Post is pinned.
Welcome to My Google Account and Online Security/Privacy Tips Collection!

What you will find here is a mixture of information about your Google account itself as well as tips on how to remain safe online and to protect your personal information.

My Other Google-Related Collections
If you find this collection interesting, you will probably also be interested in the following:
-- Google/Alphabet News (https://plus.google.com/collection/wVYPa) is where I share news about Google/Alphabet and announcements about Google/Alphabet offerings.

You might also be interested in one or more of the following collections, which contain tips on using specific Google products. I separated them into groups so that you can choose only to receive tips for product areas you are interested in.
-- Google+, Photos, Hangouts, & YouTube Tips (https://plus.google.com/collection/I9VRI)
-- Gmail, Inbox, Contacts, Keep, & Calendar Tips (https://plus.google.com/collection/oJnPa)
-- Google Drive, Docs, Sheets, and Slides Tips (https://plus.google.com/collection/AyhRI)
-- Android, Mobile Device, and Google Cardboard Tips (https://plus.google.com/collection/42amI)
-- Chromebook and Chrome Browser Tips (https://plus.google.com/collection/QCHra)

My Other Topic-Oriented Collections
In addition, I have a variety of collections on other specific topics:
-- Wellness (https://plus.google.com/collection/AfyWI) has posts about keeping yourself healthy and health-related issues.
-- Qi Healing and Chinese Medicine (https://plus.google.com/collection/cY9tP) is pretty self-explanatory. I am a Qi Healer. This is where I share information about that. (The collection is just getting off the ground, so you won't find too much there yet.)
-- For Writers (https://plus.google.com/collection/IPoTa) has posts which would probably be interest to you only if you are an author or would like to become one.

My General-Interest Collections
The three collections in this group are closely related in the sense that the posts can be on a wide range of topics, but they have slightly different themes.
-- Just for Fun (https://plus.google.com/collection/c4dwV) has a variety of posts which are all about having fun or are simply fun themselves.
-- Ideas to Ponder (https://plus.google.com/collection/g_bPa) also has a random variety of posts, but they're on topics I found to be thought-provoking.
-- Random Stuff that Interests Me (https://plus.google.com/collection/oKeUI) has a similarly random variety of posts that don't fit into either of the collections above. The common thread is that I found them interesting.

And finally, there is A Bit about John Skeats (https://plus.google.com/collection/oPoQa). If you'd like to get to know the guy behind all of the above, this is where I share a posts of a more personal nature.

Of course, if you find a lot of these interesting, you could simply follow my profile and unfollow any collections you aren't interested in.
Add a comment...

Post has attachment
SECURITY ALERT: Serious Wi-Fi Flaw Puts You at Risk When Using Wi-Fi

Researchers discovered an extremely serious flaw in the WPA2 encryption used to protect your interactions over Wi-Fi networks. The problem, which allows what are called Krack Attacks ("Key Reinstallation Attacks"), affects a wide range of devices, routers, and the like. Put simply, the flaw allows hackers to copy a valid Wi-Fi network, act intercept communications to the real network, and then interact with websites, etc. using another user's credentials.

At present, the recommendation is that you not use Wi-Fi in a place where someone within the Wi-Fi range might be intercepting your communications unless you know that your device has been fixed. The bad news is that fixes are not available for most devices yet.

There is some good news, however:
* Everyone recognizes how serious the problem is, so they are working on getting fixes out promptly.
* The problem can be fixed by fixing either the Wi-Fi router or the device, which means that even if your device is not fixed, you would still be safe connecting to your router if you know that it has been fixed.
* A hacker has to have a device in Wi-Fi range of you to intercept your communications, so using Wi-Fi with unfixed devices in relatively isolated areas is safe. (A big plus for those of us who live in rural areas!)
* Exploiting the vulnerability is complex, so actual exploitation of the vulnerability is likely to be rare.
Add a comment...

