A new flaw in Wi-Fi security could leave all our devices vulnerable to hackers, according to reports in the press this last week.
Here is an article from Fairfax media this week about the flaw, which relates to the WPA2 security protocol that our routers use.
Apparently, iOS devices (iPhone, iPad, iPod touch), Windows computers and Android devices are at risk, with Android devices being at higher risk than the others. (The articles I saw did not mention Mac computers.)
Microsoft, Apple, Google and router providers are all working on patching this security hole, and will release updates to their operating systems and router 'firmware' in the near future.
To ensure that your own devices and computers and computers are not left vulnerable, it will be essential to apply any updates that are released for your devices.
I will advise in the iTandCoffee fortnightly newsletter when such updates are available.
One thing that may trip a lot of people up is how to update the 'firmware' of their router - since the router is the device that is the centre of this vulnerability, and the imminent firmware update will be essential to ensuring your ongoing security.
If anyone needs assistance with this, iTandCoffee will be able to help - in your own home if necessary (depending on your location).
Call 1300 885 420 to make and appointment, or email firstname.lastname@example.org.
Need to learn more about Wi-Fi, routers and other basics?
We look at lots of basics of technology - what is Wi-Fi, what is a router, what is 'mobile data', and more at the 'Introduction to the iPad and iPhone' class which we are running again at iTandCoffee, from Thursday October 26, 10am. Select the button below to book online, or call 1300 885 420.
In my daily check of my Apple News app, where I have set up a 'topic' that provides me with daily 'computing and information technology news', I saw a concerning article about the release of over 700 million email addresses online.
For some of these email addresses, passwords were also available - hacked from who knows where!
Here is the article for anyone wanting to read about this:
Have you been 'pwned'
As mentioned in the above article, it is possible to visit a website that tells you if your email address is available on any known list of 'hacked' email addresses - including this new massive list.
The website is haveibeenpwned.com. Just enter your email address to see if it is on any list.
I was surprised to find my own iTandCoffee email address was on this new list! It was not on any list last time I checked, so this leaves me wondering which of the many online services I use has been 'hacked'.
So as a precaution, I have changed my password for the impacted email account, and for other key accounts that use the email address.
Now I need to see where else I have used this email address, and decide if password resets are needed! Ow.
At least I have a different password for every online account, which minimises any 'damage' if anyone does have more than the email address. And I have put all these different passwords into my 'password safe' on my iPhone. This means that I always have easy - and secure - access to my passwords whenever I need them, either from my iPhone or iPad.
(If you are an iTandCoffee Club member, you can watch the members-only video about how to set up a password safe on your iPhone/iPad. Here is the link to this video»
If you are not yet a member, find out more about The iTandCoffee Club here »)
How to change your online passwords
If you need to change your password for your various online accounts, here are links to the relevant pages on some of the important ones:
Need further advice or help?
If you need advice on how to change any other online passwords, just leave a comment below. Or if you would like assistance with making changes to your passwords, book a time with iTandCoffee. Book online here or call 03 9886 0814 or 1300 885 420.
This has been a common problem encountered by so many iTandCoffee clients. In fact, we have already had seen two clients this week who have had the problem (and it's only Tuesday!).
Apple just won't accept my password!
The issue arises when 'two-factor authentication' has been enabled on an iOS 10 (or MacOS), but where other devices that use the same Apple ID are running an older version of iOS or OS-X.
The older versions of iOS and OS-X don't 'understand' the newer security steps that two-factor authentication bring.
As soon as two-factor authentication is enabled on one of their devices, our clients have found that their password keeps getting rejected on other devices - even though they know that the password is correct.
They get a message popping up on their 'up-to-date' iOS 10 device (or on their 'up-to-date' Mac) saying that someone is trying to access their account, with an 'Allow' (or 'Don't Allow') option.
When they choose 'Allow' to get the 6-digit two-factor authentication code, they find themselves stuck - because the device that rejected their password does not offer a place to enter this 6-digit code.
Instead, it just tells them that their password is incorrect.
Fear not! There is a solution
Fortunately, there is a relatively easy fix for this problem.
We covered this issue in our February 2017 Handy Hint newsletter. (Subscribe to our great Newsletter here so that you get to see FREE tips like this »)
This tip has since been moved to our Handy Hint Library, which is for iTandCoffee Club members. Here it is - if you are a Club member, just select the link to view the solution.
