Tag Archives: security

the relative in trouble scam

Posted on by
Reply

The most recent AARP newsletter has an article about the “grandparent scam.” A retired person asked me about it and we had a good discussion about potential future variants of it. First of all, this isn’t new. In fact, AARP wrote about it four years ago. Some thoughts beyond what is in the article:

  • Never give any personal information or financial information if you didn’t initiate the phone call in the first place.  I’d say banks and such don’t call and ask for personal information except that one did. The solution was to call back to the known number of the branch.
  • Don’t rely on caller id. It can be spoofed with your child/grandchild’s phone number.
  • I’d like to think a grandparent/parent would recognize their child’s voice. But if not, ask questions. And not questions like your pets name or mother’s birth date. The former is likely on Twitter/Facebook. And mother’s birth date is in the public record so a horrible security question in any case.  I’m talking questions that are hard to search for an answer to if you don’t already know them like “remember when I visited you in Arizona two years ago” and see if they know that never happened. Or “what’s the last injury you had” since that is hard to search for.
  • Verify using another channel. Ask for a number to call back. The police or hospital or any legit emergency would give you one. (and verify this is the right number; don’t just call back.) Then call the person on their known telephone numbers. Call their relatives. Send a text. Odds are the person really is ok.
  • Don’t wire money or buy a pre-paid cash card or buy BitCoin to pay someone who called you. Hospitals take this lovely thing called a credit card. Even if someone is arrested, you can call a local bail bondsman and pay them and they will pay the local jail. (At least that’s what the internet says; I’ve never been in a position to find out if that is true!). Which goes back to you initiating the transaction.

The point that a lot of information is online is a good one. And that’s just what we know about. Think about how many websites have been hacked in the last five years. That means your “security questions” aren’t safe. Also, the “bad guys” don’t limit themselves to google. Paying for a background check would yield more info if someone wants to target you. And the dark web probably has all sorts of information.

 

What is a DDOS? Explaining it to your grandmother

Posted on by
Reply

After Friday’s internet attack, I had to explain what a DDOS (Distributed Denial of Service) attack was to my mother. She’s not so good with computers which is why her computer is a Chromebook. Here’s what I came up with:

Imagine I ring your doorbell and then run around the corner. You answer the door, but nobody is there. I do this every hour for six hours. Annoying right? Now imagine I recruit 100 people to do the same thing. Now your doorbell is ringing every 30 seconds. Eek! That’s a DDOS.

What do you think? Good analogy?

FIRST robotics 2017 background check and social security number

Posted on by
Reply

This year, when you register to volunteer with FIRST Robotics in VIMS, you get prompted to register in Verified Volunteers so they can do a background check. In particular to determine you don’t have a criminal history and aren’t a sex offender.  For the most part, this is straightforward. You give some minimal information about yourself. And FIRST pays the cost of the background check.US FIRST - V2

 

Wait? They want my Social Security Number?

The only thing in the background check that could be considered sensitive is your Social Security Number. FIRST doesn’t get this information if you choose to provide it. But Verified Volunteers does.

I have a “real” background check for my job. So I don’t have a problem with the concept of a background check. I’m not a big fan of providing unnecessary information though. Especially given the number of data breaches lately. Luckily, FIRST says you don’t have to provide it in their volunteer screening guide:

first-ssn

 

Wait, does this work?

Yes. I chose to check the “No SSN” button. I was screened within 48 hours.

How much does it cost?

As a volunteer, it costs nothing. It costs FIRST money though. $8 for the national screening. And since I am in New York State, they also paid $65 for a state one. This adds up fast. Which means FIRST is spending many thousands of dollars on background checks.

There is a thread on chief delphi about this. It’s hard to find the relevant info without reading the whole thread so putting up this blog post for easy reference.