Post has attachment
Switch from Pattern Unlock to Protect the Information on Your Android Phone

Swiping across a few dots to unlock your Android phone seems very convenient, but it is much less secure than using a PIN or fingerprint. Researchers found that almost two thirds of people were able to reproduce a six-point pattern after watching only once from five to six feet away and 80 percent were able to reproduce it after watching twice. By comparison, only about one in ten could reproduce a six-digit PIN watching it once, and only a little over one in four people could reproduce it after watching a second time.

Of course, many people create patterns that cover fewer than six dots making it that much easier. I intentionally look away when people unlock their phones, but some people do it so quickly that I don't get a chance -- and many of the patterns I saw had only four dots in a trivial pattern.

Switching to a fingerprint sensor is much safer because someone would literally have to copy your fingerprint to match that or force you to unlock it for them. If your phone doesn't have a fingerprint sensor, use a PIN with a reasonable number of digits.

BTW, a simple trick to protect your PIN if someone is "shoulder surfing" when you're getting ready to unlock your phone is to add in some extra digits and then delete them again as you're entering your PIN. For example, it's much harder to figure out that your PIN is 123456 if they see you type 15<298<<342<56 where "<" is the backspace or delete key. Many people who see a sequence of 6 digits once can remember it but would quickly lose track with the extra digits and deletions.
Add a comment...

Post has attachment
Security Alert: CCleaner Attack Was Worse Than Previously Thought

The initial news about the CCleaner attack was really nasty -- but the news just got much worse.

Approximately 2.27 million people downloaded a version of CCleaner which contained very dangerous payload: malware which opened a backdoor potentially allowing even nastier malware to be installed on the infected systems. The first reports suggested, however, that the actual exposure might not have been serious because there were no indications that the backdoor had been used. Unfortunately, it looks like that is not true.

Security researchers at Cisco have determined that a second payload was, in fact, delivered to at least some users via the backdoor. The researchers report that the attackers appear to have been focused on systems used by Singtel, Intel, Google, Epson, Akamai, Samsung, Sony, VMware, HTC, Linksys, D-Link, Microsoft, and Cisco -- but that doesn't mean that users outside of those companies are safe.

The remedy recommended by Cisco shows how serious the problem is. Simply updating the CCleaner software isn't nearly enough. "The researchers are urging anyone who downloaded the 5.33.6162 version of CCleaner or the 1.07.3191 version of CCleaner Cloud — available from August 15th to September 13th — to restore their systems from backups or reimage systems." In other words, they're basically saying that the exposure is so serious that there is no reliable way to reliably clean up infected systems.

Allowing software being distributed to users to become infected with malware is a serious black eye for any company. It is especially embarrassing in this case, however, because CCleaner is owned and distributed by Avast -- whose primary business is protecting systems from viruses and malware.
Add a comment...

Post has attachment
Owners of Android Devices with Google Play Support: You're Protected

All Android devices with Google Play support now have Google Play Protect. Google just completed the rollout to over a billion Android devices. That means now that all of those devices are actively scanned security problems including viruses and other malware. It offers the owners of the devices a variety of options if they lose their devices. See the post below for further details.
Add a comment...

Post has shared content
Catastrophic Data Breech Affecting 143 Million United States Consumers!

The credit-reporting company Equifax is reporting that there was massive data breach in which sensitive personal information was obtained for a very large portion of the United States adult population.

See +Peggy K's post below for the details.
Hackers breached Equifax, accessing sensitive data for 143 million U.S. consumers

This breach at credit reporting service Equifax is huge.

Hackers appear to have obtained Social Security numbers, birth dates, home addresses, and for some, even their license plate numbers, the company said in a statement. Roughly 209,000 consumers also had their credit card information improperly accessed, while Equifax said those behind the attack also managed to steal “certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers.”

Plus "Equifax also identified unauthorized access to limited personal information for certain UK and Canadian residents."

Equifax has details on their site:
https://www.equifaxsecurity2017.com

* Unauthorized access was from mid-May through July of this year

* You can sign up for credit file monitoring for free:

The offering, called TrustedID Premier, includes 3-Bureau credit monitoring of Equifax, Experian and TransUnion credit reports; copies of Equifax credit reports; the ability to lock and unlock Equifax credit reports; identity theft insurance; and Internet scanning for Social Security numbers – all complimentary to U.S. consumers for one year.