Not yet a member of The iTandCoffee Club?
Contact iTandCoffee on 1300 885 420 if you need help to solve this problem.
If you are 'not so local' and are not yet a member, why not join The iTandCoffee Club to gain access to our huge library of great tips like this.
Related Handy Hints and Articles
Handy Hints (for iTandCoffee Club members only)
Blog Articles (no membership required)
I was reading the Innovic monthly newsletter this week, and it included a handy link that I thought readers of our own iTandCoffee newsletter might appreciate.
It is a link to a site that allows you to check if your email address (or username) has been found on a list of details stolen from various well-known websites - for example, Dropbox, LinkedIn, Adobe, Yahoo.
This various websites were compromised at different times over the past few years, and email addresses, passwords and other details were stolen.
I found my own email address was listed twice on the 'hacked' list - for LinkedIn and for Dropbox.
I had already changed my password for these sites, but it was unsettling to see that I was 'on the list'.
Its worth checking your own email address, and then ensuring that you have changed your password details for any site for which you DO appear on the list.
Here is a link to the website:
*** UPDATE TO BELOW POST 22/5/17: If you have not yet updated to iOS 10.3.2, perhaps 'hold fire' for a few days to see if Apple releases a further 'patch' release this week. It may be that the below message - and further issues since with sign-in to my Apple ID - are due to problems with that update. If you have already updated to 10.3.2 and are having any problems, we would be interested to hear about them - please leave a comment below.
There I was, happily writing this week's iTandCoffee Newsletter, when the following message popped up on my iPad's screen.
It would be very nice to be in London, but I am currently here in Melbourne! So just who was trying to sign in to my Apple ID on an iPhone in London??
I, of course, chose Do Not Allow and promptly changed my iCloud password, forcing all devices associated with my iCloud to be signed out (as a precaution).
Thank goodness I had two-factor authentication set up on my Apple account so that, even if someone had gotten access to my password (which I can't believe they did!), they would not be able to break into my account without my iPhone or iPad.
Have you set up Two Factor Authentication on your iCloud account yet? If not, it's time to think about doing this - not just on your iCloud account, but on ALL of your online accounts.
If you need help with this, talk to iTandCoffee on 1300 885 420.
Find out more about iCloud - 'Understanding and Using iCloud'
The last few weeks have seen lots of articles in the press about two terms that are a 'glorious mystery' to most readers of this blog. I have also had very regular questions about these things from clients.
They are NBN - National Broadband Network and VPN - Virtual Private Network.
Let's look at each in turn, and at some articles that have appeared recently about these services.
NBN - do we all need to change?
Given that she currently has a Telstra cable broadband connection (as do we), she wondered if she needed to do anything - given that she had heard that the Telstra cable broadband network will be retained as part of the NBN.
While this is correct, the Telstra cable broadband network has been sold to NBN. This means that all Telstra cable customers must change to NBN when it becomes available in their area. The Optus Cable network is being decommissioned completely - so Optus cable clients must also change.
The same applies for anyone that has an ADSL connection to the internet - you MUST switch to the NBN once you receive notification that the NBN is available in your area. If you don't you will risk being disconnected.
Even if you don't have internet to your home, you are still impacted by the NBN if you have a phone - landline phone connections are also moving to the NBN.
You can stick with your current Telco, but it is probably a good time to consider who will give you the best price and service.
I know that, when it comes time for this household to switch, I will be taking a very close look at who provides the best deal and won't necessarily be sticking with Telstra as my provider. In this family we need unlimited downloads and fast speed - and it will be a case of who can provide these for the lowest cost.
And I will doing a 'self-install' of any equipment that needs to be installed in my home - to save myself the $240 installation fee that Telstra would charge to send someone to do it for me.
(iTandCoffee can assist clients with this install - our fee is nowhere near that of Telstra! Call 1300 885 420 if you want to discuss this option with us.)
For those of you who want to read a bit more, here are some recent articles and information about the NBN and the two major Telcos.
Articles about/from Telstra
If you need advice on what to do, iTandCoffee can help. Call 1300 885 420 to make an appointment. We are located in Glen Iris, Melbourne, but can arrange to come to you if needed*.
VPN - what is it, and why might you want it?
