Greetings, friends & neighbors! I haven’t posted in awhile, mostly due to the a crazy year I’ve had (we’ve all had, I should say), and I thank you all for your patience. I’ve decided to focus this post on all the various security news of late (aka, lack of security!)
Any of you who have followed my newsletter/blog for any amount of time will be familiar with my urgings on this topic. I’m afraid I’ve just seen way too many people get scammed in one way or the other, and I’m sure what I’ve seen is truly the proverbial tip of the iceberg. And unfortunately, the truth is that things just keep getting worse. There’s so much to say on this topic, but I’ll try to keep it to a few highlights, ones that are good examples of why we need to be more cautious than ever.
First off, if you haven’t heard, the software known as Adobe Flash Player is now officially dead. It’s been on the way out for years, really since Steve Jobs famously said that Apple wasn’t going to support the technology on iPhones when they first came out. Flash was always problematic; it was highly vulnerable to exploits by hackers, and it was famously inefficient from an energy use perspective. Jobs said that he wasn’t interested in having it ruin the battery life of Apple’s new device, and the constant stream of updates required to keep it secure was just the final nail in its coffin. And it’s the latter that made it such a great vector for hackers in recent years. We all became so trained to click “update” whenever we saw the ubiquitous “You need to update your Flash Player plugin” messages every few weeks or so, that the hacking/scamming community realized that they could package their malware as a Flash update, and have an easy way to get millions of users to download and install their malware. To this day, when I work on a client’s computer, I often find anywhere from a few to dozens of such downloads on their machine, and Malwarebytes then finds at least a few things to purge from their system. Bottom line: don’t fall for that message anymore, as Flash is dead!
Secondly, I’ll link to an article at MacWorld that explains what you should do when you get those random Apple ID/iCloud sign-in requests. They’re way too common, and totally annoying, but you really need to deal with them in order to get them to go away. But first you should confirm that they’re legitimate. Read this article to learn more, and call me if you have questions about messages you’re getting on your device(s): How to check if an unexpected prompt for your Apple ID password is legitimate
Third, I’m still hearing of way too many folks falling for tech support scams. One very common vector for these is when your printer (or some other peripheral) starts acting up, and you google the number for that manufacturer’s tech support line. Unfortunately, depending on the search engine you’re using (but they all do this to on extent or another), it’s all too possible that you’ll get a paid ad which is actually a scam site. If, for example, you google the term “epson printer support phone number”, as I just did, one of the first links is for “https://www.epsonprintersupportpro.net”, and there’s a number there for you to call. [If you want a laugh, you really should read some of the text on that page; it’s so obvious that they’re not legitimate, it’s hilarious.] Anyway, were you to call that number, I can almost guarantee that you’d get a ‘support rep’ that will insist that he needs to get on your computer remotely in order to check your software. He will then show you a program called Console, that’s on every Mac, and which outputs odd sounding messages constantly. Software engineers use Console to troubleshoot their programs. Well this guy will tell you that those messages show that there’s something terribly wrong with your computer, and you need to pay him something like $350-500 in order for him to repair these problems for you. Sigh… I get calls from people who’ve just had experiences like that all the time!
The lesson is, make sure that you’re calling the manufacturer, not some imposter. Do whatever you can to confirm that. Hint: the site is almost certainly something like epson.com or hp.com, not epsonprintersupportpro.net! Secondly, don’t ever let someone connect to your computer remotely unless you’re absolutely certain they’re legit. I’ve been using Screen Sharing to help many of my clients remotely during the pandemic, but my clients know who they’re dealing with. 🤓 Apple uses the same tool, but again, you simply need to make sure you’re talking to Apple, by going to apple.com and starting the process there (or calling 800-275-2273, their real support line).
As the tech world continues to get crazier and more out-of-control, seemingly by the day, it’s increasingly important that we all remain vigilantly wary in our online interactions. Better safe than sorry, right?
On a happier and more exciting front, I have a goal this spring to provide more video content to you all (as much as I can find time for anyway) via my Vimeo On Demand page. Everything from short tutorials recorded on my iPhone, to more full-length classes on topics such as Pages, Numbers, Keynote, etc.
That’s about it for now. 😊 Stay tuned, stay safe & stay well!
John