Answers...

to commonly asked questions.

scams

This is a SCAM! DO NOT CALL THESE PEOPLE!!!

Sorry to bother but I did not order this do you think scam or should I call?

Screenshot 2024-01-31 at 5.17.10 PM
___________


Garbage. It’s bait to get you to call them so they can scam you. DO NOT call that number. Better thing to do is to monitor your bank transactions carefully (ALWAYS) and if you did see anything unexplainable, contact the bank to have them cancel or refund any payments you did not authorize.

That is unlikely what is happening in this example however. This particular example is designed to scare you into thinking you’ve paid something so that you’d be more likely to call them. Once they have you on the phone, you are as good as gone. They are extremely convincing by lying.

Are these notifications as sam?

Is this real or a scam? What should I do?

Screenshot 2023-12-22 at 3.22.45 PM
___________

No. This is a scam. Do not engage in this. It is simply a notification that you have accidentally allowed by having visited a garbage website. While on that website, you were asked if you'd like to allow notifications. You accidentally said yes. Here's how to get rid of it.

Open Safari, go to Settings. Select Websites. Select Notifications. Select any/all the sites listed one by one and remove them from the list.

As seen in the example below.




Quit Safari and restart. That should do it.

What antivirus software do you recommend?

Scotty, what antivirus company to you recommend? Purchased one last year, trying to figure which company, think I took your recommendation…. Thanks Rhonda Gibbons
I do have TunnelBear, do I need more? Should I have in my phone, iPad too, etc? Thanks
___________

TunnelBear is a VPN which is a very good tool to have when traveling while using internet or simply keeping yourself private as you use the internet even in your home. Having a VPN is a wonderful tool.

As for "antivirus" software, I do not recommend any personally. The LARGE MAJORITY of problem I encounter on people's computers are self inflicted, meaning people install garbage software on their own. Antivirus software would not stop you from doing that. Think of antivirus software like locks on your door. If you have 10 super secure locks on your front door, good for you, but if someone knocks on your door and you unlock it and trust that they are who they say they are, but turn out to be bad, those locks didn't help you.

The Mac is a very secure platform and iPhones and iPads are even more secure than Macs. Yes, there are vulnerabilities but Apple is constantly blocking holes and updating security measures. The best antivirus is the user's strong hesitancy to not type their password in when they don't know why they're being prompted to do so. Just hit cancel. If it continues to pop up, you'll soon realize what is cause the password request. Antivirus software will not improve one's judgement. And that's just about the only way the Mac can be affected. If you participate in installing garbage software yourself. There is much more detail and nuance in this topic but I'll leave it at that. I'm not a fan of antivirus software.

Take a look at the scams section of my answers area on my site. None of those scams would have been prevented if the user had been running antivirus. Harm is caused by the bad guys socially engineering their way into your life by convincing you to let your guard down. Clicking a link that was texted to you from supposedly Amazon saying they're having trouble delivering your package. An email saying your bank account has been locked due to fraudulent activity. "Just click here to resolve it.". No, no no. Antivirus wouldn't help you.

Paying for antivirus software is essentially paying someone to guard your house against a Viking attack.

Scotty, help I've been hacked!!

Scotty, I've been hacked!

IMG_9503, i
___________

Please don't fall for this. It's only a website as you can see in the URL bar at the bottom. Bad guys just take screenshots of icons you're used to seeing and lying to you to get you to think something terrible has happened. Keep in mind, the only way you can get an app onto your phone is through the Apple App Store. You can not go to a webpage and get an app. Apple has created what is called a "closed garden" to keep total control of what goes on your device. We trade less choice for stronger security. The iPhone and Mac are safe devices. Humans are the weak point, not the devices. We are tricked into entering information when we shouldn't be. If you're ever worried, sent me a screenshot.

This is not true. Don't fall for this.

All this is is a website. None of this is true. Please do not interact with this. Just type in some other website and be on your way.


Your iPhone Has Been Compromised

It's not legit. it's a scam.

I was notified by my accountant that someone in California had filed for a tax refund using my name and social security number. Please let me know your suggestions on things I should be doing to make my information more secure and any other suggestions you have.


.

___________

In what way were you “notified” of this supposed tax comment? As for the other text alert “BOFA”, that is pure scam. That has been a very common issue lately. I got one myself today in the form of the exact same type of text notifying me that my Netflix account had been cancelled and I should re log in to address it. All they want is for you to click the link they provide and trick you into entering your information. Clicking the link doesn’t hurt you. It’s falling for their story once you’re there. If you ever feel something may be legitimate, don’t use any link someone sends. Go to the website manually yourself by typing it in using a web browser. However, 9/10 times it’s just a scam. This doesn’t mean your info has been compromised. It just means they’re texting or emailing you along with thousands of other people.

