New Online Safety Lesson: Online Hate Crimes: Are you part of the solution or part of the problem?

March 21, 2012

The 14th installment in the lesson series I’m writing on behalf of iKeepSafe, looks at taking a stand against hate crimes and content groups on the internet.

The vast majority of people in every country oppose hate, hate groups, and hate crimes. Unfortunately however, the number of hate groups around the world is increasing. In the U.S. hate groups have surged by 54% since 2000 when there were 602 hate groups, to 1,018 official hate groups in 2011.

The rise in hate groups isn’t just an American problem; Germany, South Africa, France, Britain, and other countries also struggle with rapidly expanding numbers of hate groups.

To see and use this lesson, the companion presentation, professional development materials, and parent tips click here: Online Hate Crimes: Are you part of the solution or part of the problem?



Men More Reckless with Personal Information Online

February 22, 2012

There is still widespread naiveté about the value of personal information and the way data is aggregated according to a new survey by Usamp.

Men and women are quite willing to share personal information about relationships, education, employment, brand preferences and political and religious affiliations.

But when it comes to information like email or physical address, phone numbers, or their location, women put a higher premium on physical safety and are markedly more guarded than their male counterparts.

What users have to gain a better understanding of is the very clear risks all of this information sharing represents, and how, with the information women were willing to share, the rest of their information is fairly easily exposed.

Why all that information matters

When looking at the types of information both men and women were fairly willing to share, it is the unintended use of that information that place you at risk.

For example, it was through hard fought battles in the 20th century that we gained a number of civil rights designed to protect every citizen from discrimination based on gender, religion, race, color, national origin, age, marital or family status, physical or mental disability, sexual orientation, political affiliation, financial status, and more.

These prejudices remain, and by sharing this information freely online users enable the very types of discrimination that civil rights were established to prohibit. And users do it in a way that never places an employer or company at legal risk. A candidate will never know why they weren’t considered, they won’t even make it to the interview.

To understand how this works, Microsoft conducted research in January 2010, to expand the understanding around role of online information and reputation.

One aspect of the research looked specifically at how recruiters and HR professionals use online information in their candidate screening process.

As you can see in this table, would-be employers can now make decisions based on a number of factors long before ever inviting a candidate in for an interview process where some system of oversight could possibly identify discriminatory practices against selected candidates.

With this type of undetectable prescreening, employers can make decisions based on how people look in their photos – weight, age, skin color, health, prettiness factor, style, tattoos, and economic indicators. They can look at comments made by the candidate, friends or family members that they would never have had the right to access pre-internet. They can look at groups and organizations a person is associated with – and potentially make decisions based on political affiliations, faith, sexual preferences, even medical factors – if this information is indicated through the groups and organizations to which the candidate belongs.

Learn more about the erosion of civil rights in my blog Civil Rights Get Trampled in Internet Background Checks.

The damage doesn’t end there

It is not just would be employers or college application review boards who can and do use this information.  If 5 years ago someone posted a photo of you on a drinking binge, will it impact whether an auto insurance company accepts you, or quotes you a higher rate?  Will it impact your medical insurance rate? How about your ability to get a car, school, or home loan? The answer is likely to be YES.

A reluctance to share address, email, phone numbers and other ‘locatable’ information doesn’t matter if you’re willing to share your name, employer etc.

The study found that among the types of personal information shared, men and women are most likely to be happy to share their names (86% and 88%, respectively) and email addresses (55.2% and 42.4%, respectively). Yet unless you live off the grid, your name alone is probably enough to get your address and phone number – and sometimes your email address. It’s enough to discover if you own or rent, if you vote, have a criminal record, etc. Compounding your risks, the facial recognition tools now in Facebook and Google+, mean that even your face in a photo may be enough to collect all this information.

Does it mean you hop off the internet and hide? No. But it does mean that before sharing any information you should ask yourself who could see it? What could they do with it? Will it damage you, your child, or someone else in the future? If your information is already out there, you may want to work with websites to have any sensitive information removed.


New Online Safety Lesson: Connecting Technology Across Generations

February 17, 2012

The 11th installment in the lesson series I’m writing on behalf of iKeepSafe, focuses on leveraging the internet to connect generations.