The issue of how to stay safe when travelling - and when using Public Wi-Fi networks - comes up regularly at iTandCoffee. (We cover this topic in the Travel with your iPad, iPhone and other technology class, which will next run on Friday 24th March at 10am. Places are still available if you would like to join us - find out more here ›)
We are regularly seeing and hearing in the press that using public Wi-Fi networks is, in some cases, how people get 'hacked' - how they have their private information stolen, their online account compromised, and/or their money stolen.
Lately there has been an advertisement playing regularly on the radio about a new product from Norton, one that is supposed to keep you safe when using public networks.
The solution offered is to use a VPN whenever you use a public Wi-Fi network.
But what is a VPN - or Virtual Private Network?
A VPN provides a layer of protection for any communications you have across the internet.
When a VPN is installed and active on a device, it ensures that any data sent across the internet from that device (or received to that device) is 'encrypted' - scrambled, so that no-one can read this data (unless they are supposed to!). It is like creating a secure 'tunnel' through which your data can travel - a tunnel that others cannot break into.
Here are some articles that describe the concept of a VPN, and give some options for those thinking about getting a VPN, or an alternative product that can help protect their online life while 'on the go'.
If you would like to find out more about VPNs and how to set one up, let us know using the below form. If we get enough interest we will run a class - otherwise, we will get in contact with you about arranging one-on-one assistance (should you decide you need it).
"I want to know more about VPNs"
* In-home appointments are available to homes within 20km of iTandCoffee. Distance/travel surcharge applies to these appointments, as shown on our Prices page.
Problem signing in to iTunes or iCloud on Apple TV or other i-Device after setting up two-factor authentication
A client who visited iTandCoffee this week had been unable to access her iTunes account on her Apple TV since she upgraded her iPhone to iOS 10 and activated the security feature called 'two-factor-authentication' on her Apple account - something that Apple really pushed us all to do when updating our devices to iOS 10.
Her Apple TV kept giving her the error message that her iTunes password was not correct, even though she knew it was - and that password still worked fine everywhere else.
Each time she tried to sign in on the Apple TV, she got a message on her iPhone saying that there was an attempted sign in. Even if she chose 'Allow' and got the 6-digit code on the iPhone, the Apple TV did not give her an opportunity to enter that code.
The good news is that there is a solution to this, one that provides a way to sign in to an Apple iTunes or iCloud on a device that is not giving you an option to enter the 'two-factor-authentication' code
We have added a 'Handy Hint' for iTandCoffee Club members on how to fix this problem. It is now in the Handy Hint Library - select the link below to view this hint.
Not yet a member?
Contact iTandCoffee on 1300 885 420 if you need help to solve this problem.
If you are 'not so local', why not join The iTandCoffee Club to gain access to great tips like this.
I keep getting a message showing a sign-in is requested from a strange location. (In Melbourne, it shows St Kilda.)
If you have you been confused about why Apple sometimes shows that your device is in some other location, you are not alone.
In particular, the message says that 'Your Apple ID is being used to sign in to a device near ...' and shows a location that is (usually) in your current city somewhere, but just not necessarily at your current location.
This is one that iTandCoffee deals with regularly. In a very recent example, Messages was failing to complete activation because the owner of a new iPhone 7 Plus was choosing the wrong option when shown a message on her iPad - a message indicating that someone was attempting to access her account 'near St Kilda Rd'.
This was confusing, given she lives in Clayton - so she chose 'Don't Allow' every time it popped up.
Why do I get a message that shows a sign-in has been requested at some other location?
A warning again to iTandCoffee clients and subscribers about staying safe online over the Christmas and New Year Period ...
If your iPad, iPhone, Mac or Windows computer (or any other device, for that matter) pops up a scary message saying that you have a virus and that you need to call a 1800 number, please DON’T CALL THE NUMBER.
I know I've mentioned this one only recently on this blog.
I am including it again beause yet another iTandCoffee client was almost caught out by this scam this week. Luckily the call to the number did not go through, and she contacted me before any damage was done. But her Mac did pick up some nasty Adware that we had to remove.
PLEASE DO NOT CALL THE 1800 NUMBER if you get such a message on any of your devices or computer.
The scammers are trying to
If you are concerned you have been caught out by this, or need help to sort unlock your browser or deal with adware/malware, please contact iTandCoffee to make an appointment.