Did I just expose my data?

Scotty - afternoon. I was expecting a package delivery today and was in a mtg and I opened a text with a link to an Arabic language site. Is there anything I need to do? I quickly shut off the phone and rebooted.

Thanks

___________

I think you’re most likely fine. Usually, just clicking the link will not cause you harm. It’s more about the NEXT steps you take like being tricked into entering personal information within that particular website. I suspect you’re ok.

Scammers are everywhere.

Scams are getting more and more elaborate. Every day it seems I'm being contacted by someone that has had their personal info compromised. These bad guys are getting very good at working around your security. The good news is that so far, two factor authentication seems to be holding them at bay. Two factor authentication requires that a code be sent to another registered device or email account that would be required to to authenticate yourself. The issue here becomes, if they have access to that email account already, you're behind the eight ball. Make absolutely sure you have two factor authentication turned on to prevent future invasions like this. Never join open wifi networks that do not require a password. If you have other accounts that contained the exact same password as your compromised password like ATT, Facebook, your power bill, Amazon, etc… change those immediately as well.

Stop using the same password for multiple accounts. Start thinking about your passwords being phrases instead of words. For example: don't use "Tarheels72". Do use: "Igraduatedfromuncin72withA+"

If they are able to get one of your accounts username and password combination, they will try that combination with multiple accounts. Eventually they'll get into one then change all your security questions and recovery email addresses which will then lock you out of your own accounts. Two factor authentication helps prevent this.

I recently worked with a company who uses standard emails like info@companyxyz.com or warehouse@companyxyz.com and the bad guys were able to break into those. From there, they extracted their contact lists and began emailing all their clients saying they were due a refund. The link they provided went to a fake website designed to look like a login for Shopify. This particular bad guy was able to continue buying new domain names to direct traffic to in order to stay ahead of the other domain registrars that were shutting him/her down.

These fake emails are designed to sound serious in order to get your attention. For example:
"There was a problem processing your ATT payment."
"You overpaid on your last invoice and are due a credit"
"Thank you for your payment to Apple, click here for your free AirPods"

I see very intelligent clients panic, interact with these fishing schemes and then are lead farther down their confusing rabbit hole. They design their conversations with you to scare, intimidate, and confuse you. Do not call any numbers you are presented. If you are concerned with something, look the actual phone number of that particular company yourself. Or type in the website yourself. Don't trust the link to take you. Hint: If you hover a link, it will reveal the actual URL you're being directed to without clicking on it.

I realize I may sound like a broken record here. Just keep your guard up. Don't always trust what you read. Use complicated passwords. Do not join open wifi networks. If in doubt, feel free to forward any email to me or take a screenshot of whatever you may find suspicious.

What is this about?

Why am I getting this?


___________

This is fake. It’s defined to try to get you to call that number so they can trick you into giving up your credit card or bank info. Just delete this.

Continue to beware of scams

please continue to be cautious with all the different scams out there. Unfortunately I deal with a few clients each week that have fallen victim to the (very advanced and convincing) trickery out there. From a website trying to convince you to install what they call “flash” to someone telling you they have your password and you must pay them etc…. Then there’s the old “you will be receiving a delivery mistakenly sent to you this week. Please send it back to the address provided.” Many of these are easy to spot but some are extremely convincing to people who may not be expecting it.
So here are a few tips to stay safe:
  • Never enter your computer’s password if prompted unless you understand why you’re doing it.
  • Never join open non-password protected wifi networks when traveling.
  • Check your bank statement regularly and be able to explain any transactions (even very small ones) to yourself. This is especially important when considering subscriptions of any kind.
  • If you feel something is actually legitimate and you are concerned, get a case number then call the company back yourself.
If you do feel something is fishy, please feel free to either forward to me the email or take a screenshot (command+shift+4 then drag around the area) of whatever you’re concerned then send it to me via email. I’ll try to answer you back within 24 hours. You can also check the answers section of my website where I chronicle many of the schemes going these days. I have an area dedicated to exactly this topic.

Was it actually Apple that called me?

I got a phone call from someone identifying themselves as a representative of Apple security. He told me that my iCloud account had been compromised. He said that there were too many logins. Then he said that the attempted log ins had come from various parts of the country. He then offered to switch me to the Apple security division and they would try to get the problem straightened out.

I declined and said that I would work on it myself. I hardly had that out of my mouth before I heard him hang up.

I think it unlikely that Apple would call me individually, and I found no message on the computer when I checked later in the evening.

Does this sound like a scam? Any other reports like this?
___________


Yes. Very likely a scam. I do hear a lot of this type thing. Glad you didn’t interact with them.

Someone's trying to access my Facebook account.

We reset my email password but I'm still getting requests to change my password for Facebook.