* If your credit card number or dispute documents were impacted Equifax will direct mail you

* There is more information, a check to see if you are affected, and customer service phone number on the site.

(Via +Recode​)
Add a comment...

Post has attachment
Why Encrypting Data Is Important and How to Do It

Encrypting the data on phones and computers is critical to protect your privacy. It's one of the most important security steps you should take.

Should your phone, tablet, or computer fall into the wrong hands, all of your private information that is not encrypted on the devices would become available to whoever has the device. That makes a lost or stolen device not a just a major nuisance and expense, but a huge privacy disaster that could easily lead to your identity being stolen on top of everything else.

The article below clearly explains encryption and goes into further details about why unencrypted data is such a tremendous risk. Then it takes you through the steps to encrypt your data on different devices. The best news is that instructions are simple and straightforward, so there is no reason not to protect yourself today.
Add a comment...

Post has attachment
Security Alert: Samsung Might Have Allowed Personal Data for Millions of Its Users to Be Compromised

Samsung mobile devices used to have an app named S Suggest installed on it. S Suggest suggested apps for users to install on their Samsung devices. The app interacted with Samsung through an internet domain named ssuggest.com. Samsung discontinued the app in 2014 and let the ssuggest.com domain name expire -- which made the domain name available for anyone else to use. That a malicious party could have acted as if it were the Samsung system and suggested malware-laden software to Samsung users. The suggestion would appear to have come from Samsung and therefore presumably be safe. S Suggest could install dangerous apps, restart devices, and track users' activities on their devices.

At least 2.1 million devices checked in to the ssuggest.com domain in a single 24-hour period, so the possibility of devices being affected is very real.

It is not know whether malicious individuals actually gained access to the site, only that it was a possibility. The individual who recently identified the problem purchased the domain name to prevent future abuse, but that would not correct any problems that might have occurred between the time Samsung allowed the domain to expire and when the problem was identified.

The article below recommends that owners of Samsung devices update the operating system on their devices (if an update is available, that is) and that they install security apps.

This appears to be yet another example of why it is safest to only install apps from the Google Play Store.
Add a comment...

Post has attachment
A New Way to Detect Malicious Apps -- Look at the Reviews and Reviewers

Researchers discovered a new way to identify malicious apps in the Google Play Store. Looking at the reviews, they discovered a pattern of a small group of reviewers who gave high ratings to large numbers of malicious apps. They were then able to find other malicious apps purely by looking for other apps a significant number of the same group of people had given positive reviews on.

It shouldn't come as a great surprise that the reviewers are using the same accounts to leave the bogus reviews because you have to have installed the app on a device registered to a Google account in order to leave a review. It is therefore prohibitively expensive not to use the same accounts if you want to leave bogus reviews. In fact, 15 accounts had written reviews for over 200 malicious apps.

Some of the apps tried to hide this pattern by virtually forcing their users to give reviews until positive reviews were given. This, too, became detectable because many of the reviews included comments about being forced to leave a review. Those also turned out to be an indicator of malicious apps. Some apps even harassed users until they installed other malicious apps.
Add a comment...

Post has attachment
Privacy/Security Alert: Think Twice About What You Like on Facebook

"Liking" a post on Facebook isn't as innocent as it sounds -- and scammers are using "Likes" to gain access to people's private personal information.

When you like a post, information about you is shared with the creator of the post. That's harmless, of course, if you are liking a post shared by a friend or family member, but when you Like someone else's content, you could be unintentionally sharing private personal information with them.

Needless to say, there are scammers who take advantage of that fact. They share posts designed to get you to Like them out of sympathy simply to encourage you give them access to your personal information -- which they then sell or misuse themselves.

By comparison, +1ing in Google+ does not give the recipient any information about you other than what was already available to them because you either already shared it with them explicitly or shared the information with Public.
Add a comment...
Wait while more posts are being loaded