In my daily check of my Apple News app, where I have set up a 'topic' that provides me with daily 'computing and information technology news', I saw a concerning article about the release of over 700 million email addresses online.  

For some of these email addresses, passwords were also available - hacked from who knows where!

Here is the article for anyone wanting to read about this:

• 711 million email addresses ensnared in "largest" malware spambot    

Have you been 'pwned'

​As mentioned in the above article, it is possible to visit a website that tells you if your email address is available on any known list of 'hacked' email addresses - including this new massive list.

The website is haveibeenpwned.com.  Just enter your email address to see if it is on any list.  

I was surprised to find my own iTandCoffee email address was on this new list!  It was not on any list last time I checked, so this leaves me wondering which of the many online services I use has been 'hacked'.

So as a precaution, I have changed my password for the impacted email account, and for other key accounts that use the email address.  

​Now I need to see where else I have used this email address, and decide if password resets are needed!  Ow.  

At least I have a different password for every online account, which minimises any 'damage' if anyone does have more than the email address. And I have put all these different passwords into my 'password safe' on my iPhone. This means that I always have easy - and secure - access to my passwords whenever I need them, either from my iPhone or iPad.

(If you are an iTandCoffee Club member, you can watch the members-only video about how to set up a password safe on your iPhone/iPad. Here is the link to this video» 
If you are not yet a member, find out more about The iTandCoffee Club here »)

How to change your online passwords

If you need to change your password for your various online accounts, here are links to the relevant pages on some of the important ones:

• Google:  myaccount.google.com/security
• Hotmail/Live/Outlook.com: account.microsoft.com
• iCloud: appleid.apple.com
• Bigpond: See the details on this Telstra webpage.  Note that, if you change your main account's password, you may need to change some modem settings (if you have an ADSL internet connection).
• Paypal - See details on this Paypal help page
• ​eBay - reg.ebay.com.au/reg/ChangePwd

Need further advice or help?

​If you need advice on how to change any other online passwords, just leave a comment below.  Or if you would like assistance with making changes to your passwords, book a time with iTandCoffee.  Book online here or call 03 9886 0814 or 1300 885 420.

This has been a common problem encountered by so many iTandCoffee clients.  In fact, we have already had seen two clients this week who have had the problem (and it's only Tuesday!).

Contact iTandCoffee on 1300 885 420 if you need help to solve this problem.

​If you are 'not so local' and are not yet a member, why not join The iTandCoffee Club to gain access to our huge library of great tips like this.​

I was reading the Innovic monthly newsletter this week, and it included a handy link that I thought readers of our own iTandCoffee newsletter might appreciate.

It is a link to a site that allows you to check if your email address (or username) has been found on a list of details stolen from various well-known websites - for example, Dropbox, LinkedIn, Adobe, Yahoo.

This various websites were compromised at different times over the past few years, and email addresses, passwords and other details were stolen.

I found my own email address was listed twice on the 'hacked' list - for LinkedIn and for Dropbox.  

I had already changed my password for these sites, but it was unsettling to see that I was 'on the list'.

Its worth checking your own email address, and then ensuring that you have changed your password details for any site for which you DO appear on the list.

Here is a link to the website:

• Have I been pwned? Check if your email has been compromised in a data breach

                                                               

There I was, happily writing this week's iTandCoffee Newsletter, when the following message popped up on my iPad's screen.

It would be very nice to be in London, but I am currently here in Melbourne!  So just who was trying to sign in to my Apple ID on an iPhone in London??

I, of course, chose Do Not Allow and promptly changed my iCloud password, forcing all devices associated with my iCloud to be signed out (as a precaution).

Thank goodness I had two-factor authentication set up on my Apple account so that, even if someone had gotten access to my password (which I can't believe they did!), they would not be able to break into my account without my iPhone or iPad. 

Have you set up Two Factor Authentication on your iCloud account yet? If not, it's time to think about doing this - not just on your iCloud account, but on ALL of your online accounts.