___________

The good news here is that we have reset your password to your RR account so we’ve ensured that any bad guy does not have access to your RR account and therefore has not gotten this reset code. Consider the French email, a knock at the door but you are not answering. I could request a password reset to any Facebook account in the world. That’s easy to do. Just go to Facebook and try to log in with someone else’s email account then send a password reset. Anyone in the world can do that. The good news here is that they have no way of receiving it now since we’ve secured that rr account.

So at this point, I would not worry about it too much. Continue to forward any suspicious emails to me in the future.

Is my AppleID really locked?

I got this message 2 days ago. It worries me.  I don't want to give any info to the wrong people, and I can't imagine what the security problem would be.
___________


Screen Shot 2020-05-19 at 11.33.52 AM

This message is total garbage. Just someone fishing for innocent people to be tricked into clicking the link then entering their info. The two dead giveaways are the sending email is garbage and that the link you’d go to is also garbage. Nothing to be concerned about. Unfortunately, I have many clients who get the same fishing scams daily. Just mark it as junk and move on.

Don't fall for the Adobe update scam PLEASE!

Just ran across a particularly bad piece of malware this week. Catalina now warns that you may have bad software on your machine but doesn't do anything to help you remove it. You may have seen the "xsoftware" will damage your computer and should be removed". Then you're presented with the choice to show in finder or cancel. Problem is, when you choose to show in finder, nothing happens.

Publicadvisesearchdaemon and Techfunctionsearchdaemon are two very evil pieces of malware that go beyond the usual folders. Normally, you can find the malware in login items, LauchAgents, and LaunchDaemons as well as within the Frameworks and Application support folders of both the main library and the hidden user's library. You clean those out and you're good to go. These two devils however went much further than I normally see.

Screen Shot 2020-05-11 at 8.01.57 PM

This bad guy adjusted the network settings, set a proxy for outgoing traffic, enabled root, then placed files inside root. This was a masterpiece of malware. I have to give them credit. All they needed to do was trick the user into typing their password.

DO NOT fall the for the Adobe flash player update scam. In fact, never type in your admin password if you don't really know why you're typing it. Computers are secure. Humans are not. Lots of damage can be done to your life if you grant permission for it to happen. Typing in your computer's password allows anything to happen on your computer. You don't really need virus protection. You just need to stop typing your computer's password in.

App Store scam

Does this look legit to you? "Your receipt has ready on attachment" sounds awkward to me and when you click on the info sheet, it requests your Social Security number (not just the last 4 numbers).

If it isn’t legit, I should probably change my password to be on the safe side. Is that hard to do?


Screen Shot 2020-04-19 at 7.20.37 PM

Screen Shot 2020-04-19 at 7.21.42 PM

___________

Yes. Good eye. This is a total scam. Several things give it away. The award grammatical errors, the bogus links, the obvious fact that a pool app wouldn't cost $30, and so on. It's designed to try to entice you into clicking their link out of caution to resolve the potential charge. None of this is true. All fake. No need to change your appleID password at all. They don't have access to your account. I seem to recall you have 2 factor authentication turned on as well which makes any account secure unless the thief has stolen one of your devices physically.

If you still want to reset your AppleID password, you can always do so at appleid.apple.com but keep in mind you may have to re-enter it on several devices after changed. I would not bother with it based on this.

Extortion Scam example. Don't fall for this.

Below is a sample email many clients I work with are receiving. (Warning: offensive material) These are scam emails designed to scare you into interacting with the sender in order for them to extort you for money. The really evil thing about this new scam is that they will state your password in the email. In the example below I have removed that information to keep it private. But in almost every case, the user's password is a simple word in the dictionary, or a word followed by a few numbers. The bad guys can often brute force someone's account to discover the password to that account. They then use a template to send an email stating that password. It scares people to death. They will then follow up with several more vulgar emails demanding that you pay them. These are all garbage. DO NOT send these people money. DO NOT call them. DO NOT interact with them.

It is terrible that other humans are such evil people. They prey on the fears of others. Such is the way of the world I guess. If you ever feel you are being scammed, just forward any email to me and I'll be happy to take a look at it. You can also always take a screenshot of anything you see suspicious and send that to me and I'll check it out as well. Please don't fall for these scams. They are designed to scare you into submitting to them. It's very easy to guess a simple password. Modern software tools can crack a simple word password under the right circumstances in a matter of hours.

Is someone spying on me?

Hi, Scotty. This is Leigh Falkner. I hope you are well. I need some help ASAP. I just got an email which listed my correct password and blackmail details requesting $2000 bitcoin or some pornographic footage of me would be released. I think it is my Facebook account which frankly I’d like to close entirely. There is no such footage to my knowledge but I need your advice and help changing all passwords. Help!
___________


I’ve seen this same scam many times. They’ll tap into some site’s password database or could have pulled any passwords while you may have been on an open wifi network, then proceed to try to blackmail people. Best to just change all passwords to important sites/accounts to a secure password. Capital, lowercase, number, special character. This will prevent someone from brute forcing the password.