We can walk you through what to do over the phone, or in-shop at 34 High Street Glen Iris, Victoria. If you are in Melbourne, we can do a home visit to help sort you out.
(Please note that charges apply for all appointments.)
Related handy hints and articles
Handy Hints (For iTandCoffee Club members only - find out more here.)
What anti-virus software should I use on Windows 10? Or should I use the built-in protection software?
Dianne S asks: "Would you recommend we renew our Trend Micro internet security, or do you believe there is a better one?"
Dianne had initially used the anti-virus product that came with her Windows 10 computer, but now wonders if that is the best one to use - and pay for - in future.
When it comes to anti-virus protection on your Windows computer, the product you choose really depends on who is using the computer, the sort of things you/they are doing on the computer, whether you have kept your Windows and browser software up to date, and whether you have any nasty browser plug-ins like Java.
Have you ever seen a message like the one shown in this image, when looking at posts on Facebook on either your iPad or iPhone?
I got the message shown here just recently, when looking at an article about The Bachelorette (yes - confession time - I watched it!).
I DEFINITELY don't want to tap OK, as I know that a message such as this is a scam.
However, there appears to be no way to get rid of the message other than pressing OK, as any other navigation options in Facebook are not available until I clear this message.
So what do I do?
I simply close the app from the Multi-tasking screen.
To bring up the Multi-tasking screen, I double-press (quickly) on the Home button to see a screen that shows all the apps that I have been running recently.
I then find the Facebook app (swiping left-to-right to bring it to the centre of the screen), then swipe it upwards to close it.
Once I have done this, I can re-open Facebook and continue browsing normally - that suspicious screen has disappeared.
If such a screen appears when you are browsing in Safari, a different set of actions is required.
Check out another iTandCoffee article on this topic for further information about what to do in this case.
Imagine what it would be like to lose all your family's digital photos and other important documents that are stored on your computer, especially those relating to a recently departed loved one.
Sadly, this is what has happened to an iTandCoffee client just this week.
This poor woman, who is an AGL customer, was caught out by the AGL Email Scam - a scam email that look very legitimate, and that has been 'doing the rounds' for months now, catching out tens of thousands of people.
Don't be caught by the AGL Email Scam (or others like it)
The AGL scam email is particularly nasty. I looks like a real AGL monthly bill notification.
Those who click on the mail message's attached .zip file on their Windows computer (as this lady did) will find that all their files suddenly become inaccessible, locked up by a 'ransomware' virus called 'Cryptolocker'. (This .zip file does not work on Macs, iPads, and iPhones, so does not cause the same damage.)
A message appears, asking that a ransom be paid - an amount of around $800. This will supposedly then release all the files and allow the victim to continue using their computer.
Unfortunately, even if the ransom is paid and the files are unlocked, the computer may still be infected with the virus and the criminals will be able to continue monitoring the computer and tracking keystrokes - meaning that further theft of money and private information could occur.
Here is an article about this AGL scam, for anyone who has not heard of it and the damage that it does.
What can be done if you are caught out by this ransomware?
For those who are 'stung' by this nasty virus, the best solution is to restore from a backup. Unfortunately, so few people actually do backups of their computers - including this particular lady.
So, what can this lady do to retrieve all her precious photos and files if she has no backup? Sadly, it is unlikely that she can if she does not pay the ransom.
Her best bet before she does anything is to consult an IT professional who can advise on whether there is any chance of retrieving her precious files.
If she decides to pay the ransom and gets access again to her data, her photos and files should be saved to an external hard drive. Her best bet then would be to have her computer wiped and the operating system re-installed, to start with 'a clean slate'.
iTandCoffee can assist with this - just call 1300 885 420 to find out more.
Are you backing up your computer?
If you are not doing a regular backup of your computer, you are putting yourself at serious risk of losing everything that is stored on that computer.
Just this week, iTandCoffee has seen two clients who have suffered computer problems and have not had backups. The stress that this causes is enormous - especially when it comes to lost photos.
Don't put it off! Start backing up the precious data on your computer, iPad, iPhone or other device today.
If you don't know how, it's time to arrange an appointment at iTandCoffee. We can advise on the options and help you set up this essential protection for your valuable data.
Book an appointment online or call 1300 885 420.