Who says technology is hurting interpersonal relationships? New research shows that the “computer generation” no longer encompasses just the teens who grew up with technology. Seniors are migrating online like never before, which offers new channels for communication between the generations.

Whether texting, Skyping, Facebooking or emailing, seniors and youth have much to gain from each other. Read further for some surprising statistics on how seniors are increasingly embracing current technologies and finding new ways to communicate with their grandchildren and other youth. And, don’t miss out on tips to help deepen interaction between younger and older generations.

To see and use this lesson, the companion presentation, professional development materials, and parent tips click here: Connecting Technology Across Generations 


Tech Use on College Campuses – 60% of Students Say they Wouldn’t Attend a School that Doesn’t have Free WiFi

December 22, 2011

It’s not news that this generation of college students is wired, but just how wired they are – and when they want face-time – can be seen in a new infographic showing research into technology use and preferences on campuses.

Asked which single website or online resource they couldn’t live without, only 3% picked Facebook, while 11% said Wikipedia and 36% said Google.

As for the most important software and applications for college students? Unsurprisingly, word processors are the most vital to 76% of students, but email came in second with 66% of students – so much for the theories that youth aren’t emailing. Scan the infographic to learn more….

Technology Use on the College campus
Via: Online Colleges Guide


Hotmail Adds More Spam Blocking and Management Features

October 16, 2011

Microsoft has announced plans to introduce better spam blocking functionality by the end of the year.  Building on the series of spam-fighting technologies the Hotmail team has already rolled out this year, Microsoft says the upcoming tools will target ““gray mail” – defined as email that isn’t necessarily spam, but it is email that you personally don’t want to receive.

New features include:

Changes to the Sweep feature. Sweep gave users the ability to move messages in bulk from one mailbox to another based on preset criteria. Now, you can schedule clean-ups and mass delete messages.

Better newsletter filtering.   A new filtering feature will automatically identify inbound newsletters and put them into a folder which can be deleted. Users can also leverage this feature to get removed from mailing lists and block additional newsletters by selecting Unsubscribe which triggers a Hotmail notification to the company asking them to remove you from their email list.

Enhanced folder management.  This feature will allow users to create and apply their own categories to individual email messages inline as opposed to the current two step process. Users will be able to right-click on a message to rename, delete, empty or mark as “unread.”

Better Housekeeping. Users will be able to set auto delete parameters on old emails  – like after 10, 20 or 30 days, and they will be able to choose whether to keep a whole thread of emails, or just the last message from the sender.

Keep high priority emails on top.  You will be able to flag messages and have them stay at the top of your inbox no matter how many new emails come in.

Make real-time choices. You will also be able to see buttons for common email tasks when you hover over a message. This allows you to delete, flag, sort, etc. in one step rather than two.  You will also be able to customize the buttons you see, or turn of the ‘Instant Action’ feature.

“Back in the day, Hotmail was the number one. But we lost our way a little bit. Gmail came on board, and suddenly we were getting things like storage all wrong, and not really focusing on users as much as we should, piping quite a few advertisements into Hotmail and not putting good enough controls around spam. We really are [now] focusing heavily on making the fundamentals — the non-glamorous stuff like spam protection, privacy, security and performance — are all best in class,” said Mark West, Microsoft product marketing manager for Windows Live, told ZDNet UK.

There’s something to look forward to.


Responding to Spam Volumes, Hotmail Adds “My Friend’s been Hacked” Feature

July 21, 2011

Sending spam from legitimate user’s email accounts has become rampant as spammers switch from using botnets. This week alone, I’ve received spam sent via my mother’s and two friend’s email accounts – and received frantic calls asking how to fix the problem. Read more on fixing the problem later in this blog.

To address the nearly 30% of Hotmail generated through compromised accounts, Microsoft has launched a new feature in Hotmail. Called “my friend’s been hacked” and found under the “Mark as” dropdown, a simple click allows friends to report compromised accounts directly to Hotmail.

Microsoft’s Dick Craddock explains that “when you report that your friend’s account has been compromised, Hotmail takes that report and combines it with the other information from the compromise detection engine to determine if the account in question has in fact been hijacked. It turns out that the report that comes from you can be one of the strongest “signals” to the detection engine, since you may be the first to notice the compromise.”

