Archive for Mobile Computing

5 Easy Ways to Find Your Phone

What would you rather give up than your phone? According to surveys over the last few years, many have said they’d rather give up sex (30%), chocolate/alcohol (80%) or even their car (%30) than do without their phone. So when our phones are lost or misplaced, we panic. Fortunately, there are many easy ways to track a phone, whether it’s hiding in the couch cushions with the ringer off, left behind at a restaurant or even stolen and turned off. Here are 5 ways to find your phone when it goes missing.

The first four ways of locating your phone require that your phone have location capabilities turned on BEFORE you lose your phone. For Android phones, you’ll find this under Settings > Security & Location > Location (for some phones, you’ll just see Location). For iPhones, go to Settings > [Your Name] > iCloud then select Find My iPhone and then turn on Find My iPhone and Send Last Location. You may be prompted to enter your Apple ID and password.

1. Google it (Android)

If you have an Android phone, you can find your device by Googling “find my device” on any device with a browser and internet access. Depending on the browser you use and whether you’re logged into your Google account, you may be taken directly to Find My Device – Google or you’ll need to select “Find My Device – Google” from the search results. Either way, you’ll then log into your Google account or re-confirm your password. Once you’re logged in, you’ll be presented with a screen that shows your phone’s location and the option to “Play Sound,” “Lock” or “Erase.” If you select “Play Sound,” your phone will ring for up to 5 minutes, even if the ringer is off. If your phone is off,  you will see its last known location.

If you have multiple Android devices, you can also download the Find My Device app (free for Android) to view all of the device associated with your account.

2. Use Find My Phone (iPhone)

If you have an iPhone, you can use Find My Phone, an app that comes preloaded on iPhones and iPads and is available on As noted above, you’ll need to turn on Find My Phone before you’ll be able to use Find My Phone (go to Settings > [Your Name] > iCloud then select Find My iPhone and then turn on Find My iPhone and Send Last Location). Then you’ll be able to see your phone’s location by logging into and selecting the Find My Phone app. You’ll also be able to see other devices associated with your account and, if you’ve set up Family Sharing, you’ll also be able to see their devices’ locations, unless they’ve decided to keep their location private.

3. Use a phone tracking app

Tracking and recovery apps like Prey Anti Theft (free for iOS and Android) provide one place to track all of the mobile devices in your home, whether they run on iOS or Android (It covers Macs and PCs as well). Once you’ve installed the app on a device and created a Prey account, you’re ready to start locating.

Depending on your issue—loss or theft –you can set your device to respond in different ways when you notify Prey the phone is missing. First, the phone determines its location and sends it back with a time stamp and pictures taken with the phone’s front and back cameras. Then you can have the phone sound an alarm, receive a text message that states the phone is lost or stolen or operate in stealth mode. You can also set up Control Zones, areas in your city that you’ll be notified if the phone enters or leaves.

The free version covers 3 devices and one Control Zone and will store the last 20 location reports (you can get as many as you want, but the older ones are deleted as new ones come in). You can upgrade to a Personal account for $5 per month for 3 devices and 3 Controls Zones, saves 100 location reports per device and generates reports more quickly when you report a device missing. A Home account will cover 10 devices, comes with unlimited Control Zones and costs $15 per month.

4. Use your smartwatch

One feature on my Apple Watch that I use at least once a day is Ping iPhone. I just swipe up on the watch face and select the ringing phone icon. Tapping will ping the phone once. If you have an Android Wear watch and an Android phone, you can say “Ok Google, find my phone.” Then you scroll up and tap Start and then select Find my phone. It will start ringing, even if the ringer is off.

Your smartwatch must be paired with your phone, Bluetooth must be turned on and the two devices must be in range.

5. Use a device tracker

While you’ll likely use your phone to find your keys and other items clipped to the Tile Pro, you can also use this tracker to ping your phone. You simply double press the Tile icon in the center and your phone will start to ring, even if the ringer is turned off. The Tile Pro has a range of up to 200 feet. You can pick up one Tile Pro for $34.99 or two for $59.99 on Amazon.

Kantra, Suzanne. “5 Easy Ways to Find Your Phone” Techlicious September 27, 2017

Posted in: Mobile Computing

Leave a Comment (0) →

‘Smishing’ Is Internet Scammers’ New Favorite Trick. Here’s How to Avoid It

Internet scam artists are moving beyond your email inbox and targeting your text messages instead. With this new scam, called “smishing,” scammers are trying to get you to send them your personal information that could help them access your bank account or other online profiles.  Here’s what you should know.

What are smishing scams?
“Smishing” scams are so named because they’re like a phishing email, except sent via SMS, the technology underlying the typical text message. They often prey on people’s panic or sense of urgency, according to Jason Hong, associate professor at Carnegie Mellon University’s Human-Computer Interaction Institute. For example, one fraudulent message might appear to be a warning from your bank about an unauthorized charge.

“That’s one of the main ways they try to trick you,” says Hong. “There’s an urgency to the message. There’s something that needs your attention right now.”

How can you avoid smishing scams?
Hong says you should make sure to use different passwords for everything from your bank’s website and social media apps to your email account. Two-factor authentication and password managers like Dashlane and 1Password can also be useful. And in the hypothetical case outlined above, you should call you bank or credit card company directly to verify the alert, rather than clicking any links in suspicious text messages.

Unfortunately, there’s no foolproof way to block smishing messages entirely, says Steve Wicker, a computer engineering professor at Cornell University. Wicker says the best course of action is to be vigilant for suspicious text messages, just like you should watch out for strange emails. One tip: Look out for text messages from phone numbers that clearly appear fake or suspicious.

