Meierj Computer Services Inc.

Highly recommend this podcast series "Scam Inc.", even though it requires a paid subscription.

Cyberscams have become more profitable than the drug trade. Organized crime has years of experience in honing their skills at something they refer to as "Butchering the Pig" which is more lucrative than the drug trade because a well orchestrated scam can take all the wealth of an individual, family, or even business.

Scam Inc. from Economist Podcasts+ Uncover a predatory, multi-billion-dollar industry emerging from the shadows.

Windows Vista was easilyy the most hated version of Windows in the last 20 years, and possibly of all time. A significant part of that hatred was mis-guided, and it was an easy and convenient target for any and all computer related frustrations during it's era. including the significant change that Microsoft made to the UI in Microsoft Office 2007 where they introduced toolbars instead of classic menus.

Here's a Great Example of why password re-use sooner or later burns people. Ticketmaster has (allegedly) had customer records stolen numbering over 500 million. Because password re-use is so common, fraudsters, will go through that list and try the passwords in the list with the associated e-mail accounts, first with the actual e-mail sites, (Hotmail/Outlook.com/G-Mail/Yahoo or work or school e-mail), and then with other sites.

We saw this happen recently with a client whose Hotmail account was breached (through password re-use). The fraudsters accessed their mailbox through a leaked list, (lots of sites have had their login and account info breached over the years), went through their mailbox to see what all accounts they had, went into those accounts, and reset a bunch of the passwords for those accounts, including to their Aeroplan and PC Points accounts, which they cleaned out. And, (As near as we can tell), after resetting Instagram and Facebook login credentials, renamed both Facebook and Instagram, so that the original owner can't find them to claim them, and then re-created an Instagram Account with the original name, but no data.

The original Facebook and Instagram accounts will probably never be recovered, but will be either sold, or used for some kind of fraudulent use such as "Click here to see naughty pictures of me", but are loaded URL's" that will steal their authenticated login tokens for their social media, and/or e-mail accounts, thereby negating password or 2 factor protections.

With the accounts that they take over from these schemes, they will examine the account contents to see what information or relationships that they can leverage. If it's social media, they will either approach contacts with scam URL's that will enable them to take over their accounts, or rename and re-sell the accounts and repeat the process.

If it's an e-mail account, they will examine it to see what accounts they may be able to unlock with it, such as points accounts (Air Miles, Aeroplan, PC Points, etc) And they will likely see if there are business transactions that take place through the account, in case there is a chance to hijack a transaction with a last minute change of payment request, to their own account. If the account looks promising, they stay quiet and lurk, and monitor the account, waiting for an opportunity. If not, they setup an sorting rule that either deletes all incoming e-mail, or moves all replies to the RSS folder. Than they send out a phishing e-mail to all of the contacts for that mailbox. Because the replies and blocked messages don't show up in the inbox, the user doesn't realize that anything is wrong until it becomes obvious that "I'm not receiving any e-mail!".

Most of the recipients will either be too savvy to fall for the phish, or their mail server will identify the message and reject it. But a few contacts will fall for the phish, and the fraudsters will start by examining the mailbox to see what's in it, and restart the cycle again.

Ticketmaster hacked. Breach affects more than half a billion users. Emails, phone numbers, addresses, and even financial details have allegedly been exposed by a notorious hacker group.

No matter how many times people have heard to strengthen passwords and not re-use them, probably 75% of the time, people still re-use the same passwords and/or make minor changes.

I think think 2024-2025 is going to be filled with a lot of regret for a high percentage of people still doing this.

FYI: On new passwords, we are aiming for a minimum of 30 characters.

Do m2fa wherever possible and to an authenticator app is more secure than via txt message.

Sometimes serving our clients means helping them unlock their Aeroplan account that has hundreds of thousands of points in it, that is tied to an old business e-mail account that was cancelled with Telus service years ago.