It's dangerous to go alone...

So this just came in to me today. An email suggesting that I update Adobe Flash. It's. Critical update…


Screen Shot 2020-02-14 at 8.08.26 AM

On the surface it looks legit but no no no! Let's take a minute to see ways we can spot this terrible scam.
By hovering over the incoming address and clicking the right corner of the email address, you will see the actual email address. Not just the name associated with it. In this case, there are two s's in the name. Adobe would not send from this address..



Moving on, you see the very inviting download button but by hovering over the link it will reveal the actual link you would be going to. Notice the spelling here. .gq would not be an Adobe URL.



But let's say you even go so far as to click that link. What happens next?

Screen Shot 2020-02-14 at 8.10.17 AM

It takes you to another very convincing site that looks exactly like something you would really see if you were updating Flash by Adobe. But look closer. The URL at the top bar is some garbage link. This is all baiting you in. They've stolen the logos and design from Adobe's site and made their own scam site in hopes that you'll click the next download button. So what if you did click that?



If you're running the latest version of macOS Catalina, you'd see this new window. It's your computer telling you something is about to download. In this case "mysslgo.com" is pure garbage. If you don't know what it is, don't allow it. That's the general rule we should all be following. But what if you do allow it?



You'd then see a file in your downloads with some bogus name like the one above. The good news here is that nothing bad has really happened to you yet. But you're very very close to the Sun right now. If you've fallen this far, there's a good chance you'll just keep going. Eventually you're computer will try to stop you once again by asking you, the boss, to allow this terrible thing by entering your admin password. The bad guys can't install anything on your computer without you granting permission. The whole scam is to convince you that this install really needs to happen. The fact that the bad guys use the word "flash" is beside the point. They are only using that word because they know we've become conditioned over the last several years to updating flash. (Side note: Adobe is no longer supporting actual Flash updates and it will be phased completely out of browsers this year). They could use any word like firewall, security, open port, dark web, or anything else to try to frighten you into interacting with their links. If you are ever in doubt, simply take a screenshot (command+shift+4) then drag over the area you'd like to capture. Send that screenshot to me and I'll give you my thoughts. 9/10 times it's fake.

You are your best defense. Don't type in your admin password unless you have a good reason to do so.

Can you recommend a printer?

Do you have a particular printer you like?
___________

All printers are terrible. Let's get that out of the way first. Secondly, if I am being forced to buy a printer (under protest) then I'm going to get an HP Officejet 6000-8000 series. Anything in that range is adequate.

DO NOT enroll in HP's "insta-ink" scheme. Its basically a dirty subscription service that has treated it's customers so badly, I'm just about ready to hire monks to chisel my documents out in stone instead of print.

I agree with these guys:
https://www.youtube.com/watch?v=_S2lYXf-uu0

Another email account compromised.

Hey Scottie. We are getting these odd e mails that are not coming from us. They are also being sent to several clients. Can you help us or give advice? Thank you

Thanks for your response.  Employer and I have been in the mountains all day so I am going to try this first thing in the morning.  Also troubling is it is not letting me send out emails from my email, hence this email from my friend's account.  If you have any tips on that let me know.  Do you think the hacker changed my password?
___________


In this case, the new sender has been adding an attachment to your email with a password. I opened it and it contains a few garbage installers pretending to be flash or vlc. Of course you should not open them or install them.


Then leads to…



This is all fake. Do not interact with it. Viewing the header information will help to discover possible clues as to where this email is originating from. Change your email password immediately.

Have I been hacked while in Mexico?

Hi Scotty,
I’m in Mexico and back in Clt Friday night. I was on my iPhone this Monday connected to the hotel Wi-Fi when suddenly everything in my email hotmail inbox disappeared on my iPhone. I checked the iPad I’m using now and same thing-all gone. I checked my computer and everything is still there but the computer was never connected to the Wi-Fi. I’m terrified of connecting it here or when I get back to Charlotte, as I believe everything will disappear on it too. (My devices are all linked.)
Do you have any idea what could be going on? Do you think I could’ve been hacked?
I’m leaving Monday for New York. Do you work on Saturday and if so can I schedule a session? Alternatively we can try a remote session from New York on the 20th/21st.

___________

I am available remotely throughout the weekend if needed. You can schedule via the usual web link below. If your email was compromised and email was deleted then there are a couple things we can try.

1. Using a computer that has not been brought back online yet, turn off wifi, open mail, save all mail. As soon as the email client syncs to the web, that email would disappear.
2. Use time machine to recover your old email.

Regardless, you should look to change your email password ASAP.

