The ‘SMS As A Recovery Option For Any Of Your Online Accounts Is A Bad Idea’ Viral Post

There is a popular post on FB making the rounds regarding a Mr. Ian Caballero and his recent unfortunate incident with Globe Telecoms. To summarize, his postpaid Globe SIM was replaced (copied) without his authorization. The only time you would usually allow this is when you lose your SIM or it is unusable for some reason.

To make matters worse his mobile number is used as a factor for recovering passwords to his email accounts which he in turn uses to do his banking with. These were quickly taken advantage of as he received a notice from his bank that a fund transfer occurred sending money from his account to another bank for P48,000.00.

sms

Suffice to say, Mr. Caballero was having a really really REALLY bad day.

Continue reading “The ‘SMS As A Recovery Option For Any Of Your Online Accounts Is A Bad Idea’ Viral Post”

How To Detect A Phish

Yesterday I received this email supposedly from Godaddy, a domain registrar I occasionally use.godaddy0It says ‘Your account contains more than 3259 directories and may pose a potential performance risk to the server. Please reduce the number of directories for your account to prevent possible account deactivation’.

It is followed by a convenient link to where I should login and fix the issue.

Continue reading “How To Detect A Phish”

RRW’s Heartbleed Defense

To say that the Heartbleed issue has shaken me up is an understatement. It is in fact so serious so as to make me start questioning the open source model of trust and distribution per se even if I have been a great believer since I’ve learned of it – but that is a topic for another post.

Today I just wanted to share Readwrite.com’s excellent post about Heartbleed, where they have excellent tips such as:

Step 1: Make A List Of Important Sites And Accounts
Step 2: Check Which Apps or Sites Are Vulnerable To Heartbleed
Step 3: Change Your Passwords

Continue reading “RRW’s Heartbleed Defense”