If you need help with this, talk to iTandCoffee on 1300 885 420.

The last few weeks have seen lots of articles in the press about two terms that are a 'glorious mystery' to most readers of this blog.  I have also had very regular questions about these things from clients.

​They are NBN - National Broadband Network and VPN - Virtual Private Network.

Let's look at each in turn, and at some articles that have appeared recently about these services.

• What services will be switched off? | nbn - Australia's new broadband network ​

A client who lives near us in Camberwell has received a letter from Telstra advising that NBN will soon be available and that she would need to switch.   We have received that same letter.

Given that she currently has a Telstra cable broadband connection (as do we), she wondered if she needed to do anything - given that she had heard that the Telstra cable broadband network will be retained as part of the NBN.

While this is correct, the Telstra cable broadband network has been sold to NBN.  This means that all Telstra cable customers must change to NBN when it becomes available in their area.  The Optus Cable network is being decommissioned completely - so Optus cable clients must also change.

The same applies for anyone that has an ADSL connection to the internet - you MUST switch to the NBN once you receive notification that the NBN is available in your area.  If you don't you will risk being disconnected.

Even if you don't have internet to your home, you are still impacted by the NBN if you have a phone - landline phone connections are also moving to the NBN.

You can stick with your current Telco, but it is probably a good time to consider who will give you the best price and service.

I know that, when it comes time for this household to switch, I will be taking a very close look at who provides the best deal and won't necessarily be sticking with Telstra as my provider.  In this family we need unlimited downloads and fast speed - and it will be a case of who can provide these for the lowest cost.

And I will doing a 'self-install' of any equipment that needs to be installed in my home - to save myself the $240 installation fee that Telstra would charge to send someone to do it for me.  

(iTandCoffee can assist clients with this install - our fee is nowhere near that of Telstra! Call 1300 885 420 if you want to discuss this option with us.)

​For those of you who want to read a bit more, here are some recent articles and information about the NBN and the two major Telcos.   

• What services will be switched off? | nbn - Australia's new broadband network ​​

​Articles about/from Telstra

• Telstra says Australians are being 'misled' on NBN
• How to connect to NBN
• How to self-install your NBN device

Articles about/from Optus

• Optus threatens disconnection to sign up NBN customers and fast-track HFC cable shutdown                                                                
• Optus killing pay TV in NBN-ready areas, what are the alternatives?
• Optus cutting off customers without warning, blaming NBN

The issue of how to stay safe when travelling - and when using Public Wi-Fi networks - comes up regularly at iTandCoffee.  (We cover this topic in the Travel with your iPad, iPhone and other technology class, which will next run on Friday 24th March at 10am.  Places are still available if you would like to join us - find out more here ›)

We are regularly seeing and hearing in the press that using public Wi-Fi networks is, in some cases, how people get 'hacked' - how they have their private information stolen, their online account compromised, and/or their money stolen.

Lately there has been an advertisement playing regularly on the radio about a new product from Norton, one that is supposed to keep you safe when using public networks.

The solution offered is to use a VPN whenever you use a public Wi-Fi network.  

But what is a VPN - or Virtual Private Network?

A VPN provides a layer of protection for any communications you have across the internet.  

When a VPN is installed and active on a device, it ensures that any data sent across the internet from that device (or received to that device) is 'encrypted' - scrambled, so that no-one can read this data (unless they are supposed to!).  It is like creating a secure 'tunnel' through which your data can travel - a tunnel that others cannot break into.

Here are some articles that describe the concept of a VPN, and give some options for those thinking about getting a VPN, or an alternative product that can help protect their online life while 'on the go'.

If you would like to find out more about VPNs and how to set one up, let us know using the below form.  If we get enough interest we will run a class - otherwise, we will get in contact with you about arranging one-on-one assistance (should you decide you need it).

A client who visited iTandCoffee this week had been unable to access her iTunes account on her Apple TV since she upgraded her iPhone to iOS 10 and activated the security feature called 'two-factor-authentication' on her Apple account - something that Apple really pushed us all to do when updating our devices to iOS 10.

Her Apple TV kept giving her the error message that her iTunes password was not correct, even though she knew it was - and that password still worked fine everywhere else.  

​Each time she tried to sign in on the Apple TV, she got a message on her iPhone saying that there was an attempted sign in.  Even if she chose 'Allow' and got the 6-digit code on the iPhone, the Apple TV did not give her an opportunity to enter that code.

The good news is that there is a solution to this, one that provides a way to sign in to an Apple iTunes or iCloud on a device that is not giving you an option to enter the 'two-factor-authentication' code

We have added a 'Handy Hint' for iTandCoffee Club members on how to fix this problem.  It is now in the Handy Hint Library - select the link below to view this hint.

Contact iTandCoffee on 1300 885 420 if you need help to solve this problem.

​If you are 'not so local', why not join The iTandCoffee Club to gain access to great tips like this.

If you have you been confused about why Apple sometimes shows that your device is in some other location, you are not alone.

In particular, the message says that 'Your Apple ID is being used to sign in to a device near ...' and shows a location that is (usually) in your current city somewhere, but just not necessarily at your current location.

This is one that iTandCoffee deals with regularly.  In a very recent example, Messages was failing to complete activation because the owner of a new iPhone 7 Plus was choosing the wrong option when shown a message on her iPad - a message indicating that someone was attempting to access her account 'near St Kilda Rd'.  

This was confusing, given she lives in Clayton - so she chose 'Don't Allow' every time it popped up.

Why do I get a message that shows a sign-in has been requested at some other location?

A warning again to iTandCoffee clients and subscribers about staying safe online over the Christmas and New Year Period ...

If your iPad, iPhone, Mac or Windows computer (or any other device, for that matter) pops up a scary message saying that you have a virus and that you need to call a 1800 number, please DON’T CALL THE NUMBER.

I know I've mentioned this one only recently on this blog.  

I am including it again beause yet another iTandCoffee client was almost caught out by this scam this week.  Luckily the call to the number did not go through, and she contacted me before any damage was done.  But her Mac did pick up some nasty Adware that we had to remove.

PLEASE DO NOT CALL THE 1800 NUMBER if you get such a message on any of your devices or computer.

The scammers are trying to 

1. Get you to let them 'remote login' to your Windows or Mac Device so that they can 'prove' you have a virus by showing you something that is not really a virus.  They will be very insistent!  (Note.  They cannot 'remote into' your iPad, so they will probably just try to insist that you have some sort of problem.)
2. Steal information from your computer and see what you type.  If you are on the internet and the software they installed remains on your computer, they will retain this remote access until you remove it.
3. Get you to hand over credit card details so that they can charge you for fixing the non-existent problems on your computer or mobile device.  Rest assured, they will find LOTS of non-existent problems that will be VERY EXPENSIVE to fix!
   
   

Here are are some past articles that tell you what to do if your web browser does get locked up by one of these scams, and how to get rid of any malware/adware that you may have inadvertently picked up:

• What do do if your browser gives you a message saying you have a virus and to call a 1800 number
• Help! My iPad's Safari has been locked by 'ransomware'. 
• New Malware/Adware detection and removal product for Mac
• Macs can catch viruses too!
• How to deal with a Mac web browser that has been hijacked by ads!
• What do you do when your Windows computer's web browser is hijacked by Ads

Need help?

If you are concerned you have been caught out by this, or need help to sort unlock your browser or deal with adware/malware, please contact iTandCoffee to make an appointment.  

We can walk you through what to do over the phone, or in-shop at 34 High Street Glen Iris, Victoria.  If you are in Melbourne, we can do a home visit to help sort you out.  

(Please note that charges apply for all appointments.)

Dianne S asks:  "Would you recommend we renew our Trend Micro internet security, or do you believe there is a better one?"  

Dianne had initially used the anti-virus product that came with her Windows 10 computer, but now wonders if that is the best one to use - and pay for - in future.