This last fortnight has seen its usual share of security and scam alerts, but a couple really stood out as noteworthy for iTandCoffee readers. I have also included a third, about a Paypal email scam email that had a new 'flavour'.
Millions of Yahoo accounts hacked!
For those of you with Yahoo email accounts, make sure your read this article about the theft of the account details at least 500 million users by hackers.
If you have a Yahoo email address, consider updating your security across all your online accounts.
Here is another article published recently on the topic of online security: How to stay safer online - adding an extra layer of protection
A different PayPal scam email this week
This week, I received a different 'flavour' of scam email about PayPal.
This one alleges that a new email address has been added to my PayPal account!
Once again, don't be caught out by scams like this. the first sign is that it says Dear Customer.
The email address that it cam from was also dodgy.
But even it it did include my name and the 'From' address look legitimate, I would never click on the attachment or link in the email.
I would to to the PayPal website, log in from there, and check if there were any alerts or messages.
Please share your news of other scams
Have you received, or seen news of, another scam that you would like to warn others about? Please feel free to leave a comment about this scam, and we look at featuring it in a future article.
In honour of Seniors week in October, iTandCoffee will be hosting FREE one-hour information sessions on the topic 'Staying Safe Online'.
In these sessions, we will look at the various online threats, how to detect them, how to protect yourself and what to do if you get 'caught out'.
Two options will be available in the week 3-9 October;
Seniors card holders only. Bookings are essential - numbers are strictly limited.
Every week, there are new reports of major security breaches. Recently, there were reports that cloud storage company Dropbox was a victim of a major hack in which 68 million account email addresses and passwords were potentially compromised.
Here is an article about this breach from Macworld.
If you have a Dropbox account and have received the notification to change your password, I would strongly recommend that you act on this as soon as possible.
If you have not yet set up something called 'two-step verification' on your Dropbox account, now is the time to do this as well.
What is two step verification?
Apple has rushed out another security update for iOS (for our iPhones, iPads and iPod Touches), and has advised that devices should be updated as soon as possible.
iOS 9.3.5 apparently patches a potential security hole - one that, in reality, is unlikely to effect the likes of you and I, but one can never be too safe in this internet connected world.
Here is an article about this update from Macworld for those who want to read more:
"When used together, the exploits allow someone to hijack an iOS device and control or monitor it remotely. Hijackers would have access to the device’s camera and microphone, and could capture audio calls even in otherwise end-to-end secured apps like WhatsApp. They could also grab stored images, tracking movements, and retrieve files."
To apply this update, go to Setting -> General -> Software Update, and choose 'Download and Install' or "install'. Make sure you are connected to a WiFi network when you do this - updates cannot be done over 3G/4G.
Please beware of a scam that impacted an iTandCoffee client this week.
This client had recently moved into a house in Balwyn and had asked iTandCoffee to hook up her new Telstra modem/router so she could start using the internet service at the house.
This all went well and she had been accessing the internet without a problem. However, a few days later, she got her account from Telstra - and found that Telstra was now charging her for two Broadband services instead of one.
The wash-up of whatever conversation she had with Telstra was that her internet service was disconnected completely this week on Tuesday.
When this happened, she contacted me again for advice - which was that she would probably be best to brave the Telstra shop to see if they could help resolve whatever had gone awry. Painful, but probably better than trying to resolve this by phone.
'NBN' to the rescue - supposedly!
A subsequent text from this client the next day stated that she had decided she would 'ditch' Telstra, as she had just found out that, co-incidentally and almost miraculously, 'the NBN is coming on Thursday'.
This surprised me greatly, because I did not think that there were any plans in the near future for the NBN rollout in her area.
I double-checked this on the NBN website's rollout map, advised her of my concern that she had been advised incorrectly, and asked who had told her this.
When she finally texted me back, she said that she had just had 'the NBN man' at her house for over an hour. Not only that, she had arranged for him to come back tomorrow (Thursday 11th) to connect both her and her 90 year old neighbour to the NBN!
Apparently, this guy had come to her front door a week earlier, so she had decided to call him after the Telstra internet problem started.
I suggested that I was concerned it sounded very much like a scam. The company he said he works for has no website or entry in the White Pages.
Was it a scam?
Heeding this warning, the client called ScamWatch on 1300 795 995. She was advised to call the police immediately!
