-generated speech.

Big Tech Impostor: An important technology company calls to urge you into action. The call may claim to be from Apple, Microsoft, Yahoo, Google, etc., and they may claim your account has been compromised or your data has been stolen. Others calls seem to come from Norton, McAfee and the like, where they state your PC is infected, or you are due some special refund. These calls often become a remote control scam.
Big Merchandise Impostor: Most of us place orders with Amazon or Wal*Mart, but that doesn’t mean they’ll call you out of the blue. Calls announcing that your shipment has been lost or damaged, will probably morph into a refund-based scam.
Pretending to Be Your Bank: Is that call really coming from your bank, or is it an impostor. Be suspicious if the person on the phone wants your PIN, or a texted code or anything else sensitive from you.
Television/Broadcast/Satellite Impostors: Xfinity, Dish, DirecTV and more are commonly impersonated on calls offering discounts and refunds.
The Grandparent Scam: Vishers call their victims, trying to pass themselves off as young relatives in trouble. Even worse, this scam is changing to employ AI-generated voices that sound very convincing. Family members report receiving calls that claim someone dear to them has been kidnapped.
Police Department/Court Systems/IRS Threats: If you need to pay your taxes, settle a court order or be arrested, a government employee will not call you to take payment over the phone. But these vishing efforts succeed everyday, because people are often afraid of these entities coming to their doors.

Advice & Notes about Vishing

Most vishing calls use Caller ID spoofing, to make them more convincing. Please remember that Caller ID is not always truthful.
Do not harass or aggress a caller, if you figure out they are a scammer. In rare instances, the cybercrook will respond by swatting their victim. Just hang up on them.
Some vishing calls originate from your trash. A crook may harvest an account number or some other PII after doing a little dumpster diving. I recommend you shred all sensitive paperwork before you dispose of it.
If you haven’t put your number on the National Do Not Call Registry, now’s the time. It won’t solve your telemarketing call problems, but it might decrease the unwanted calls coming in.
Let all unknown callers roll to voicemail. Do not answer mystery callers.
Some vishers look to leave a voicemail message about an urgent situation. They may use tools that send their call directly to your voicemail inbox! The recording will state a phone number to call, but that will typically just connect you to the scammers. Do not call these crooks back!
Don’t speak to a robocall or any suspicious caller. Some experts worry that talking on a recorded line may make it easier for a crook to steal your spoken words to create voice-mimickry used in their next vishing calls.
Vishing calls are getting better everyday, and you may find yourself on a call that you can’t figure out. If you’re feeling torn, hang up the phone! Call the company back, using a number you can trust, either from a printed invoice in your possession, or from their website.

Apple NameDrop

November 27, 2023 / Jesse Mueller / 0 Comments

If you use Apple devices, there’s a new feature in the latest OS updates called NameDrop. This function allows you to quickly and easily share contact info with other Apple device users. Simply place the two devices near each other, and NameDrop will appear! Each device user will get a pop-up, asking if they want to exchange contact cards.

I want to emphasize: NameDrop always asks permission to exchange any info. I’ve got a bit of rumor control to do here, as people across the internet have noticed this new iOS addition and are reacting poorly. Misinformation and fearmongering is afoot.

If you see any posts, urging you to turn off NameDrop, take a breath and Don’t Panic. Please understand that NameDrop only works under strict conditions:

Two devices have to be very close to each other (almost touching)
The Apple devices are powered on and unlocked
Each user taps Share to authorize their data to transmit

Apple NameDrop is safe and well-implemented. I don’t see any real risk here. You are still welcome to disable the feature under Settings -> General -> AirDrop -> Bringing Devices Together. Just don’t buy into the viral hysteria; there’s no major safety loophole or hazard here.

Low-Hanging Fruit

November 21, 2023 / Jesse Mueller / 0 Comments

In the technology world, people are jeopardized by two separate yet equally scary groups: the big tech companies, who care only for monetizing their users’ data; and the opportunistic scammers, who prowl the web looking for victims. These are their stories.

Dear Xxxxxx,

I’m writing this letter to you about your kiddo. Please don’t worry, this is not one of those Are-you-sitting-down? notes. But let me explain something that you might think is a teachable moment:

Facebook recommended your daughter’s profile to me, as a potential friend-connection. I haven’t Friended her, but I did click on her name to look at her profile. And Egad, She’s got too much personal info out there. I am able to view all of this info on her profile, because it’s all set to Public visibility:

Complete FB Friends List
Name of high school and college, with admission years and major
Hometown and current city/state of residence
Mother, father, brother and uncle’s names, with links to their FB profiles
Birthdate

If I can view this info, then anyone in the world can. I’m thinking about the scammers that are having a field day on Facebook — all of this sensitive info is essentially low-hanging fruit to them. “Easy pickin’s”, if you’re into that country vernacular. And I’m not so concerned about your daughter here, as I am the people connected to her. She’s probably smart enough to dodge the average Facebook criminal, but what about all of her friends and family?

A publicly-visible Friends List is what attracts scammers that clone profiles. In essence, a bad guy could create a brand new FB account, and give it your daughter’s name. S/he could copy and use your daughter’s profile pic. And then they’ll start sending Friend Requests to everyone they see on her F-list. If any of her FB Friends are too trusting or naive or quick-with-the-mouse, then they may connect with an impostor-scammer, who is ready to pretend to be your daughter and con some money from them.

Publicly-visible family connections are interesting to a different type of crook. Sometimes, cybercriminals attempt the “grandparent scam“, where they call a family member and pretend to be someone else in the family. The scam usually starts with a phonecall: “Uncle Ned, it’s me, Saoirse, I’m in NYC and I’m in jail! Can you wire-transfer me some bail money?” In order to carry out these schemes, they study family names & connections and it really can help their ruse hold up. Full disclosure: I unknowingly contributed to a grandparent scam, several years ago. A scammer saw some family names on my FB masthead photo, glommed some specifics about my family, and tried to scam someone important to me. Live and learn, never again!

And showing your hometown and school info to the public is just all-around ill-advised. That info is commonly connected to account security questions, so an identity thief might appreciate this kind of info.

My hot-take on Facebook is this: Mr. Zuckerberg & Co. spares all expense in running their platform, and they are not looking out for their users. When on Facebook, we are not customers, we are simply “the Product.” The scammers are very aware of what Facebook tolerates and ignores, and they exploit that knowledge to their greatest benefit. This has been happening for a long time now, and I have no reason to anticipate any improvement. If we’re going to use Facebook, then it’s up to each user to mind their own safety.

So, if you think your daughter would be receptive to some advice, let her know she should go to her Facebook Profile, and change all of her personal info to be less Public. To the right of the Friends List is a 3-dots button that allows you to Edit Privacy. She can also go through all of the sections under “About” on the profile, and use the Pencil or 3-Dots buttons to up the privacy levels. Personally, I’ve set most of my Profile to the “Only Me” level, but the “Friends” level is good, too. Anything besides “Public!”

And if she makes these improvements, there a tool for her to check herself. If she goes to her Profile, there’s a 3-dots button to the right, just below the masthead photo. She can click that and then go to “View As”. This presents her profile as it appears to the public (to people who are not connected to her on FB). She can traipse through her own profile in this mode and judge if she missed anything that needs hiding away.

Cheers! — Jesse

BlueScreen Computer