Another warning: Wicker says some scammers may be able to make their messages look like they’re coming from a person you know and trust. So if you get a weird message from a friend, it’s a good idea to call them back on the phone and check if they actually sent the text.

Why are scammers using smishing scams?
Scammers could have one of several motives, Hong says. They could be trying to steal a victim’s identity, to access their bank account, or to blackmail them into giving out personal or company secrets.

“That’s where the money is,” Hong added. “People are getting more suspicious of emails. Companies like Google and Yahoo are getting better at detecting fake accounts and shutting them down. So the next easiest thing for [a scammer] to do is to go to mobile.”

Is smishing a new phenomenon?
Smishing scams have been around since as early as 2008, but experts say they are becoming more prevalent. They’re also popping up on all sorts of messaging apps, not just simple text messages.

“This is impacting all systems in the mobile arena, it’s not just limited to one system,” says William Beer, who works on cybersecurity matters for professional services firm EY, previously known as Ernst & Young. “There’s never 100% security on any app, whether they be desktop or mobile.”

Segarra, Lisa Marie. “‘Smishing’ Is Internet Scammers’ New Favorite Trick. Here’s How to Avoid It” Fortune, Security July 2017

Posted in: Mobile Computing, Security

Leave a Comment (0) →

How to Encrypt Your Tablet or Smartphone

How to Encrypt Your Tablet or Smartphone

If you left your smartphone behind in a coffee shop or you were required to pack your tablet in your checked luggage, would your personal data be safely locked away? If you don’t have your device protected by a lock-screen passcode and your data encrypted, your text messages, personal and business contacts, emails, photos and videos and other sensitive information could all be accessible.

What is encryption?

To describe it simply, encryption is the process of jumbling data using an encryption key available only to you in such a way that the information is no longer recognizable or understandable. When you need to use your data, the reverse process of unscrambling, known as decryption, uses your unique encryption key to bring it back to a readable state.

You can think of encryption as a secret code known only to you. If someone were to steal your private journal, the thief wouldn’t be able to understand what’s in it without knowing the secret code you used to encrypt it.

Why encryption is important

Even if you’ve locked down your phone with a strong password, the data behind that wall of defense are still readable — your emails, text messages, photos, everything. So unless you have encrypted your phone, a knowledgeable thief can use various means to crack or bypass your password and then harvest your data.

Since encryption garbles information, it adds another layer of protection to your information by rendering it unusable by anyone who doesn’t hold the key to un-garble it.

Governments encrypt classified information. Businesses guard their corporate secrets with encryption technologies. Doctors and lawyers use encryption to prevent client data from falling into the wrong hands. You can use encryption to shield your personal information against identity and data thieves. In fact, the United Nations Commission on Human Rights considers encryption a human right because it “provide[s] the privacy and security necessary for the exercise of the right to freedom of expression in the digital age.”

If you are preparing to sell or give away your mobile device, encrypt it before resetting it to its factory state, especially if it’s an Android device. Even a full factory reset won’t completely wipe out your personal data on older Android devices. Security company Avast found that information you thought had already been wiped clean still remains on your Android device even after a factory reset. The company’s researchers were able to extract photos, emails, text messages, search histories, personal identities, contacts and more from used Android phones they bought from eBay. Researchers at the University of Cambridge have also found that remnants of your “deleted” data can actually be used to log in to your accounts.

You can avert the potential for data breaches like these by encrypting your mobile device.

How to tell if your iPhone or iPad is encrypted

Apple devices running iOS 8 or higher have encryption baked into the OS and file system itself. However, your device isn’t encrypted until after you’ve set up a lockscreen passcode.

How to encrypt your iPhone or iPad

Go to Settings > Touch ID & Passcode. There, turn on the Passcode feature. Disable Simple Passcode so that you can use longer alphanumeric passcodes that are harder to crack. While you’re at it, set the Require Passcode option to Immediately.

Afterwards, return to Settings > Touch ID & Passcode and scroll down to the bottom. Here, enable the Erase Data option so that your data will be automatically wiped after 10 failed passcode attempts. You should also see “Data protection is enabled” below the option. This means that data encryption is now active and uses your designated passcode as part of the encryption key. Now no one will be able to hand over your data because only you know your passcode.

How to tell if your Android tablet or phone is encrypted

If your phone runs Android 6.0 (Marshmallow) or higher, it’s encrypted by default.

If your phone is running an earlier version of Android, you can head over to Settings > Security (or in some phones Storage). There you will either see that your phone is encrypted or that you have the option to encrypt your phone.

How to encrypt your Android phone or tablet

On Android devices, the steps are similar. Here’s how to do it for Android 4.4 KitKat and Android 5.0 Lollipop. First, you’ll want to plug your device in and ensure you have at least 80 percent charge. Then go to Settings > Lock Screen > Screen Lock. Input  your old passcode and a new one (make sure it’s at least 6 characters). Then go to Settings > System > Security > Encrypt device > Encrypt Phone (or tablet). If you use a microSD card in your phone, you may also select Encrypt external SD card. Than select Encrypt phone (or tablet).

Once you encrypt your Android device, you cannot turn off encryption without performing a full factory reset. An encrypted SD card will only work on the device that encrypted it, so you can pop the card into a reader on your computer or use it in another device. Fortunately, SD card encryption can be undone, unlike full disk encryption of your mobile device. If you want to use your SD card on another phone, you will have to decrypt it first.

Initial encryption can take 30 minutes to about an hour, depending how much data you have. Your phone or tablet will reboot a few times during the process; this is normal. Just let the process complete. Once encryption is finished, you will be asked for your PIN or password to unlock your device.

