Category: Communications (Page 1 of 3)

Shentel Email Best Security Practices

Many of my clientele are in the Shenandoah Valley of Virginia, the home territory of an ISP named Shentel. And like many ISPs, Shentel provides free, courtesy email addresses to its subscribers. It’s like a mint on your pillow, except this mint needs some extra warnings on its wrapper and may give you some indigestion…

I can level a variety of criticisms against any ISP-provided email another time. For this post, I need to write on how Shentel customers can keep their email more secure. There are frequent scams targeting Shentel email addresses, and I want to help as many people as I can to tighten their defenses.

If you don’t have a Shentel email address, this post will not directly apply to you, but the overall security recommendations do. So please consider these points, and implement anything you are comfortable with!

Password Strength

I’ve helped with Shentel email users for almost 20 years now, and from the beginning, I’ve noticed Shentel doling out really weak passwords to their email addresses. In 2002, it was common for a brand-new Shentel email address to come with a 6-digit password. It was typically 3 letters (part of the person’s name), and 3 numbers (often the phone exchange of the user). To this day, I still encounter Shentel email addresses with these old, short passwords, like “abc465” and “joe933”.

If your email password is this short and simple, please change it now. Email thieves can determine such short passwords quickly, without hacking you or tricking you. There are password-guessing programs readily available on the dark web that anyone buy and use for this. And once they guess your password, they can use your email to start scamming your friends and family, or worse.

Changing your Shentel email password is easy, especially if you know your current password.

  • Go to the Shentel Webmail website and login with your email credentials.
  • Click the cogwheel icon to the upper-right.
  • When the Settings screen appears, click Password.
  • Type in your old password and then enter a new password on the next two fields.
  • Click Save and you are done!

Try to choose a password that is 8 or more characters long, and use a capital letter, a number and a special symbol. An example of a strong password is: Maverick20#21 .

If you do not remember your Shentel password, call Shentel at 1-800-SHENTEL and ask their tech support to change your password over the phone.

Recovery Options

If your password is strong enough, you should still visit Shentel’s Webmail website. Shentel is starting to implement Password Recovery Options for its email users, but you won’t see these if you use Outlook, Thunderbird or a Mail app to see your messages. You must go to their Webmail site!

When you visit that site nowadays, you will be prompted to set a recovery email and recovery phone number. Fill out and satisfy these items as best you can, and call Shentel for assistance if there’s any difficulty. These are important to do! If some bad actor invades your email next month, these will help you more quickly to regain control of your account.

Request 2FA to Be Implemented

The best security tool to prevent email abuse is 2FA. This stands for two-factor authentication, and adds an extra layer to the login process for an account. When you use 2FA, you first login using your password, and next have to enter a token or code sent to your mobile number or other security device. If someone steals your email password, the second step will block them from accessing your account.

Shentel does not offer 2FA on their email accounts and has a hard time answering my most basic questions about it. But many other email providers do offer 2FA. If you are going to stick with your Shentel email address, you might reach out to Shentel to ask them to consider adding this security feature. It would greatly reduce the number of hacked Shentel email accounts!

When In Doubt, Pick Up the Phone

If you receive an email, and something doesn’t seem right, take your hand off the mouse. Take a moment to think about what isn’t sitting right with you, and contact someone without using that email in front of you.

That means: if you want to contact Shentel, dial 1-800-SHENTEL or any support number that is printed on their bills. Do not use any number in the fishy email! Contact info showing in a suspicious email will often put you in touch with criminals. And those guys will be all too happy to pretend that they are with whatever company you say you’re trying to reach.

If you can’t reach the company for advice, call someone else. Talk to a trusted friend, police officer, church pastor or relative. Or drop me a line for a second opinion, I am happy to sound off on all things, legitimate and scammy! You’re even welcome to forward odd emails to me, and I will quickly write you back with my verdict of them.

Don’t Panic: Pegasus Spyware

There’s a lot of news about the powerful spyware named Pegasus. And it is some nasty stuff, being able to infect a phone without anyone clicking anything! You can read about some basics about Pegasus here.

Unfortunately, this is one of those news topics where the media can be more inciteful than insightful. For example, the NYTimes has a long write-up on Pegasus that might make you a little anxious to read. By the 6th paragraph, they mention that “more than 1.65 billion Apple products in use worldwide have been vulnerable”. They don’t mention what you should do until the final (33rd) paragraph.

What should you do? Try my two-step plan:

1) Don’t Panic. 2) Update your iPhone.

The first step is because you’re probably not affected by Pegasus. This spyware, while it can do everything it says on the tin, was probably not something that was unleashed on the entire world. Instead, researchers are fairly sure that it was deliberately used against specific people. World leaders, politicians, activists or billionaires were the likely targets.

I’ll go out on a limb and wager that most of my readers don’t fit those categories. And for any who is a Pegasus target, they’ve probably already had their iPhone replaced or wiped.