Once Hotmail has marked the account as compromised, two steps are taken:

  • The account can no longer be used by the spammer
  • You (or your compromised friend) are put through an account recovery flow that helps them take back control of their account.

What’s really cool about the work the Hotmail team has done is that it can be used to report problems with accounts hosted by other email providers as well. So for example, Yahoo! or Gmail receives a notice from Hotmail if one of their user’s accounts has been compromised and can take action.

Additionally, the Hotmail team has recognized that weak passwords are a large part of the problem – it’s just too easy for spammers to hack flimsy passwords. To address this, the service will soon roll out a new feature requiring stronger passwords. If you’re currently using a common password, you may be asked to strengthen it in the future.

Changing spam tactics

The takedown of the Rustock botnet dealt a telling blow to spammers and dropped spam volumes by almost 30% overnight (see Kudos to MSFT for Strangling the Rustock Spambot) and highlights a vulnerability in the botnet approach. Not only did spammers have to pay to rent the botnets, their distribution method could be shut off in one well-researched swoop.

A report out this month by Commtouch explains this shift in tactics sayingThe move away from botnet spam can be attributed to the use of IP reputation mechanisms that have been increasingly successful in blacklisting zombie IP addresses and therefore blocking botnet spam.

The blocking of spam from compromised accounts based on IP address is more difficult for many anti-spam technologies, since these accounts exist within whitelisted IP address ranges (such as Hotmail or Gmail).

One of the primary aims of the larger malware outbreaks and phishing attacks of this quarter is therefore to acquire enough compromised accounts to make spamming viable. The catch for spammers: While spam from compromised accounts is less likely to get blocked by IP reputation systems, the volumes that can be sent are lower due to the thresholds imposed on these accounts. This at least partially accounts for the lower spam volumes seen this quarter.”

What to do if your email account is hacked

  1. Check your security. Most hackers collect passwords using malware that has been installed on your computer or mobile phone. Be sure your anti-virus and anti-malware programs are up to date.  Also be sure that any operating system updates are installed. See my blog Are You a Malware Magnet? 4 simple steps can make all the difference
  2. Change your password and make it stronger after your anti-virus and anti-malware programs are updated. Learn how to create stronger passwords in my blog Safe passwords don’t have to be hard to create; just hard to guess.
  3. Practice greater safety online.
    1. Learn to spot spam and scams
    2. Secure your home’s wireless network
    3. Avoid logging into accounts when using public wireless networks – you don’t know if these are safe or compromised. See my blog Like Lambs to the Slaughter? Firesheep Lets Anyone be a Hacker
    4. Validate the legitimacy of any program/game/app before downloading it.  See my blogs Windows Getting Safer, but Study Finds that 1 of Every 14 Programs Downloaded is Later Confirmed as Malware


Clogging Servers with Chain Messages

April 9, 2011

I have one, and you probably do too. I’m referring to those cherished friends who simply cannot resist forwarding the latest chain message that catches their fancy.

No matter how many times I explain to my dear friend what I do for a living, she still thinks I’ll appreciate the chain messages she forwards. The only progress I’ve made with her is that she no longer puts everyone she sends it to on the “To:” line, and she now removes all the forwards that otherwise would have shown the last 576 people that were on the thread…..

Chain messages may be about an uplifting or funny thought of the day, or show an amazing or adorable photo, they may purport to alert you to a scam, or to offer a way to help fund the medical expenses of a desperately sick child. Frequently these urge you to forward the message on to friends in order to gain the ‘luck’ or avoid the ‘curse’ of not doing so. My friend once sent a chain message that said that if recipients failed to forward the message to 10 women within 10 minutes the elastic in their underwear would break… now there’s a threat worth avoiding.

Unfortunately, these messages aren’t just mild amusement or annoyances. They can deliver malware and harvest email accounts of those who participate. They clog servers and cost hosting services millions of dollars – which companies recoup by charging everyone more for their services.

Then again, maybe YOU are the culprit that’s sending these to everyone you know….

If you happen to be one of those people, who simply cannot resist forwarding the latest chain message then this old blog excerpt is for you. It’s titled Breaking the Chain Mail found on, and written by Steve Hofstetter: