Skip to content

Last Night’s Teleseminar

Thursday, January 17, 2008

The teleseminar with Willie Crawford went, in my opinion, quite well. We covered a lot of ground and discussed a lot of things.

If you weren’t able to attend the teleseminar live, I’m working with Willie to make the recording available.

If you have already subscribed to my blog announcement list, you received a link to the “Resources” page that was given out on the call last night, even if you did not attend. You can review the rough outline of things we discussed, view a video about a “footprint” that WordPress leaves that makes it easy for miscreants to determine your version of WordPress (and what to do about it), along with a few other recommendations.

If you haven’t subscribed, don’t wait. I like to reward those who allow me to occupy precious space in their Inbox with occasion free “extras”. Subscribers also get the best available discount on new products for 24 hours when they are launched.

To subscribe, simply fill out the form at the top left of the main blog page, then confirm your request by clicking on the link in the email you’ll receive. If you don’t see the sign up form, click on the big banner at the top of this page; it will take you to the main blog page, where you will see the form.

Thanks for listening,
Tom

Filed in News | Comments (0)

Free Computer Security Teleseminar With Willie Crawford — TODAY!

Wednesday, January 16, 2008

Willie Crawford will be interviewing me TODAY (Wednesday, January 16, 2007) at 5:00 PM Eastern Standard Time. The topic will be computer and website security.

This is a free call (long distance charges apply); we are not charging for access to the call.

To register and get the call details, go to the following link:

http://therealsecrets.com/ComputerSecurity/.

Hope to be talking to you in a few hours.

Thanks for listening,
Tom

Filed in News | Comments (0)

Possible Fraud Alert: DomainRenewalOnline

Tuesday, October 23, 2007

I just received an email which has to be one of the more insidious scam attempts I’ve seen in a while. I’m talking it about it here in hopes that it might save somebody from making a potentially costly mistake.

The email told me that one of my domains was about to expire (which it is) and gave me a link to click on to renew it. There’s just one problem: the domain is registered at 1and1 and is set to automatically renew, so I instantly suspected a scam attempt.

I looked at the email and noticed that it contained a link to a place called DomainRenewalOnline dot com (WARNING! DO NOT VISIT THAT SITE!). Thankfully (just a few minutes after I received this email) the website is not available (and I hope it stays this way). Nevertheless, this was more than enough to convince me that this email was simply an attempt to trick me into doing something I don’t really want to do — and it got reported as both spam and as a phishing attempt to Google.

So what was the email all about? Without visiting the site I can only speculate, but having seen lots of this in the past, my speculation is at least somewhat accurate:

* They want me to transfer my domain to their registration service, which probably costs a lot more than what I pay at 1and1 (current prices are about $6 per year for a .com domain).

* They wanted to steal my domain name (possibly while taking my renewal money) so that they could try to sell it or use it host malware and infect any visitors to that website.

* They simply wanted my credit card information so that they could steal my identity.

* Some (or all) of the above.

Lessons to be taken from this:

1. NEVER click on a link in an email you were not expecting. EVER. And while it didn’t apply here, NEVER open an attachment that you weren’t expecting, even if you think you know the sender (their computer could be infected with malware or somebody could have forged their email address).

2. KNOW your business. In this case, I knew that my domains were registered at 1and1 so this email immediately looked suspicious.

3. Don’t believe anything you read in an email. Anybody can (and will) send you email, so always verify — via reliable sources (and most definitely not some stranger’s site on the Internet!) — anything you read in an email.

Thanks for listening,
Tom

P.S. — OK, what’s fair is fair… If you don’t know me, why should you believe me about DomainRenewalOnline? You are right to be skeptical, but keep in mind that I’m not asking you to take any positive action; I’m suggesting that you simply avoid this outfit based on what I, a certified computer security professional, observed and analyzed. In this case, the right thing to do would be to talk to your domain registrar and verify that your domain names are “good”. And I hope that by giving you good, solid suggestions on this website that you’ll slowly come to trust what I say. I need to earn your trust and I thank you for every opportunity you give me to do that.

Filed in Fraud Alerts | Comments (0)

A Laptop Computer Can Protect Your Business

Friday, October 12, 2007

Do you work from your home or have a home office? If the answer is “yes”, then here is one way that you can plan and prepare for emergency situations.

Buy a laptop computer. When disaster strikes, it is much easier to grab a laptop computer and run than it is to grab a desktop computer and, well, walk slowly…

Is it foolproof? No. If there is a sudden flood or fire in your home and you have to choose between saving your computer and saving yourself and your family, people ALWAYS come first. However, if you have advance warning — say a hurricane or typhoon is headed your way — or you find yourself without power for several days, using a laptop instead of a desktop computer means that you can simply pack up your laptop and drive to a safer place that has the support structure you need (electricity, network connectivity, phones, etc.).

You also have the added benefit of being able to take your computer with you when you choose to travel.

This “plan” is not foolproof and complete because there are other issues that still need to be addressed, such as laptop security and using public networks, and we’ll talk about them as time goes on. But for now, the next time your life cycle replacement plan calls for new computers, consider making it a laptop instead of a desktop.

Thanks for listening,
Tom

Filed in tips | Comments (0)

Cyber Security Awareness Month

Friday, September 28, 2007

October is Cyber Security Awareness Month and I’ve chosen this month to kick-start this blog. The National Cyber Security Division (NCSD) of the Department of Homeland Security (DHS) joins with the National Cyber Security Alliance (NCSA), the Multi-State Information Sharing and Analysis Center (MS-ISAC) and other partners to help educate “the American public, businesses, schools and government agencies about ways to secure their part of cyber space, computers and our nation’s critical infrastructure.”

My goal is to help home office and small-small businesses protect the asset they’ve worked hard to build and I’m glad to do my part to help educate and raise awareness, not only during October, but throughout the year. This year’s theme is, “Protect Yourself Before You Connect Yourself” and I’ll be passing along tips that can help you protect your business when you connect to the Internet.

Please check back soon; October is just around the corner, and although the tips I’ll be posting are simple and easy to implement, they could very well be the factor that ensures the continued existence of your business.

Thanks for listening,
Tom

Filed in tips | Comments (0)

Who Is Protecting Your Business?

Friday, March 16, 2007

I’m a certified computer security professional.

Will you hire me to be your housecleaner? Your cook? Your gardener?

Do you want me to rebuild the engine in your car?

No, you want me to give you ideas on how to protect your business.

Computer security.

Physical security.

Risk Management and Mitigation.

Things like that.

When you need help protecting the things you’ve worked hard to build, come to me. Come here. Don’t go to a website you see advertised in a popup or in a spam email. Don’t listen to someone or something you heard on a forum.

You can come to me and get information from a professional — or you can go somewhere else and get an uninformed opinion, then come here later after you’ve wasted time, money, and energy on the “opinion”.

You can pay attention to me now, or you can pay — and then pay attention to me later.

I want to help. Will you let me?

Thanks for listening,

Tom

Filed in Uncategorized | Comments (0)