Montejo, Elmer.  How to Encryt Your Tablet or Smartphone” Techlicious March 27, 2017

Posted in: Mobile Computing

Leave a Comment (0) →

6 Links That Will Show You What Google Knows About You

Want to find out all the things Google knows about you?

Here are 6 links that will show you some of the data Google has about you.

  1. Find out what Google thinks about you

In order to serve relevant ads, Google collects data about you and creates a profile. You can control and review the information Google has on you here:

Google also has a tool called Google Analytics, that helps publishers see what pages you have viewed on their website, how many times you have visited it, how long did you stay etc. You can opt out if you don’t want this type of data to be collected:

  1. Find out your location history

If you use Android, your mobile device may be sending your location to Google. You can see your entire location history here:

  1. Find out your entire Google Search history

Google saves every single search you have ever done. On top of that, they record every Google ad you have clicked on. This log is available in Google web history controls:

  1. Get a monthly security and privacy report from Google

Google offers an Account activity page that tells you about all the Google services you are using. You can even enable a monthly report that will be sent to your email:

  1. Find out all the apps and extensions that are accessing your Google data

The Account activity page also offers a list of all the apps that have any type of access to your data. You can see the exact type of permissions granted to the app and revoke access to your data here:

  1. Export all of your data out of Google

Google lets you export all your data: bookmarks, emails, contacts, drive files, profile info, your youtube videos, photos and more here:


Google also keeps a history of your YouTube searches. You can find it here:

 “6 Links That Will Show You What Google Knows About You” March 2017

Posted in: Mobile Computing, Tech Tips for Business Owners

Leave a Comment (0) →

You’ve Been Charging Your Smartphone Wrong

Yes, we know. Our smartphone batteries are bad because they barely last a day.

But it’s partially our fault because we’ve been charging them wrong this whole time.

Many of us have an ingrained notion that charging our smartphones in small bursts will cause long-term damage to their batteries, and that it’s better to charge them when they’re close to dead.

But we couldn’t be more wrong.

If fact, a site from battery company Cadex, called Battery University, details how the lithium-ion batteries in our smartphones are sensitive to their own versions of “stress.” And, like for humans, extended stress could be damaging your smartphone battery’s long-term lifespan.

If you want to keep your smartphone battery in top condition and go about your day without worrying about battery life, you need to change a few things.

Don’t keep it plugged in when it’s fully charged

According to Battery University, leaving your phone plugged in when it’s fully charged, like you might overnight, is bad for the battery in the long run.

Once your smartphone has reached 100% charge, it gets “trickle charges” to keep it at 100% while plugged in. It keeps the battery in a high-stress, high-tension state, which wears down the chemistry within.

Battery University goes into a bunch of scientific detail explaining why, but it also sums it up nicely: “When fully charged, remove the battery” from its charging device. “This is like relaxing the muscles after strenuous exercise.” You too would be pretty miserable if you worked out nonstop for hours and hours.

In fact, try not to charge it to 100%

At least when you don’t have to.

According to Battery University, “Li-ion does not need to be fully charged, nor is it desirable to do so. In fact, it is better not to fully charge, because a high voltage stresses the battery” and wears it away in the long run.

That might seem counter-intuitive if you’re trying to keep your smartphone charged all day, but just plug it in whenever you can during the day, and you’ll be fine.

Plug in your phone whenever you can

It turns out that the batteries in our smartphones are much happier if you charge them occasionally throughout the day instead of plugging them in for a big charging session when they’re empty.

Charging your phone when it loses 10% of its charge would be the best-case scenario, according to Battery University. Obviously, that’s not practical for most people, so just plug in your smartphone whenever you can. It’s fine to plug and unplug it multiple times a day.

Not only does this keep your smartphone’s battery performing optimally for longer, but it also keeps it topped up throughout the day.

Plus, periodic top-ups also let you use features you might not normally use because they hog your battery life, like location-based features that use your smartphone’s GPS antenna.

Keep it cool

Smartphone batteries are so sensitive to heat that Apple itself suggests you remove certain cases that insulate heat from your iPhone when you charge it. “If you notice that your device gets hot when you charge it, take it out of its case first.” If you’re out in the hot sun, keep your phone covered. It’ll protect your battery’s health.

Villas-Boas,Antonio. “You’ve Been Charging Your Smartphone Wrong”. Business Insider July 2016

Posted in: Mobile Computing, Technology

Leave a Comment (0) →

What is Spearphishing? How to Stay Safe Online From this Effective Cybercrime Technique

Spearphishing? All it takes is a single click, but it doesn’t have to be this way.spear-phising

Hackers, spammers and cybercriminals have a multitude of methods they can use to infiltrate computer systems, steal data, plant malware or compromise your personal information. One of the most long-standing tactics is targeting ‘phishing’, also known as spearphishing.

It has endured because it works: unwitting web users continue to receive malicious messages and still fall victim to their charms. If you are wondering how dangerous they can be, just ask John Podesta: the US political player who lost tens of thousands of email with a single click.

When a spearphishing email lands in your inbox, it’s rarely a mistake. Using your personal information – either hacked from another source or lifted from public social media profile – spammers are able to produce slick, and highly-convincing, messages.

They will appear legitimate, but spearphishing emails usually contain malware, spyware or another form of virus – often hidden in a link. When clicked, the payload will usually download automatically onto your computer and go to work – stealing files, locking records or logging your keystrokes.

Using your own personal information against you, hackers can craft an extremely personalized email message. It will likely be addressed to you by name and will reference a specific event in your life, something that will make you believe the sender is real and trustworthy.

What information could they possibly know?