When it comes to anti-virus protection on your Windows computer, the product you choose really depends on who is using the computer, the sort of things you/they are doing on the computer, whether you have kept your Windows and browser software up to date, and whether you have any nasty browser plug-ins like Java.

Have you ever seen a message like the one shown in this image, when looking at posts on Facebook on either your iPad or iPhone?  

​I got the message shown here just recently, when looking at an article about The Bachelorette (yes - confession time - I watched it!).

I DEFINITELY don't want to tap OK, as I know that a message such as this is a scam.

​However, there appears to be no way to get rid of the message other than pressing OK, as any other navigation options in Facebook are not available until I clear this message.

So what do I do?

I simply close the app from the Multi-tasking screen.  

To bring up the Multi-tasking screen, I double-press (quickly) on the Home button to see a screen that shows all the apps that I have been running recently.

I then find the Facebook app (swiping left-to-right to bring it to the centre of the screen), then swipe it upwards to close it.

Once I have done this, I can re-open Facebook and continue browsing normally - that suspicious screen has disappeared.

If such a screen appears when you are browsing in Safari, a different set of actions is required.  

​Check out another iTandCoffee article on this topic for further information about what to do in this case.

• ​What to do when Safari is locked up by a nasty screen             

Imagine what it would be like to lose all your family's digital photos and other important documents that are stored on your computer, especially those relating to a recently departed loved one.

Sadly, this is what has happened to an iTandCoffee client just this week.

This poor woman, who is an AGL customer, was caught out by the AGL Email Scam - a scam email that look very legitimate, and that has been 'doing the rounds' for months now, catching out tens of thousands of people.

Don't be caught by the AGL Email Scam (or others like it)

The AGL scam email is particularly nasty.  I looks like a real AGL monthly bill notification.

Those who click on the mail message's attached .zip file on their Windows computer (as this lady did) will find that all their files suddenly become inaccessible, locked up by a 'ransomware' virus called 'Cryptolocker'.  (This .zip file does not work on Macs, iPads, and iPhones, so does not cause the same damage.) 

A message appears, asking that a ransom be paid - an amount of around $800.  This will supposedly then release all the files and allow the victim to continue using their computer.

Unfortunately, even if the ransom is paid and the files are unlocked, the computer may still be infected with the virus and the criminals will be able to continue monitoring the computer and tracking keystrokes - meaning that further theft of money and private information could occur.  

Here is an article about this AGL scam, for anyone who has not heard of it and the damage that it does.

What can be done if you are caught out by this ransomware?

For those who are 'stung' by this nasty virus, the best solution is to restore from a backup.  Unfortunately, so few people actually do backups of their computers - including this particular lady. 

So, what can this lady do to retrieve all her precious photos and files if she has no backup?  Sadly, it is unlikely that she can if she does not pay the ransom.  

Her best bet before she does anything is to consult an IT professional who can advise on whether there is any chance of retrieving her precious files.  

If she decides to pay the ransom and gets access again to her data, her photos and files should be saved to an external hard drive.  Her best bet then would be to have her computer wiped and the operating system re-installed, to start with 'a clean slate'.

iTandCoffee can assist with this - just call 1300 885 420 to find out more.

Are you backing up your computer?

If you are not doing a regular backup of your computer, you are putting yourself at serious risk of losing everything that is stored on that computer.

Just this week, iTandCoffee has seen two clients who have suffered computer problems and have not had backups.  The stress that this causes is enormous - especially when it comes to lost photos.

Don't put it off!  Start backing up the precious data on your computer, iPad, iPhone or other device today.

If you don't know how, it's time to arrange an appointment at iTandCoffee.  We can advise on the options and help you set up this essential protection for your valuable data.

Book an appointment online or call 1300 885 420.

For those of you with Yahoo email accounts, make sure your read this article about the theft of the account details at least 500 million users by hackers.