You can also check via hotmail.com directly to see if it’s just a weird temporary problem. But given the fact that you are traveling abroad, there’s a very good chance that someone has gained access to your account. I see this all the time unfortunately. Happy to help any way I can.

Is this AppleID message a scam?

Is this legit?  I have not done anything using my apple ID in weeks.
___________


Yes, This is a total scam. Glad you forwarded it. Here are a couple ways to tell:
The email address is not a valid @apple.com address.
2. When you hover over the either of the links provided it will reveal where you would ACTUALLY be going. The good news is that even if you click the link, you've still not done any damage until you actually interact with the web page. (Like being tricked into putting your password in)
. The other good news is that sites like the ones linked in this email usually only last for a few hours before they are taken down. Always continue to be cautious and forward suspicious info to me anytime.


DoI have a trojan virus?

My Mac is saying we have a “Trojan” virus !!
Can you help
I cannot use my computer!


.
___________

I’d be happy to assist. Force quit your browser then restart your browser while holding down the shift key. If that does not help You can schedule a session online via my website for further assistance. www.sellsconsulting.com

Okay it worked but what is Trojan
And should I have you come out to put some protective software in??


What you saw was a scam ad that runs via javascript to make it seem like they have control of your computer.  People do accidentally install garbage software onto their computers.  The most important thing is to not give anyone money or call any numbers.  You can schedule me at some time to insure you’ve not installed anything malicious.  You don’t need anti virus. Just never enter your computer’s password without understanding your reason for doing so.

Using words to scare you into subscribing to useless services

Thoughts? I’ll plan on starting on this sometime this week unless I hear otherwise from you.


___________

I do not like associating to these types of services. So many companies have discovered that they can offer seemingly helpful services to its customers via SUBSCRIPTION and they make so much more money. They're stockholders (Allstate) are happy and customers are basically paying for a meaningless service that only makes them feel better.

Here's a better way to keep yourself safe:

1. Monitor your bank/credit card statements every month and account for every small charge ($5, $3, $2 etc…) Dumb bad guys steal a lot from you one time. Smart bad guys steal a little from you every month.

2. Do not join open wifi networks. Example: Airports, Restaurants, Coffee shops, Hospitals. If the network does not require a password, don't join it.

3. Make your passwords something other than a word that could be found in the dictionary followed by up to 4 numbers. Ex: "monkey1968" is not a good password.

These companies use words that normal consumers can't define as a scare tactic to get you to subscribe to their service. I hate seeing this very much as I feel that people are being taken advantage of. In the example above they are saying "dark web". Yes there is an area of the internet called dark web and yes there is tons of information out there. But here's the truth. Your information along with just about every other person's on the planet is already there and bad guys got it a long time ago. In this case they are saying that your gmail account is compromised. Google protects its accounts against brute force attacks so its security is pretty strong. The issue is always the human. In other words, you could put all the locks on your door you want to, but if I convince you to unlock them to let me in, then the locks mean nothing. This is to say you could buy all the "protection" services you want but if you join an open network or install something on your computer yourself, then that service means nothing.

Is this true?

Seen this before, Scotty?

Screen Shot 2019-10-02 at 7.05.26 AM

__________

Straight up total garbage. Do not interact with this.

CC Cleaner Free legit? No!!!

CC Cleaner free???

Scotty, I just noticed that I have an icon for the software listed above (shows a broom superimposed on a large red C). It indicates that it replaces an earlier version (1.14.something). Any ideas on whether it is legit? In addition, some download called CCMacSetup. These appeared this am when I started up my computer after shutting it down from last night. Thanks



___________


No! "CC Cleaner" is not software you want to have on your system. Things like this usually lead to other problems including false advertising, take over of ads on websites, false alarms that you have some problem and need to call some number. No No No. I can't tell you how many clients I deal with accidentally fall victim to these fake "cleaning" programs.

The Scams Continue. Don't fall for them!