Using social media, the spammer will likely already know your age, where you work, what school you attended, personal interests, what you eat for dinner, what concerts you have been to recently, where you shop, what films you like, what music you listen to, your sexual preference, and more.

But this is enough. Using the information, a fictitious hacker could easily pose as your friend and ask for further information about you – your phone number, password, even bank details? Not everyone would fall for the scam, but many still do if the recipient believes the identity of the sender.

A hacker using spearphishing may pose as a retailor, online service or bank to fool you into resetting your credentials via a spoofed landing page. The email may ask you to reset your password or re-verify your credit card number because suspicious activity has been monitored on your account.

If the email tempts you to click an embedded link, it could also download a keylogger or Remote Access Trojan (RAT) onto your computer to steal bank details or social media passwords as you type them. Many people re-use passwords across multiple websites, so the danger of hacking is high.

How to stay protected

Stay protected by being aware of the threats and remaining extremely careful about what personal information you put online. Limit what pictures to post to Facebook or Twitter, check where your email is listed and ensure your computer’s security is kept up to date.

Ensure the passwords you use are original, lengthy and, most importantly, unique to every online website or service. A strong password will contain a mixture of characters, numbers and symbols. If possible, enable two-step authentication on every account that offers it.

Finally, know the signs and stay vigilant. If you receive an email from a close friend that asks for personal information – think twice before replying and send them a reply asking them to verify their identity. Also, know that any real business or bank is unlikely to request sensitive data via email.

Unfortunately, it only takes one click of a mouse for the hacker to access your system and despite advanced spam filters on current email providers spearphishing emails will continue to slip through the cracks.

Murock, Jason. “What is Spearphishing? How to stay safe online from this effective cypbercrime technique”. IBT. December 2016

Posted in: E-mail, Mobile Computing, Security

Leave a Comment (0) →

Prepare Your Digital Devices for Holiday Travel

holiday-travelDecember is the season for getting out on the road — or in the air, or on the tracks, or maybe even on the water. And during our travels, many of us will carry along an assortment of digital devices.

Here are some tips for entertainment and security when you’re away from your usual home/office Wi-Fi networks.

Watch your Netflix favorites offline

On the last day of November, Netflix announced that it was finally offering offline video viewing, free to subscribers. It was excellent news for anyone wanting video entertainment while away from high-speed broadband.

But the new service was not ubiquitous: some Netflix content — probably newer and more popular shows — will still not allow offline viewing. Also important to know, Netflix’s offline viewing is currently limited to iOS 8.0 and higher and Android 4.4.2 and higher. (You also need to upgrade to the latest Netflix app.) In other words, you can’t call up Netflix in your laptop browser and download a video for viewing offline.

Why mobile devices only? Most likely, it’s because mobile operating systems such as iOS don’t have a true user-friendly file-management systems. That makes it easier for Netflix and other media apps to control access to the downloaded video files.

On my iPad, it took about three minutes to download a 46-minute episode of Doc Martin. The download took about 170MB of space, both on an iPad and iPhone. It did not seem to matter whether my default playback setting on the Netflix site was set to Medium or High resolution. The app’s own Video Quality option was set to Standard by default; changing to High increased the file size of my Doc Martin episode to more than double — 384MB. (You might want to switch the higher resolution if you’re casting the video to a full-sized TV.)

So with the right settings, you can pack hours of entertainment on a typical mobile device, assuming you haven’t soaked up a lot of storage space with music, photos, and videos from sources other than Netflix.

The mobile Netflix app offers other important settings for controlling downloads. By default, the featue is limited to Wi-Fi connections; turning that setting off allows downloading videos over a cellular connection. But just to make things a bit more confusing, there’s also a Cellular Date Usage setting for streaming videos. Six options let you control the amount of data used for streaming. You can, for example, limit streaming to Wi-Fi connections only or use the Unlimited option if you’re one of the lucky few who still have an unlimited cellular-data plan. The default setting is Automatic.

Netflix’s offline viewing tool is nicely designed. If the feature is available for a particular video, you’ll see a down-arrow (see Figure 1) next to the title and description. Another window lists your downloaded media (along with length and file size) and makes it easy to delete shows you’re done with.


Figure 1. Download shows for offline viewing by tapping the down-arrow icon.

(Amazon Prime also allows some content downloading. Check your subscriptions for details. Expect other streaming services to enhance or add downloading options.)

The timing of the Netflix announcement was somewhat ironic. While researching traveling with digital devices, I ran across the PlayOn app (site), which also lets you download and play streaming video offline. You might think that Netflix’s announcement would put the company out of business, but the PlayOn service works on both PCs (PlayOn Desktop) and iOS devices (PlayOn Cloud), and it has other significant differences.

Here’s the catch: Like any old-style personal video recorder, the desktop recording requires playing the video at standard speed. You can’t just do a quick download of a video file. PlayOn Cloud records a chosen show on a cloud-based virtual machine, and the full recording is then downloaded as an .mp4 file to the iOS device.

Note that the service lives in a gray area of legality. Services such as Netflix do not allow recording of streaming content. But in the 1980s battle over recording broadcast TV shows on VCRs, the U.S. Supreme Courts ruled that personal, non-commercial video recording was legal. PlayOn claims that its service falls under that ruling. And apparently it hasn’t been sued in the year it’s been in business.

PlayOn, of course, isn’t free: The desktop edition costs U.S. $2.50 per month, and the iOS version is priced at $.99 per recording.

Listening to audio content when on the road

Years ago, I did numerous drives alone between San Francisco and Seattle. Interstate 5 can get really boring over hours and hours of driving. My solution was an subscription, which I’d had since the early 2000s. With little free time for actually reading a book, I now listen books while taking my daily dog walks.

