A few months ago, I tried to log in to one of my online accounts and was stopped by a weird test to prove I was human. Instead of the usual tasks of checking a box or picking out all traffic lights in a photo, this test, or CAPTCHA as they’re called, told me to […]
Don’t Click ‘Allow’ If You Are Not a Robot Read More »
About a month ago, my husband, Erich, received an Amazon package he didn’t order. Inside was a low-quality red scarf patterned with gold tassels. I assumed a friend had sent it as a gag gift and quickly forgot about it. Ten days later, another unordered Amazon package arrived. When Erich opened it, he found the
Watch Out for the “Ugly Scarf” Amazon Scam! Read More »
According to a survey I ran, receiving a code via text is the most popular type of two-factor authentication (2FA). Security conscious Twitter users were therefore probably disappointed to learn that SMS 2FA will only be available to Twitter Blue subscribers from March 20th. However, non-Twitter Blue subscribers can still protect their accounts with 2FA
How to Protect Your Twitter Account with Security Keys Read More »
Yesterday Elon Musk unveiled his latest attempt to monetize Twitter: paywalling SMS-based two-factor authentication (2FA). Per Twitter’s blog post, “accounts with text message 2FA still enabled will have it disabled” on March 20th, unless they are a Twitter Blue subscriber. Twitter’s blog post emphasized SMS-based 2FA’s security problems as the reason behind the change. However,
Twitter to Paywall SMS-Based Two-Factor Authentication Read More »
Last week, Namecheap’s official email accounts were used to send phishing emails to the domain registrar’s customers. One such message asked recipients to pay a fee so DHL could deliver their parcel. Another instructed recipients to submit personal information to stop their MetaMask accounts from being closed. Fortunately, sharp-eyed users noticed something amiss when they
Namecheap Customers Receive Phishing Emails Read More »
Online discussion forum Reddit reported on Thursday that its systems had been breached following a sophisticated phishing attack. In the breach notification, Reddit CTO Christopher Slowe, aka KeyserSosa, explained that the hacker “sent out plausible-sounding prompts pointing employees to a website that cloned the behavior of [Reddit’s] intranet gateway, in an attempt to steal credentials
Two-Factor Authentication Bypassed in Reddit Breach Read More »
In the previous post, we saw SMS is the most popular form of two-factor authentication (2FA). But while SMS-based 2FA offers much more protection than just a password alone, you should switch to an alternative form of 2FA if possible. Here’s why: Reason # 1: SMS-based 2FA is not secure If you use SMS-based 2FA,
4 Reasons to Stop Using SMS-based Two Factor Authentication Read More »
A couple of weeks ago, I found myself wondering what the most popular form of two-factor authentication (2FA) is. Is it the least secure but temptingly convenient SMS-based 2FA that sends you a code via text? Or the more secure but somewhat cumbersome authenticator app that generates codes on your phone? What about the ultra-secure
What’s the Most Popular Form of Two-Factor Authentication in 2023? Read More »
Enabling two factor authentication (2FA) on your accounts is one of the best ways to keep them safe. But 2FA is not bulletproof. In this post we’ll look at four ways cybercriminals can bypass it and what you can do to protect yourself. How secure is 2FA? Let’s start with a reminder about how 2FA
4 Ways Attackers Can Bypass Two-Factor Authentication and How to Protect Yourself Read More »
T-Mobile has yet again suffered a data breach, this time affecting 37 million customers. The company reported in a press release that criminals pilfered customer names, addresses, email addresses, dates of birth and account numbers by abusing a piece of software called an API that allows computer programs to talk to each other. T-Mobile emphasized
What You Should Do After T-Mobile’s Most Recent Data Breach Read More »
Note: I was not paid to write this review, and this post does not contain affiliate links. I’m writing it because I really like the service and think more people should know about it! It’s a familiar story. You sign up for an account with a website and hand over your email address. Sometime later,
SimpleLogin Review: An Easy Way to Protect your Email Address Read More »