  I continue to work with people who are falling victim to scams they accidentally come across on the internet.  A couple weeks ago I sent out a heads up to everyone warning to be very careful when visiting websites or clicking links in email.  There are many fake ads out there that appear to be very convincing.  These will often tell you something is wrong with your account and that you should call them or that your credit cards have been compromised and the only way to restore your security is to interact with them.  None of this is real!  You may be saying to yourself, “I never fall for that stuff.  Who would be such a sucker?”  But more and more I am working with highly intelligent clients who are becoming victims to these strategies.  There are many reasons that could result in letting one's guard down.  It’s easy to become flustered or overwhelmed in the moment if you think something may have happened to your accounts.  These scammers are using that sense of panic and confusion to get you to make bad decisions.  Several times I’ve seen clients pay these scammers with gift cards or check routing numbers.  They will allow the scammer to remote in to their computer and cause more havoc.  It could also be as simple as your child clicking things and entering your password.  
Another strategy they’re using is to get you to install software they can use against you.  This can look innocent.  An ad claiming that you need to update
Flash or some other software.  Then you type your admin password in and the next thing you know, you’ve installed their garbage software.  
Here are a few general rules to follow:
FYI:
enter your admin password unless you have a good reason to do so.  
Do not
  • allow someone you don’t know to remote in to your computer.
    Do not
  • legitimate company allows payment of any kind via gift cards.
    No
  • use non password protected wifi networks.
    Do not
  • call a number you see on a webpage that is warning you that something bad has happened to your accounts.  If you are concerned, call your bank directly.
    Do not
  • strong passwords, not a word that can be found in the dictionary followed by numbers.  Tarheels1 or Rolltide are not good passwords.
    Do use
  • and account for every small charge you see monthly.  A dumb thief will try to steal a large amount all at one time.  A smart thief will steal a small amount from lots of people hoping no one will notice.  
    Monitor your bank accounts
  • A couple other scams of note not related to internet use:
    Inspect the credit card slot at Gas stations or ATMs before you insert the card.  Bad guys will sometimes place false card readers that fit over the actual card reader just so they can harvest card numbers.
    Once a bad guy has your card number a new scam they’re running is to order things using your address and info and have it shipped to you.  You realize it’s fraud and cancel the card.  About a week later you receive the item you didn’t order.  Within a day or so you also receive a letter apologizing for the mistake and a shipping label to return the package.  Actually, that shipping label or return address is going to the original bad guy that ordered the item in the first place.  Basically, they’re using you to launder stolen items.  Of course the bank will probably credit your account back of the fraudulent charges so you’re not really hurt so badly in the process but getting a new card is always a drag.  The proper thing to do is write “refused, did not order” on the package and return it directly to the post office.  Do not ship it back using some address that was mailed to you separately.  
    If you feel you may have installed any malicious software accidentally or would just like a security checkup with all your devices, you can schedule a session directly on my website at www.sellsconsulting.com.  I also work with people outside the Charlotte area remotely so if you have a relative who you think may have or could fall victim but they don’t live in the Charlotte area, I can help there as well.  
    New clients
    mentioning your name when scheduling now earn you a discount coupon for the next time you schedule!

    Don't fall for scams like this one!

    Bad guys are getting better and better at tricking people into giving up their personal information. Here's a very good one. It looks to be from AT&T but let's take a closer look…



    Even the usual first trick of looking to see who it's really from doesn't help. Notice the email legitimately does look to be from @att.com.



    But when you hover your mouse over the link they'd like you to click on, then you can start to see a little more suspicious clue…



    Notice the URL is misspelled? Now let's see where this takes us when we click on it…

    attscam

    The site looks legit but note the same misspelled URL in the bar. This site has been set up so that you'll be tricked into entering your username and password. The major lesson to be learned here is to not trust links provided in email. No matter how legit it looks. If you are actually concerned about an email you received, type the link to the website in manually. As we see in this example, clicking the link doesn't do anything harmful. It's what you do once you land on the site. If you are actually expecting an email from a friend or company…that may be a little safer. But if the email is random and asking you to go sign in somewhere…Sheilds up!

    Another scam caught by a smart user.

    Hi -

    This came through just now that is clearly not my charge - the originating email looks like a fake, but then it is copied to apple.com

    I don't want to respond because I think its fake, but wanted to get your take 1st.

    Thanks-
    Screen Shot 2019-02-18 at 10.21.24 PM

    ___________

    Yes, totally fake. Good catch. Reminder, you can always hover over the link in an email to reveal where it REALLY wants you to go.

    Scams Galore!

    There's a very big trend on the rise. More and more, clients are being tricked into giving up their own information. They think they're logging into a site they trust when they're actually handing over their private info. Here's a recent example of the bad guys strategy.

    You might receive an email that looks like it's from Apple pretending to want you to check your account.

    Screen Shot 2018-11-29 at 6.16.06 AM

    At first glance it looks like you're being charge for an App. That's designed to get you to let your guard down and click the link. It looks like they're trying to "help" you. No!

    If you click the right side of the email address in the From field, it will reveal who the email is REALLY from:

    Screen Shot 2018-11-29 at 7.10.26 AM

    So you fall for it and click the link. It takes you to a site that looks like this:

    Screen Shot 2018-11-29 at 6.15.28 AM

    This looks exactly like the real front door to icloud.com. However if you look closer at the url bar at the top you can see it's not Apple. Someone has set up a page to look just like an Apple page with the hope that you'll enter your AppleID and password. They then have access to your account.

    The bottom line here is while clicking a link in an email by itself is not going to hurt you, it's what you do once that next site opens. Just don't click links from emails that you weren't expecting. If you are concerned about an email, just type the website in to a browser yourself. Don't trust that a link is taking you to the correct place.

    Have I been hacked?

    Is it possible my MacBook air is hacked? Two days in a row around the same time (6 a.m) my mouse was “taken over” meaning I couldn’t control it and immediately shut computer down, now I pulled up my mail and before it “straightened itself out” all my mail headers were in kyrillic (russian writing?) Otherwise it’s been operating normally
    ___________


    That does sound like odd behavior. One of the crucial factors here would be if you saw your mouse moving around on the screen and things being clicked as you watched. For a computer to be "taken over" that would insinuate that someone was controlling it remotely using a piece of software such as TeamViewer, AnyDesk, Zoom, or GoToMeeting. You would have also needed to grant permission for either of those in the past by having entered your computer's Admin password at some point then left elements of one of those applications running so someone could log in remotely. While I definitely have seen this behavior (just this week with another client) it is very rare that someone would get that far.

    As for the different language appearing, I don't have an explanation for that. One guess could be that there's a problem with the graphics card of the computer as it tries to display characters. (doubtful) Another guess is that there's a problem with the operating system causing the fonts or characters to display incorrectly. (also doubtful)

    The most interesting piece of evidence is the fact that it happens consistently at 6am. There are small programs or procedures that run on our computers called chronscripts. These procedures usually run when the computer is left open all night. These are healthy tasks a computer does in the background to keep our computers organized. Think of them as a background cleanup. They don't run during times when you're using your computer. It is possible one of these chronscripts is damaged and causing that behavior.

    I've given several explanations to things but to give you piece of mind I would be happy to address the issue remotely or in person. Most of the time, in my experience people feel they've been "hacked" or their privacy violated when often there's a different reason a certain behavior has occurred. However, that's not to say that this doesn't happen. I've seen it plenty for many many reasons. Just this week I worked with a client who was tricked into paying a very large amount of money ($2000) because they through they were talking with Apple support on the phone and the person thought their computer was locked and the only way to unlock it was to pay this person on the phone. It was only an ad on a webpage that got them to that point.

    Please let me know if you have any additional questions. You could also take a screenshot of the Russian language and share it with me. command+option+4 then drag a square around what you'd like to share. The screenshot will land on your desktop and you can email it.

    Don't fall for "official sounding" email scams

    Here's yet another example of a fishing scam email. Just because it has a company logo doesn't make it legitimate. If you are ever concerned about an email, be it amazon, PayPal, netflix, your bank, gmail, apple, facebook, etc… don't use the link provided. Go to the website yourself and type it in. If there's truly a problem with your account, you'll usually find it there. A very good indicator that something is not legitimate can be seen by clicking the right side (downward arrow) next to the email address in fhe "from" field. That reveals who actually sent the email. In this case, it's bogus. Another very good indicator is incorrect grammar and punctuation. As you can see in this example, it's full of it.

    Screen Shot 2018-01-23 at 7.02.36 AM

    Is this legit?

    Scotty. I got this email yesterday from Google. Looks legitimate… I just wanted to make sure it’s not phishing. I have not opened it yet.

    IMG_9871

    ___________



    There's no way for me to tell just by this screenshot alone. The best thing to do is to log into Gmail yourself by typing in gmail.com in your browser instead of using any link provided in an email. Then go to security settings. Fraudulent emails will always provide a dummy link sending you to a site that "looks" like where you think you're going but it's really a front to harvest email addresses and passwords. In general, don't click on links in emails. Type it in manually and you're safe.

    Do I have a virus?

    Am very worried about something I may have inadvertently done today to my Mac.
    I was looking for a new font to use on an email and clicked on something like “new fonts download” and before I knew it something called Wow is now my search engine instead of safari.
    We left today to go to Cashiers NC until Jan 3rd so I am away from my computer. Is this something I should be concerned about and is there anything I can do from here?
    ___________

    These days it's very easy to be tricked into downloading crapy software pretending to be something it isn't. The majority of these are looking to change your search engine into their own so they can sell advertising through it. Others pretend to be able to "fix" your mac after they have supposedly found 1000's of problems with it after running a scan. These are also frauds. While we should take these things seriously, if you're not using your computer at the moment, there's very little to worry about. We can clean it off when you return. Or we can also work remotely to solve it if you have taken the computer with you. Unfortunately this is very common these days. There will always be more than enough bad guys out there.

    Tricked, not hacked...

    Here's yet another example of the strategy bad guys use to trick you into giving up your username and password to any given service. Then they proceed to try that username and password on other services like Amazon, PayPal, random banking sites, eBay, and so on in hope that you use the same combination on multiple accounts.

    Common email received:
    Screen Shot 2017-01-15 at 6.26.54 PM

    Now click on the far right side of the email address to see who it's really from:
    Screen Shot 2017-01-15 at 6.26.08 PM

    Now hover your mouse over the link in the email to see where you are really being sent:
    Screen Shot 2017-01-15 at 6.24.04 PM

    So let's say you fall for it by clicking the link. What happens next? They take you to a page that looks exactly like eBay with one very important exception. It's not. Here's how to tell:
    Screen Shot 2017-01-15 at 6.23.51 PM

    Notice the URL address? That's not eBay. Moral of the story is don't trust the email links. If you feel it's really important, type the website address in yourself in your browser.

    Do NOT fall for THIS!!!

    With all the talk of getting "hacked" in the media these days I thought I would take a second to clarify what is really the most common occurance. Bad guys don't actually have to write super secret programs to get to your data. They just have to trick you into giving them what they want. So here's a very good example of how they fool us all:

    You get an email from Apple about problems with your ID.
    Screen Shot 2017-01-05 at 8.23.04 PM

    Sounds legit. Yep, come to think of it, I have had some problems lately. I better click that big blue link right there in the middle.

    STOP. Let's take a closer look at this email.
    Screen Shot 2017-01-05 at 8.23.30 PM

    If you click on the sender's email address, you'll get a better look at who is really sending it. In this case it's just some random @me.com email address. Needless to say, Apple's not going to send you an email from some guy's personal email account. But let's go a little further…
    Screen Shot 2017-01-05 at 8.23.16 PM
    There's a very useful feature in mail that allows you to see where a link is going before you click on it. Hover your mouse over any link and it will reveal the URL it's pointing to. In this case, it's not Apple. It's pointing to some random number IP address. So what started as a pretty convincing email, after looking a little closer we see it's a fishing scam. They're trying to get us to click that link. This is where you should just delete the email and move on. But let's say you didn't. Let's say you fell for the trap and you clicked the email anyway. What happens now…?

    It takes you here:
    Screen Shot 2017-01-05 at 8.24.15 PM

    "Scotty you were totally wrong! It took me to Apple.com to log into my account." Nope, look a little closer.

    While it looks exactly like Apple's ID page, check out the URL address in the menu bar at the top:
    Screen Shot 2017-01-05 at 8.40.46 PM

    You're about to give your AppleID and password to some guy in Uzbekistan and the first thing he's going to do is log into your account, change your security questions, wipe all your devices, change your password, harvest your email account for useful info so he can beg your close friends for money via email, sell your contacts to a spamming company, and maybe even take your hair appointment because he has your calendar also. Other than that, there's nothing to worry about.

    Long story short. don't worry about being "hacked". You're not going to get "hacked". Worry about why you're being asked for your email address and password. As you've seen here, clicking the link does nothing. it's the decisions you make once you land on that webpage that impact your digital life. That's it. Just because a page looks like you think it should, doesn't mean it's the real page. If you are in fact worried about an email you get and think it actually is real, simply type the web address in yourself.

    P.S. don't join open wifi networks that don't have passwords.

    Don't be scammed! There's nothing wrong with your Mac.

    Scotty,  been experiencing several problems including not interfacing with my printer.  Called Pixma to get them to reinstall software to fix and they said that that system has been compromised.  They further showed me that I have a virus in the name of Trojan Horse and that my network is corrupted by CSRSS.exe.  They suggested that they install, from their end, 'Network Shield' for $239 + tax for one year.    Can you advise , as they are sure that my personal data and financial info online is at the mercy of Hackers from Nigeria.  To date those have not been disturbed, to my knowledge.  I am wondering if I was talking to scammers. I used an 855 number on Pixma website.
    ___________


    Ok. Where to begin? Pixma is a model of Canon printers so calling any number associated to “Pixma” would possibly result in the scam you’ve happened upon. Do not, repeat DO NOT give your card to any online phone service claiming your computer has been hacked etc... That is 100% a scam. The fact that you may not be able to print to your printer is irrelevant to anything they can see as having been hacked or having a virus etc...

    Furthermore, CSRRS.exe would be an executable file that would ONLY run in windows as it is. Any file by that name would not run on your Mac. These type of companies: Tunemymac, Mackeeper, Network shield or whoever the people you spoke with, are all preying on mac users who may not know any better and would fall for any story they tell. It is a hoax. They will say anything to scare you.

    You most likely dialed a number advertised on the web as an advertisement claiming to be able to help your mac. I can not stress enough that your printer issues have nothing to do with anything these people you spoke with. I strongly suggest you do not give any personal information out. Instead, you can join me on my weekly town hall on Monday and we may be able to troubleshoot the printer issue remotely. If you’ve never used my free town hall meetings, you can check out what they’re like in the link at the top of this page marked “
    previous town halls”. No scams! Just free help.
    This image is a theme.plist hack