Unfortunately, Audible is relatively expensive; my subscription costs $14.95 per month for one book. So when I saw a promo for Amazon’s Kindle Unlimited (more info), I decided to try it out. For $10 a month, the service lets you check out Kindle-based books from the Unlimited library of over a million publications (magazine, books, etc.). You can have up to 10 titles checked out at any one time.

Having subscriptions to both Audible and Kindle Unlimited might seem redundant, for numerous reasons. Both are owned by Amazon, and both offer a smaller selection of books in audio and text formats. For example, I can sit and read a few chapters on my tablet, then switch to listening on my phone while out with the dogs or on the road. (I maintain that listening to a book in the car is probably less distracting than trying to hold a conversation with a passenger.)

But there are some important differences between the two services. With Audible, you have actually bought a book — you own it and can re-read it as often as you like. If you cancel your subscription, you can still listen to books you’ve downloaded. You can also download a book to as many as four computers and download the Audible app to as many as ten mobile devices. (It’s not clear whether you can have the same book on ten tablets and smartphones.)

With Kindle Unlimited, you are renting the books. It’s like paying to use a classic library. If you cancel your subscription, you can access checked-out books only until your monthly subscription is up for renewal.

In one of those creepy/convenient features found in our connected world, Kindle keeps track of your reading. If I put down my tablet, I can pick my phone and continue from the same page.

I can’t say that one service is better than the other. Audible is listening focused and has a much better selection of books. Kindle Unlimited is less expensive if you do a lot of actual reading, but the selection is relatively limited, depending on topic. Fortunately for me, I like reading primarily history and science fiction, and Kindle Unlimited has an extensive offering of sci-fi titles. (I use Audible for history books.)

Setting up a personal and portable Wi-Fi network

I spend many weekends on my small, rural farm. It’s so rural that there are few options for Internet connections. Until recently, I used tethering on my phone to set up local Wi-Fi and connect tablets and other devices to the Net. But the process has always been a bit of a pain.w20161206-fn-velocity

So recently, I purchased a cellular-based, mobile-hotspot box from AT&T. The Velocity device shares my smartphone’s data plan (currently 6GB per month), at the cost of an additional $20 per month (two-year contract) to my cell-service bill. The local Wi-Fi network it creates supports up to 10 devices — in my case, two tablets and an Apple TV.

The box provides a better Wi-Fi signal than my tethered phone, and it can be left up and running as I come and go. It’s fully password protected, and a handy status screen gives a quick indication of your data-plan status. With multiple devices attached, you need to watch data consumption carefully. The device also has separate on/off switches for Wi-Fi and cellular connections to help prevent unintended data use.

Verizon, too, offers a mobile hot-spot device. According to its info page, the Jetpack supports up to 15 devices and costs $50. But you can also use it to give an emergency charge to your cellphone.

Digital security when away from home or office

There have been many stories on the dangers of connecting to public Wi-Fi hotspots. And those threats are real. Before heading out on your holiday travels, check that your digital devices are fully secured.

  • Whenever possible, check that your browser is connecting to a Web server with secure HTTPS. Note that on some sites, this can be confusing: you might get a security warning because some links on a webpage — for ads, images, etc. — are not using HTTPS.
  • Set up a Virtual Private Network service. VPNs add an additional layer of encryption and privacy. There are a few free services but paid services such as CyberGhost typically provide better performance.
  • Prepare your devices for travelOne key tip: Make sure all your devices are fully backed up before you leave.
  • Ensure that your portable PC is fully locked down.
  • Use your smartphone for online banking? It might well be that banking over a cellphone is more secure than using your PC. Banks have beefed up the security of their mobile apps, layering on encryption on top of the encrypted cell signal. The better banking apps also require two-factor sign in.

    Check your bank’s site for its mobile-security features and policies. US Bank, for example, offers an “Online Risk-Free Guarantee” (more info) for its mobile app. And as I discovered over Thanksgiving, some mobile apps make it easy to transfer money to traveling family members on a tight budget.

Our digital devices are essential for holiday travel. But while you’re visiting friends and family, take some time to put the devices away and have a real conversation!

Capen, Tracey. “Prepare Your Digital Devices for Holiday Travel.” Windows Secrets Dec. 2016.


If you have any questions or need assistance, one of our experienced professionals would be available to discuss your options or assist you in setting up a portable wi-fi network.

Give us a call at (732) 780-8615 or send us an email at to schedule a consultation.

Posted in: Mobile Computing, Tech Tips for Business Owners

Leave a Comment (0) →

Like-farming Facebook scams: Look before you “like”

If you’re a regular Facebfb-farmingook user, you’re pretty much guaranteed to run across lots of “like-farming” scammers – maybe without ever even realizing it.

At best, these like-farming pages clutter your friends’ feeds, crowding out content they actually want to see (and possibly making them annoyed with you, for drowning their feeds in such noise); at worst they put your personal information in the hands of unscrupulous marketers, or help spread dangerous computer viruses and other forms of malware.

But what is like-farming? Facebook policy forbids it, though of course scammers and con artists by definition tend not to follow the rules. Like-farmers start pages and fill them with content dedicated to collecting as many “likes” or “shares” as possible in the shortest amount of time.

Since Facebook’s algorithms place a high value on popularity (as measured by likes and shares), these highly liked and shared pages therefore have a much higher chance of appearing in people’s “Feeds” and being seen by other Facebook users.

Then, once the page has a sufficiently high popularity rating, the like-farmer either removes the page’s original content and replaces it with something else (usually malware or scam advertising); leaves the page as is and uses it as a platform for continued like-farming in order to spread malware, collect people’s marketing information or engage in other harmful activities; or outright sells the highly liked site to cybercriminals in a black market web forum.