Anyhow, the second step is what can give you full peace of mind, and may have already happened automagically. Many iDevices update on their own, and the latest iOS 14.8 update will patch iPhones against Pegasus. So go ahead and check for updates on your iPhone, and then put this nasty business out of your mind.

PS: Android phones might also be vulnerable to Pegasus, but the news media is not reporting a whole lot on that. I still recommend you Don’t Panic.

PPS: Yes, you can check your iPhone for Pegasus, but it rather involved and possibly not worth the effort. Still, if you are interested, here’s one method that appears to have no cost associated with it. I do not see any way to check an Android phone for Pegasus.

iPhone Profiles and How to Remove Them

Smartphones are pretty well-defended against viruses, but there are a few ways to abuse them that avoid detection. One of the ways that iPhones get hijacked is through “Profiles”.

The Profiles part of the iOS is typically only used by employers or schools on iPhones that they assign to their staff. For some companies, there is a legitimate purpose for installing Profiles on iPhones. iPhone Profiles might help them monitor the phones and how they are used.

But on a personal or store-bought iPhone, you should never see any Profiles in the Settings panel. The presence of Profile on your personal iPhone is a sign of spyware. Some apps or websites may sneak a Profile onto an iPhone, for the purpose of collecting or sending info from your phone without you knowing. An unknown Profile can turn your iPhone into a keystroke collector or spam relay!

The good news is that Profiles are easy to check for and remove, if any are present. For most iPhones, you may open your Settings icon and tap on General. Scroll up and down, looking for Profiles. If you cannot find Profiles on the General menu, then none are present on the phone and you are clean! But if you do see Profiles, tap on it and remove anything listed inside.

Is Facetime Coming to Windows?

The answer to this is a bit dicey. Or nuanced. But the explanation is worth it for your safety.

The Basics

Facetime is an Apple-owned iOS app that allows you to video chat with people on their iPhones and iPads,. To date, Facetime has only been able to connect you with other iOS devices. That means if you’re on an Android phone or a Windows computer, you can’t use Facetime!

Upcoming Changes

But in the near future, the iOS on modern iPhones and Apple tablets is going to update to version 15. And that update includes a nice change to Facetime: You’ll then be able to send invite links to non-Apple users, and rope them into your Facetime video chats!

There’s nothing to install, when you do this. Non-Apple users will receive a link that opens the Facetime chat in a browser window. It will probably be similar to receiving a Zoom link. PC and Android users will (still) not be able to initiate a Facetime chat, as only iOS users get to do that.

Why Is This Important?

Unfortunately, the nuance of what’s developing is getting lost in the headlines. Many tech articles are already cheerleading with “Facetime Coming to Windows” and that isn’t exactly true. And it is leading people down bad paths.

When some folks see that kind of news, they immediately search the internet for “Facetime for Windows” or similar. And they find free programs or extensions that claim it will install Facetime on your device. And this leads to an infection or adware getting on their machines.

Please do not install anything that says you can put Facetime on your non-Apple device. It is surely false and will only cause you trouble.

Periods & Plus Signs in Gmail Addresses

Email address are generally case-insensitive, that is, it doesn’t matter if you use capital letter or lower-case. But Google has a few more tricks up its Gmail sleeve.

Periods: In any Gmail address, periods are ignored. So feel free to add periods anywhere in the username portion, if it makes your email address easier to read or understand.

As far as Google is concerned, joedfragmented@gmail.com is the same as joe.d.fragmented@gmail.com is the same as Joe.D.Frag.Mented@gmail.com . But one may look better than another on a resume, while another may be easier to relay over the phone, so choose appropriately!

Plus Signs: Plus Signs are also ignored in any Gmail address, along with anything that comes after the plus sign, up to the @ symbol. That means you can customize your email address with any words you like.

Betsy.NoSpam@gmail.com might be your address, but feel free to use:

  • Betsy.NoSpam+fundraiser@gmail.com
  • Betsy.NoSpam+whitehouse@gmail.com
  • Betsy.NoSpam+amazon@gmail.com

Messages sent to those extra addresses will still get through to you at your normal address. But the Plus Sign info will still be visible to you on the mail you receive. You can use this tool to know when someone is sharing or selling your info. And you can also use this in writing email rules!

Let’s say you give out Betsy.NoSpam+lottery@gmail.com for a contest. And after you didn’t win anything, you noticed a lot of spam coming in, sent to that +lottery-address. In Gmail (or your mail client), you could then write a Rule or Filter to auto-delete everything sent to that particular address.

Text to 911

In case of an emergency, many parts of the USA support Text to 911. This technology allows you to contact 911 for help via text message (SMS).

The FCC reminds everyone that you should place a voice call to 911 whenever possible.

Much of the Shenandoah Valley[1]Warren County, VA has assured me they support this tech, even though they are not on the FCC list is covered, as shown on the FCC’s Public Safety list. Please feel free to verify other American cities and counties using that list. Or, reach out to your local police department or county offices to ask.

For more details, read up at the main FCC page for this technology.

References

References
1 Warren County, VA has assured me they support this tech, even though they are not on the FCC list

Do Not Harass a Phone Scammer

I just saw some really bad advice on Reddit. Someone suggested that when you take a call from a scammer, you should spend some time complaining, to waste their time and convince them to not call anymore. Please do not do this.

The chance of you convincing a scammer to change their deceitful ways is fairly close to zero. No one will remove you from their scammer call list, and in fact, they may deliberately pass your info around to other scam-call companies. There is no version of this phone call where you gain anything of value from it, but also, there is a small risk of danger.

In rare instances, a scammer may swat their victim. Swatting is when someone reports a fake emergency to the police, that targets a victim and their residence. The swatter may lie about a bomb threat or a domestic situation, leading police to speed to the scene. I will state the obvious here: You do not want the police coming to your door, weapons at ready, prepared to deal with violence.

Swatting is rare, but it does happen. Some scammers are just that evil, and secure in the thought that they cannot be tracked down. So the safest thing to do in the face of a scam phone call is to simply hang up, without further comment.

Shentel Email Scam for April 2021

Shentel Email users, beware the latest email scam coming to your inboxes!:

Phishing Email that shows the Shentel name

This message is not from Shentel! If you look closely, you’ll see it came from an odd address ending in “buckeye-express.com”. DO NOT CLICK the Update button, as it will take you to a deceptive website.

I’ll show that website here, without putting you at any risk:

Phishing Website that uses the Shentel name and logo

At a quick glance, this site looks legit, because they’ve stolen the Shentel logo, as well as the new Shentel Webmail icon. And the URL (web address) even has “Shentel” in it. It all feels very familiar…. But a Weebly.com address is something anyone can create, so this website was created by a bad actor. A true Shentel website would end in “shentel.net” or “shentel.com”.

If you received this message and went to this website, I hope that you didn’t fill out the fields. Anyone who types in an email and password on that site is actually delivering their logon credentials directly to some scammers. They will immediately log into your Shentel email at their true webmail site, and start abusing your address. I don’t yet know what these guys are up to, but email phishers often start emailing everyone in your address book with other ploys and lies.

If your email has been compromised, call Shentel immediately at 1-800-SHENTEL, and ask their tech support to change your password and inspect your account for other nefarious changes. And if you need any extra help, consider BlueScreen Computer as your backup option!

Unify Your AOL Inbox

AOL users may be used to a bifurcated inbox, that shows New Mail and Old Mail. Not everyone is happy with this inbox behavior, because as soon as you view and close a new message, it vanishes. The now-closed message automatically hops from New to Old, and you’ll have to switch folders to find it again.

AOL allows you to unify your inbox, so that it shows all of your mail in one Inbox, just like most other webmails. Here’s how to turn that option on:

  1. Go to your AOL Mail in any browser.
  2. Click Options in the upper-right corner, and then click Mail Settings.
  3. Scroll down to find Inbox Style, and select the bubble for Use Unified Inbox Style.
  4. Scroll to the bottom and click Save Settings.

With one folder for all your inbox emails, every message will now stay put in the list, after you close it.

Preserving a Voicemail Message

Let’s say you have a special voicemail message. Maybe it’s critical to a lawsuit you’re involved with. Or perhaps it’s a precious memory from a long-lost friend. If it’s important to you, then it needs to be protected! Don’t take your voicemail for granted, as it can be deleted or lost, like computer data.

If you have a valuable voicemail on your smartphone, please know that you can copy it to other locations, and then back it up. Here are some possibilities:

iPhone users: Tap on a voicemail, and then look for the Share button (looks like a box with an arrow pointing out of it). Tap that Share button to find a wealth of options. You should be able to copy the voicemail to Notes, Voice memos, or even attach it to an email message.

Android users: Tap on a voicemail and look down low for a Send To… option. Tap this to reveal choices for saving the recording to Google Drive, attaching it to a text message or sending it along in an email.

If you don’t see a Send To… option on your Android device, play the voicemail all the way through to the end, and then check again. If your phone still doesn’t offer that option, tap or tap-and-hold on the voicemail and look for pop-up options like Save or Save to Phone.

My preference is to email the audio message as an attachment. Creating an email is an easily-saved item, but also, the attachment is usually a universal MP3 file, which can later be downloaded, saved to a computer, backed up to another drive or shared with any other computer user.

Safeguarding a voicemail sent to a landline is a different ball of wax. Every telephone company is different from the next. Comcast, for example, allows for voicemail web access if you are an Xfinity Voice customer, and you can download/save voicemail files from their website. Shentel, on the other hand, offers no voicemail backup tools. If this becomes important to you, contact your specific provider to ask what is possible with their phone service.

« Older posts

© 2021 BlueScreen Computer

Theme by Anders NorenUp ↑