Answers...

to commonly asked questions.

keystroke loggers and Apple IDs

Greetings from Dallas, TX!

I have 2 questions for you.

My questions are:

1). Can the new bad software which has been written about concerning
Expedia.com and other travel websites where they troll your keystrokes, can that software get into our Mac from my visiting their site and using a credit card on their site? Or are only PC’s vulnerable? I did not give them any passwords, but i did input my credit card # on their site. Then i cancelled my transaction entirely. I have used Expedia before without a problem but Dan just alerted me to this latest problem reported about them.

2). I went to try to install the new Mojave upgrades and it asked me for my pw which i don’t remember doing for other upgrades. So i cancelled out of it. Is is ok to provide Apple with my pw to install Mojave?
___________


In general, the only way keystroke loggers can be installed on your computer is by the software tricking you into actually granting admin permission. In other words, you install it yourself by typing in your admin password. The main thing to look for when transacting on the internet is the small lock in the URL bar at the top. If you are on a site that starts with https:// then your information is encrypted and secure however, if you are on a site that starts with http:// without the "s", then that site is vunerable to malicious activity. Do not ever enter information into a site that is not https://.

More likely than expedia being a vulnerability is the possibility that people are going to a site that is similar in design and spelling in hopes that people will be tricked into entering information. For instance, you'll find great recipes at foodnetwork.com but malware at fodnetwork.com. You'll find the paper of record at nytimes.com but malware at nyytimes.com. You can track your packages at ups.com but never enter any information at upss.com. These are just a few examples of what's lurking out there waiting for us. Whether you're using a mac or a pc is irrelevant. It's our willingness to let our guard down is what's more important.

Second question…It is safe to proved Apple with your pw to install Mojave. To make sure you are talking to the real Apple, you can access the updates by going to the black apple in the top left corner, select App Store. The App Store will open and there you will see updates on the right side of the bar at the top of the application. Apple will ask for your AppleID in order to start the downloads. This is safe.

If you ever need remote assistance you can always schedule online via my site just as if you live in the Charlotte area. I just show up on your computer instead of at your door. Have a good day.
This image is a theme.plist hack