Appeals to emotion

How do like-farmers lure people into liking or sharing their content? As with any scam, it appears in multiple forms.

Many like-farmers rely on appeals to emotion: anytime you’re urged to “like” or “share” a post that pulls at your heartstrings or pushes your buttons, there’s likely a like-farmer behind it. “This poor little girl with cancer lost her hair to chemotherapy — ‘like’ this post to let her know she’s still beautiful!” “This new government policy is outrageous — ‘like’ this post if you’re outraged, too!”

Confession: I fell for a couple such like-farming scams myself, back when I was still new to Facebook. And I didn’t even realize it until a couple weeks ago, when I went on a nostalgia-crawl though my old Facebook “activity log” and was appalled to see that back in 2010 or so, I’d allegedly “liked” a couple pages advertising some scammy pseudo-scientific quack medications.

But of course I never “liked” any such nonsense; I’d actually “liked” posts shared by various friends of mine – probably posts to the effect of “’Like’ to let this little bald girl know she’s beautiful!” or “’Like’ if you’re outraged by this new policy!” – and only later, after the page collected enough “likes” for a high Facebook popularity ranking, did the page owner scrub the original content and replace it with ads for scam products.

Valuable prizes

Not all like-farmers rely on appeals to emotion, though. Others will claim to offer valuable prizes to people who “like” or “share” a post; those posts you see promising the chance to win a free Macbook or latest-gen iPhone, free chain-store gift card or some other valuable freebie are pretty much guaranteed to be scams.

Last week, for example, the anti-scam website Hoax-Slayer issued an alert about a fraudulent Facebook page promising to give away 100 Macbook laptops: all you have to do is like and share the post, and specify whether you want a white or black one.

The “Fans of Mac” page has 22,925 “likes” in the screenshot Hoax-Slayer included in its alert; as of this writing, that number had grown to 25,660. The “About” section says that Fans of Mac is “Facebook’s LARGEST and most vibrant Apple community with worldwide fans! If you LOVE Apple … then join us today!”

Yet the page contains no posts from fans discussing the pros and cons of the latest Apple iThing, nor even links to media coverage of the latest iThings. There are, as of press time, only eight posts visible on the entire page, and every single post claims to offer valuable free iStuff to people who like and share it. A post from April 7 claims “We have got 100 boxes of Macbooks that can’t be sold because they have been unsealed. Therefore we are giving them away for free. Want one of them? Just Share this photo & Like our page.”


Even by the standards of fake-free-stuff postings that makes no sense: since when does Apple or any other tech company have the policy “If the packaging on our expensive new latest-gen products becomes ‘unsealed,’ those products cannot be sold or even destroyed; we’ll just give ’em away for free”? They don’t.

Unsurprisingly, if you scroll a bit further down the Fans of Mac page you’ll see the exact same post on Nov. 25, 2014: “We have got 100 boxes of Macbooks that can’t be sold because they have been unsealed. Therefore we are giving them away for free….”

No free iPhones

The first post on that page is dated Sept. 23, barely two weeks after Apple unveiled its then-new iPhone6, and it said: “We have got 10 boxes of iPhone 6’s [sic] that can’t be sold because they have been unsealed. Therefore we are giving them away for free.” (Coincidentally, Sept. 23 is also the day we here at ConsumerAffairs published an article headlined: “Watch out for these iPhone6 scams; nobody’s giving free phones away over Facebook or email, either.”)

Anytime you see a Facebook post offering free valuable items in exchange for “Likes” and “Shares,” you’re almost certain to find a similarly scammy Facebook page behind it.

Still other like-farming posts are high-tech variants of the old chain-letter scam, promising good though vague results if you forward the post. Just this week, one of my own Facebook “friends” shared a photo showing thick stacks of $20 and $100 bills, over a caption reading “Money will come to you sometime this month say Amen and Share” [sic]. As of this writing, that one single photo and caption has 14,441 “likes” and 284,926 “shares.”

Another insidious form of like-farming presents itself almost as a religious duty: “’Share’ this post if you’re willing to publicly proclaim that Jesus Christ is your Lord and Savior!” (Consider: even if you need to share your faith on Facebook — why would you need to “share” that particular post, rather than simply write your own announcement on your Wall?)

Just clickbait

A close cousin of like-farming might better be called “response farming,” or just clickbait: posts designed solely to elicit a response. It differs from like-farming in that like-farming is done by actual scammers, whereas response-farming is usually promoted by actual companies to increase their Facebook popularity rankings. Look at the promotional Facebook page of a typical genre-music FM radio station, for example, and you’re almost certain to see lots of response-farming memes.

One such meme that’s been around since at least early 2013 involves asking a ridiculously easy question, usually followed by commentary suggesting the question is actually quite difficult:

Can you name a band that

has no letter “T” anywhere

in their name?

This is harder than you


Post your answers below,

and share with friends.

Most people think they can

do this but fail, can you do


Or this:

Name a ‘FISH’

That does not

have the LETTER

‘A’ in it.

I bet you can’t 😉

Some of these non-challenging intelligence tests came from like-farmers, but most were local-radio or business clickbait — still driving up like-counts and cluttering your friends’ Facebook feeds, but at least they won’t likely spread malware or put money in a scammer’s pockets the way like-farming pages do.

If you’re going through your own old Facebook archives and discover you’ve “liked” a scammy page you don’t recognize, you can send Facebook a scam report for that page, and then click the “unlike” button to remove your own name from it.

Abel, By Jennifer. “Like-farming Facebook Scams: Look before You.”ConsumerAffairs. ConsumerAffairs, July 2016. Web. Oct. 2016.