• Yahoo confirms hack, says data on 500 million users was stolen

​The article says that email addresses, passwords and maybe even security questions and answers were stolen, which may put Yahoo users at serious risk of having other accounts hacked - especially if the same email address and password was used elsewhere.

If you have a Yahoo email address, consider updating your security across all your online accounts.  

​Here is another article published recently on the topic of online security: How to stay safer online - adding an extra layer of protection

This week, I received a different 'flavour' of scam email about PayPal.

This one alleges that a new email address has been added to my PayPal account!

Once again, don't be caught out by scams like this.  the first sign is that it says Dear Customer.

The email address that it cam from was also dodgy. 

But even it it did include my name and the 'From' address look legitimate, I would never click on the attachment or link in the email.

I would to to the PayPal website, log in from there, and check if there were any alerts or messages.

​

Have you received, or seen news of, another scam that you would like to warn others about?  Please feel free to leave a comment about this scam, and we look at featuring it in a future article.

In honour of Seniors week in October, iTandCoffee will be hosting FREE one-hour information sessions on the topic 'Staying Safe Online'.

In these sessions, we will look at the various online threats, how to detect them, how to protect yourself and what to do if you get 'caught out'.

Two options will be available in the week 3-9 October;

• Monday 3rd 10-11am or
• Wednesday 5th 10-11am.

Seniors card holders only.  Bookings are essential - numbers are strictly limited.

Every week, there are new reports of major security breaches. Recently, there were reports that cloud storage company Dropbox was a victim of a major hack in which 68 million account email addresses and passwords were potentially compromised.

Here is an article about this breach from Macworld.

If you have a Dropbox account and have received the notification to change your password, I would strongly recommend that you act on this as soon as possible. 

If you have not yet set up something called 'two-step verification' on your Dropbox account, now is the time to do this as well.  

What is two step verification?

Apple has rushed out another security update for iOS (for our iPhones, iPads and iPod Touches), and has advised that devices should be updated as soon as possible. 

iOS 9.3.5 apparently patches a potential security hole - one that, in reality, is unlikely to effect the likes of you and I, but one can never be too safe in this internet connected world.

Here is an article about this update from Macworld for those who want to read more:

• Apple advises immediate update to iOS 9.3.5 after discovery of targeted iPhone spyware - Macworld Australia      

This article includes the following paragraph describing the potential threat.                                                        

To apply this update, go to Setting -> General -> Software Update, and choose 'Download and Install' or "install'.  Make sure you are connected to a WiFi network when you do this - updates cannot be done over 3G/4G.

Please beware of a scam that impacted an iTandCoffee client this week.

This client had recently moved into a house in Balwyn and had asked iTandCoffee to hook up her new Telstra modem/router so she could start using the internet service at the house.  

This all went well and she had been accessing the internet without a problem.  However, a few days later, she got her account from Telstra - and found that Telstra was now charging her for two Broadband services instead of one.

The wash-up of whatever conversation she had with Telstra was that her internet service was disconnected completely this week  on Tuesday.  

When this happened, she contacted me again for advice - which was that she would probably be best to brave the Telstra shop to see if they could help resolve whatever had gone awry.  Painful, but probably better than trying to resolve this by phone.

A subsequent text from this client the next day stated that she had decided she would 'ditch' Telstra, as she had just found out that, co-incidentally and almost miraculously, 'the NBN is coming on Thursday'.

This surprised me greatly, because I did not think that there were any plans in the near future for the NBN rollout in her area.

I double-checked this on the NBN website's rollout map, advised her of my concern that she had been advised incorrectly, and asked who had told her this.

When she finally texted me back, she said that she had just had 'the NBN man' at her house for over an hour.  Not only that, she had arranged for him to come back tomorrow (Thursday 11th) to connect both her and her 90 year old neighbour to the NBN!  

Apparently, this guy had come to her front door a week earlier, so she had decided to call him after the Telstra internet problem started.

I suggested that I was concerned it sounded very much like a scam.  The company he said he works for has no website or entry in the White Pages.

