This CBSNews.com article reveals which e-commerce sites protect your password, in other words, which ones prevent you from such issues as: allow the use of weak passwords such as “123456” or “password”; being able to enter the same incorrect userid/password combination multiple times; enforce the usage of strong passwords; or send you updated passwords in plain text in e-mails.
The thing we ALL have to remember is that ultimately, WE are responsible for OUR own security. No one is going to do it for us. No e-commerce site is going to do it for us. WE have to create our own secure passwords. WE have to keep track of them. I’ve already recommended on this blog the need to use a password manager like Lastpass.com or Keepass. They are readily available tools that allow us to keep track of all of the many passwords we have to use. Another valuable tool you can use to see if your password is secure enough is www.passwordmeter.com, which actually scores your passwords based on an algorithm that records the number of upper case and lower case letters, special characters, and digits that are in your password. I recommend that everyone use this tool as well. You’ll find the results quite interesting, and then you’ll probably end up changing your password(s) based on your findings.
Beware of the one-ring scam
As scams go, this one is very stealthy, clever, and dangerous. How often do we see a phone number for a missed call pop up on our smartphone, and think of calling that person back? Well, if that person isn’t in your phone book, you had better think again. Just calling that phone number could send you to a foreign porn site, and end up costing you a LOT of money. The article gives some very good advice from the Better Business Bureau (BBB):
The BBB said the scam calls usually come from outside the United States, including from numbers with area codes 268, 809, 876, 284 and 473.
Now, we all know that not all of the potential contacts we have (or need) are in our smartphone’s contact list. Maybe you are waiting for a call from a potential employer, or a potential client, and you haven’t added them into your contacts list. But, as the article points out, you could paste that phone number into the site whocalled.us I pasted both my smartphone’s number and my home number into that site. While both results didn’t state who I am, they both came back with the correct registrant of my phones.
The best advice is the same advice I have for potential victims of spam, especially spam stating that your account (usually your bank account) has been compromised. You have to ask yourself:
- “Do I even have an account with this bank?”
- If the answer to that question is yes, then you must ask “am I expecting such an e-mail?” And . . . “would my bank even contact me this way?”
If you don’t know who the phone number is from, then just delete it from your phone log and your phone message box. If the caller really is someone important that isn’t stored in your contacts list, the caller will get back with you.