Like- farming, phishing, spearfishing, socially engineered email and links are designed to get your employees to open the door to malicious attacks, and they appear in various ways. We believe that the best approach is to take a defensive stance by arming your staff with the most updated information.  And since we believe that knowledge is power, we have put together a presentation to explain the many deceptive tricks of hackers, as well as the most common mistakes made by end users. We also have a method to reinforce training by creating a phishing scheme which will test who will “take the bait”.

Give us a call at (732) 780-8615 or send us an email at to set up an appointment for a security consultation.

Posted in: Mobile Computing, Security, Social Media Marketing

Leave a Comment (0) →

How to protect your Apple ID with Two-Factor Authentication

ios-9-two-factor-authenticationTwo-Factor Authentication strengthens the security of your Apple ID by preventing anyone from accessing or using it, even if they know your password. With Two-Factor Authentication, one of your trusted devices generates a one-time code when you make a purchase or sign in to your Apple ID, iCloud,, iMessage, FaceTime or Game Center account on a new device. Two-Factor Authentication is also required for Auto Unlock so you can unlock your Mac by wearing an Apple Watch.

In this tutorial we’ll show you how to protect your Apple ID with Two-Factor Authentication or, if you’re still using the older and less secure Two-Step Verification, upgrade to Two-Factor Authentication.

Two-Factor Authentication vs. Two-Step Verification

Two-Factor Authentication is the preferred protection system for Apple IDs.

It replaces Two-Step Verification and is more secure because it’s integrated deeply into the bowels of iOS and macOS. The older, less reliable Two-Step Verification system relies on different methods to trust devices and deliver verification codes.

With Two-Factor Authentication enabled, a six-digit code is required to verify your identity using one of your devices or another approved method before you can:

  • Sign in to your Apple ID account page on the web
  • Sign in to iCloud on a new device
  • Sing in at in a web browser
  • Sign in to iMessage, Game Center or FaceTime or a new device
  • Make an iTunes, iBooks or App Store purchase from a new device
  • Get Apple ID related support from Apple

See Apple’s support document for more information about Two-Factor Authentication, including an up-to-date list of countries where this feature is available.

System requirements for Two-Factor Authentication

In order to use Two-Factor Authentication, you must own one of the following devices:

  • iPhone, iPad or iPod touch with iOS 9 or later
  • Mac with OS X El Capitan or later and iTunes 12.3 or newer
  • Apple Watch with watchOS 2 and up
  • Windows PC with iCloud for Windows v5.0 or later and iTunes 12.3.3 and up

Logging into your Apple ID on a device that has software earlier than specified above may yield a message saying Two-Factor Authentication is unavailable so make sure your gadgets meet the requirements and run the latest software.

Protecting Apple ID with Two-Factor Authentication

If your Apple ID is protected with the older Two-Step Verification method, you must first disable it before you can opt in to Two-Factor Authentication, Unfortunately, Apple does not provide a direct upgrade path for Two-Factor Authentication.

If you already use the newer Two-Step Verification system, skip this section and proceed with the steps outlined in the section titled “Enabling Two-Factor Authentication”.

Disabling Two-Step Verification

1) Sign in to your Apple ID account page using a desktop web browser.

2) Click Edit under the Security heading.

3) Click Turn Off Two-Step Verification, then create three new security questions and verify your birth date and phone number when asked.


You will receive an email from Apple confirming that Two-Step Verification for your Apple ID account has been turned off and the Apple ID account page will reflect the change.


You can now protect your Apple ID with Two-Factor Authentication.

Enabling Two-Factor Authentication

1) Go to System Preferences → iCloud → Account Details → Security on your Mac. Alternatively, open Settings → iCloud → your Apple ID → Password & Security on your iPhone, iPad or iPod touch.

2) Click Set Up Two-Factor Authentication and follow the onscreen instructions.


You must provide three security questions and answers, verify your birth date, add a rescue email and verify a mobile phone number where Apple will send you verification codes when your trusted devices are unavailable.

If you see a message that some of your devices are incompatible with Two-Factor Authentication, hit Turn On Anyway to continue. Enrolling in Two-Factor Authentication will replace your iCloud Security Code with your device passcode.

To enable Two-Factor Authentication on the web: log into the Apple ID account page, clickEdit under the Security heading, hit the link “Get Started…” below the Two-Step Verification heading and follow the onscreen instructions.


The Apple ID account page lists under the Trusted Devices heading all your Apple devices which are capable of generating Two-Factor Authentication codes. Any iOS device with Find My iPhone enabled can generate these codes.

Now all that’s left for you to do is double-check that Two-Factor Authentication has really been enabled by following the instructions below.

Verifying that Two-Factor Verification is enabled

To double check that you’re using Two-Factor Authentication or that you’ve successfully upgraded your Apple ID from the older Two-Step Authentication system to the more secure Two-Factor Verification, do the following:

1) On your Mac, open System Preferences → iCloud, click the Account Details button, then click the Security tab and make sure Two-Factor Authentication is on.


2) On your iPhone, iPad or iPod touch, go to Settings → iCloud, tap your name to reveal account details, then tap Password and Security and make sure that Two-Factor Authentication is on.


3) If you own an Apple Watch, open the companion Watch app, go to My Watch → General → Apple ID and verify your Apple ID is

That’s it, your Apple ID account is now protected with Two-Step Verification.

How to use Two-Factor Authentication

With Two-Factor Authentication enabled, you’ll verify your identity by entering both your Apple ID password and a six-digit verification code any time you sign in to the Apple ID page or, make an iTunes, iBooks or App Store purchase from a new device or sign in to iMessage, FaceTime or Game Center on a new device.