As per the usual warnings in the iTandCoffee Blog and fortnightly Newsletter (subscribe here if you don't receive this yet - it's free), be suspicious of unsolicited door knockers, callers and emails.  

It is always better to be safe than sorry.   Visit the Scamwatch website to check for any known scams, or call 1300 795 995 to check.  Alternatively, send iTandCoffee a query at scamwatch@itandcoffee.com.au.

For more information about this particular scam, here is the Scamwatch article from last year .

You may or may not have seen that pesky little red '1' appear on your Settings app on your iPad and iPhone.  Perhaps you have seen a message pop up asking you if you are ready to install an update to your iPhone or iPad.  A similar message may have also appeared on your Mac.

This is because an important update was released by Apple about a week ago, to fix security hole that has been discovered.  Here is an article on this topic:   

• ​iPhone bug allows hackers to steal passwords with just a text message – update now to protect yourself

Apparently, it is possible that a hacker could 'break into' your iPhone, iPad or Mac by sending a message that has an 'infected' image file in a particular format.  Such an image could also be on a website that you access. When you open the nasty image, some malicious software could be downloaded and "corrupt the iPhone’s memory and access information such as website and email passwords".

To ensure that you don't fall victim to this issue, make sure to install the Apple-delivered updates to all your devices.  

​Here are some instructions for those who are not sure how to do this.

As usual, online security has been in the news.  I dealt with several clients just this week who had been hit by scams or downloaded something nasty to their computer.

Here's this week's summary, with links to relevant articles.

Mac Threats

There are some new Mac malware threats - but these are only threats if you have lowered the standard security on your Mac in System Preferences - Security & Privacy

As long as you leave your the 'Allow apps downloaded from' setting as 'Mac App Store' (maximum security) or 'Mac App Store and Identified Developers' (still good security), you should not pick up the sort of nasties described the following articles.

• How to avoid Mac malware by using Gatekeeper and common sense - Macworld Australia
• New Tor-powered backdoor malware, Backdoor.MAC.Eleanor, targets Macs - Macworld Australia

Do you need antivirus software on your mobile devices?

This is a question that I get asked on a regular basis.  You certainly don't need any such software on an i-Device.  As long as you only use the Google Play store, you should not need it on an Android device either.  Here is an article on this topic.

• Is it antivirus software, or snake oil? 

Are Telstra's identity verification questions adequate?

I saw an article this week that covered a topic that has long concerned me - that Telstra's very basic questions that 'confirm' your identity make it very easy for someone to pretend to be you.  You only need to provide your name, phone number email address and date of birth to confirm who you are.  This article from The Age looks at how easy it can be to steal a person's identity by just knowing these basic details.

• Telstra customer Sue King had her identity stolen with three simple questions 

Beware of a fake Netflix text message

If you receive a message purporting to be from Netflix - asking you to confirm you login credentials - please just delete it immediately.  Never tap/click on the link in an email and enter account details.  ALWAYS assume a scam - this is the safest bet!

• AMCA warns of text message scam targeting Netflix users - myGC.com.au

                                                         

A client who is travelling contacted iTandCoffee this week about a Hotmail issue she suffers when she travels.

This very same issue - where Hotmail locks a mail account if the user is more that 300km from their 'usual' location - happened to my daughter only recently, when we travelled to Vietnam during the June/July 2016 school holidays.  

Whenever she went to use her Mail app, her Hotmail emails could not be retrieved.  Additionally, she would get an email sent to the account's 'rescue email', saying that the account had been locked for security reasons.  She got a new email each time she move to a new city during out trip

This problem is not unique to Hotmail.

Find out more about this issue, and what you can do to ensure that you don't lose access to your email, in this Handy Hint for iTandCoffee Club members.

• How I ensure that I am not 'locked out' of my mail account when I travel?

Not yet a member of The iTandCoffee Club?  It is only $30 per year.  Not only does it help fund this free newsletter, it also gives you access to a huge library of handy hints and tips, videos of iTandCoffee classes, free guide offers, and more.  Find out more here.