Needless to say, the NBN did not come to this poor lady's street on Thursday this week, and she will still need to visit the Telstra Shop to attempt to get her internet problems resolved.
Be alert to scams like this
As per the usual warnings in the iTandCoffee Blog and fortnightly Newsletter (subscribe here if you don't receive this yet - it's free), be suspicious of unsolicited door knockers, callers and emails.
It is always better to be safe than sorry. Visit the Scamwatch website to check for any known scams, or call 1300 795 995 to check. Alternatively, send iTandCoffee a query at email@example.com.
For more information about this particular scam, here is the Scamwatch article from last year .
You have probably all heard the younger generations referred to as the 'digital natives' - and many of us assume that being a 'digital native' equates to being 'tech-savvy'.
What does it mean to be a 'digital native'?
The website techopdia.com says
A digital native is an individual who was born after the widespread adoption of digital technology. The term digital native doesn't refer to a particular generation. Instead, it is a catch-all category for children who have grown up using technology like the Internet, computers and mobile devices. This exposure to technology in the early years is believed to give digital natives a greater familiarity withand understanding of technology than people who were born before it was widespread.
Our 'digital natives' understand the jargon of this technology-driven world, and are very quick and nimble at navigating their way around their mobile devices and, often, computers. They are right into social media and get so much of their information about the world from apps like Facebook and Twitter. For many, that's about where it ends.
Even digital natives can be caught out by scammers
When it comes to staying safe online and protecting their valuable devices and data, it can be quite frightening to see how un-tech-savvy (is that a word?) our digital natives can be.
Here's a case in point: In the last week, the 23 year old 'digital native' son of a client of iTandCoffee managed to get himself scammed by (supposedly) an 'Apple Support' call centre, who told him he had a virus on his computer that they needed to remove for him.
A screen locked up the web browser and advised of a virus
It had all started when he had been on a website that popped up a window that locked up his screen, and told him he had to call a 1800 number to get support - which, unfortunately, he did.
Apple has released an update that you should install on your Mac, iPhone and iPad (and iPod Touch) ASAP
You may or may not have seen that pesky little red '1' appear on your Settings app on your iPad and iPhone. Perhaps you have seen a message pop up asking you if you are ready to install an update to your iPhone or iPad. A similar message may have also appeared on your Mac.
This is because an important update was released by Apple about a week ago, to fix security hole that has been discovered. Here is an article on this topic:
Apparently, it is possible that a hacker could 'break into' your iPhone, iPad or Mac by sending a message that has an 'infected' image file in a particular format. Such an image could also be on a website that you access. When you open the nasty image, some malicious software could be downloaded and "corrupt the iPhone’s memory and access information such as website and email passwords".
To ensure that you don't fall victim to this issue, make sure to install the Apple-delivered updates to all your devices.
Here are some instructions for those who are not sure how to do this.
This weeks security update: Mac malware; Netflix scam text; Telstra lax security checks; Anti-virus software on mobiles
As usual, online security has been in the news. I dealt with several clients just this week who had been hit by scams or downloaded something nasty to their computer.
Here's this week's summary, with links to relevant articles.
There are some new Mac malware threats - but these are only threats if you have lowered the standard security on your Mac in System Preferences - Security & Privacy
As long as you leave your the 'Allow apps downloaded from' setting as 'Mac App Store' (maximum security) or 'Mac App Store and Identified Developers' (still good security), you should not pick up the sort of nasties described the following articles.
Do you need antivirus software on your mobile devices?
This is a question that I get asked on a regular basis. You certainly don't need any such software on an i-Device. As long as you only use the Google Play store, you should not need it on an Android device either. Here is an article on this topic.
Are Telstra's identity verification questions adequate?
I saw an article this week that covered a topic that has long concerned me - that Telstra's very basic questions that 'confirm' your identity make it very easy for someone to pretend to be you. You only need to provide your name, phone number email address and date of birth to confirm who you are. This article from The Age looks at how easy it can be to steal a person's identity by just knowing these basic details.
Beware of a fake Netflix text message
If you receive a message purporting to be from Netflix - asking you to confirm you login credentials - please just delete it immediately. Never tap/click on the link in an email and enter account details. ALWAYS assume a scam - this is the safest bet!
Call 1300 885 420
© 2012-2017 iTandCoffee Pty Ltd. All rights reserved