A prompt that goes up on your trusted devices includes a mini-map showing you where the sign-in attempt is coming from. Tap Allow to get a one-time six-digit verification code that you must type into your other device to verify the login attempt.

How to manually generate Two-Factor Authentication codes

You can also manually generate a verification code at any time:

On your iOS device, go to Settings → iCloud, tap on your account name at the top, then hit Password & Security and select Get Verification Code.


On your Mac, click the Account Details button in System Preferences → iCloud, then click the button labeled Get A Verification Code found under the Security tab.


Now enter your six-digit verification code into your other device to sign in.

With Two-Step Verification enabled, your Apple ID account will be more secure than ever and you will be able to use advanced features like Auto Unlock in macOS Sierra and watch OS 3 which lets you get into your Mac simply by wearing an authenticated watch.

Zibreg, Christian. “How to Protect Your Apple ID with Two-Factor Authentication.” Mid Atlantic Consulting Blog. idownload Blog, 21 Sept. 2016. Web.

Although the above article pertains to Apple ID, you can add this higher level of security to just about any of your accounts and/or devices.  One thing to realize is that two-factor authentication (2FA) is not a new solution and over the years many different 2FA options have developed. We know that narrowing down your options can be an overwhelming task, so we have done that part for you. We have a few solutions to the problem and will work with you to find the right one to suit your particular needs.

One of our experienced professionals would be a happy to discuss the best options for you and your organization.

Give us a call at (732) 780-8615 or send us an email at to schedule a consultation.

Posted in: IT Support, Mobile Computing, Security, Tech Tips for Business Owners

Leave a Comment (0) →

10 mobile security myths that need debunking

smartphone securityMobile devices have introduced plenty of legitimate concerns, but there are some misconceptions floating around that may lead companies to focus on the wrong issues–or to ignore the real risks.

Securing mobile devices is a continuing challenge for enterprises as they deploy more mobile applications. In some cases, security risks are overblown; in others, they are underestimated. What myths about mobile security should IT security managers be aware of?

1: Mobile devices don’t need encryption

A surprising number of companies don’t implement data encryption on mobile devices. If these devices are being used as thin clients only, with enterprise data being stored in the cloud, there is less need for encryption. However, more and more mobile devices store contacts lists, photos, price lists, sales notes, and other sensitive information. The localized storage enables field-based personnel to keep working even if the cloud becomes unavailable. For these reasons alone, encryption should more widely considered.

2: Wearables don’t need to have security practices applied

Wearable devices are just beginning to make an entry into enterprises. In early applications, they are used for things like capturing photos of crime scenes in police work and photos of equipment in the field that needs repair and must be referred to an internal company expert. However, less than 60% of these devices are secured, according to a recent Tech Pro Research mobile security report. As more of these devices are dispensed for field operations, IT might need to rethink this.

3: It’s okay to skip mobile security evaluations in IT audits

When it comes to mobile devices, organizations tend to focus their mobile security audits on the network and its centralized monitoring and downloads to these devices. They should also focus security audits on employee mobile device practices in the field and on the security measures that are resident on devices themselves.

4: Mobile devices are inherently less secure than desktop devices

Mobile device security doesn’t have to be less robust than the security found on desktops. In some cases (such as the ability to track and shut down mobile devices remotely), mobile devices might even be more secure. Mobile devices also have small data footprints, using the cloud to store data, so they are unlike “fat client” laptop counterparts that have hard drives full of data. As a result, less data may be exposed to security breaches on mobile devices.

5: BYOD devices promote lax security practices

This isn’t necessarily the case. If IT has firm guidelines for qualifying which mobile devices will be accepted in its BYOD program, coupled with usage practices and IT security practices that are uniformly enabled, monitored, and administered on these devices, BYOD can be just as secure as enterprise-issued mobile devices.

6: Mobile devices have more security software vulnerabilities

Mobile devices do not have any more software security vulnerabilities than desktop computers. The difference is that mobile devices are in the field, so IT has to enact a centralized method of delivering new security and software patches down to these devices from the network as soon as patches are available.

7: Mobile devices don’t need two-factor authentication

Mobile devices are prone to being misplaced or lost, so the additional security sign-in code that goes beyond just user ID and password can help to secure them. It’s advisable for all mobile devices to use two-factor authentication, which require a secret signing code (e.g., where you went to high school) as well as a user ID and password for access.

8: Laptops are less vulnerable to security breaches than tablets and mobiles

Laptops and desktops in the office aren’t necessarily more secure than mobile devices. A primary reason is that many laptops and desktops still contain resident hard drives that store sensitive data. This creates greater risk that data can be stolen, comprised, or shared with unauthorized users.

9: Desktop PCs and laptops don’t get lost

Laptops and desktops do get lost, although not at the same rates as mobile devices. Even five years ago, lost laptops were costing organizations $18 billion annually—and the problem still exists today. IT should track this equipment with asset management software and other measures, in the same way it tracks lost or misplaced mobile devices.

10: Public app stores are safe

Smaller companies lacking their own network infrastructures for downloads will sometimes use public app stores to effect these downloads to their users—and in many cases, companies of all sizes will use public app stores to download handy applications to their end customers. These app stores have taken numerous precautions to ensure that downloads are safe and secure—but it doesn’t mean that they don’t experience security breaches, malware threats, and hacks. The best policy (especially for internal application downloads) is to create your own download procedures that your network administrator directly oversees.

Shacklett, Mary. TechRepublic, “10 mobile security myths that need debunking” July 2016

Posted in: Mobile Computing, Security

Leave a Comment (0) →
Page 1 of 4 1234