Phishing attempts become more sophisticated every day. It's hard to know if a call, email, or text message is legitimate or not. Even ads on Google might lead you to a phishing attempt (we know, because it happened to one of our employees).

Often, these bad actors will want to gain control of your computer, and surprisingly it's really easy to do. All these hackers need to do is lead you to a website where they can gain control of your screen and ultimately your computer.

But, what would they want to steal? 
They can steal your banking data, your contact list, credit card information, images, and other personal information. 

Ok, what should I do?
Don't worry. There are a few things you can do to mitigate your risk:

1. Contact the Company Directly
If they reached out to you about a billing or other concern that makes you question the legitimacy of the inquiry, stop and hang up. Look up the company's phone number (if they have one) and call them directly to see if there are issues on your account. Remember, government agencies and banks will usually send you a letter and that asks you to call them. 

2. If You Can't Call Them, They Won't Call You
Quite simply, if a major company doesn't have a way to contact customer service (like Google), it's unlikely they will ever call you about a billing concern. They will most likely email you. Furthermore, if there is an issue with your account, the service will stop. Platforms like Microsoft will limit the platform until you pay for the service.

3. Don't Follow Steps Without Asking Why
Think twice before allowing someone access to your computer. Any reputable company will ask for your permission first and tell you WHY they need access to your computer to troubleshoot an issue. If you feel the person on the other end of the line is demanding you to go to a web address and type in codes without telling you the purpose, STOP. They are most likely leading you to a site where they can gain access of your computer. This allows them to install malware and even ransomware. 

4. Don't Click
Especially with text messages and emails, even if you are curious DO NOT CLICK links or open attachments. Doing so can put your device or email at risk. 

5. Pay Attention to the Timing of Pop Ups
If you're using Microsoft Word, for example, you might get a pop-up telling you your billing information is expiring on your Microsoft account. If you know that is true, it is likely a legitimate pop-up. Even then, if your billing information expires, the service will just stop... no big deal. You would also receive an email encouraging you to update your information. However, if you get a pop-up while you are browsing the Internet, think twice. It's most likely spam. Make sure you turn on pop-up blocking on your Internet browser to block attempts like this.

Think you may have been hacked? Learn more about how to know and what to do if you've been hacked. 

If you're concerned that you've been compromised, our Tech Team can help. 

Tune in on KSDM 104.1 FM, KGHS 1230 AM, KGHS 95.3 FM on Wednesday at 8:40 am for the next episode of Tech Talk. 

Send your tech questions to info@smalltowntech.shop.

Passwords. You either can't remember your complicated password or it's not secure. 

Passwords are at the heart of everything we do online. A weak password means you're more vulnerable to cyber attacks, theft, and even your reputation could be damaged. 

Weak passwords are:

• Short, single words
• Use the word "password"
• Computer generated
• Difficult to remember

So, what is the ideal password? 

The latest research is that passwords don't have to be super complex, it should just be unusual and long - approximately twenty characters is best. 

We know what you're thinking. TWENTY CHARACTERS?! How will I remember that? Here are some tricks to create a secure and long password - that you will remember.

1. Random Words
Take 3-4 random words that have nothing to do with you or each other. For example, turtlecanoemartiancandle. Most companies require that a password contain a capital letter, number, and special character, so simply replace characters or add numbers. For example, make e=3, a=@, i=1, and l=/. The password would then look something like:  Turtl3c@noeMart1ancand/e.

It's easy to remember your special code words, and after typing it a few times, you'll remember the character replacements.  

2. Special Memories
Every time you type in your password, you can remember a special time in your life. For example, you could base your password on your son's birthday. "My son's birthday is in February 2." To make that into a secure password, take the first letter of each word and put it together, for example MsbiiF2. Recall that we need a longer password, so you could make that more secure by adding more letters, for example MsbdayiiFeb2. Let's replace a few more letters with numbers and characters to strengthen it more. Make e=3, i=1 and add / for good measure to get: Ms/bday1F3b2

If you don't have a special memory, you could make a password about your favorite vehicle, a hobby you enjoy, your childhood street address, and more. The options are unlimited and you will be more secure. 

3. One and Done
No one needs to be a password super hero. If you have a lot of passwords that you are using, we highly recommend a password manager. This means you only need to remember ONE password and the software stores and retrieves your passwords for you. Just remember, not all password managers are created equal. Find a trustworthy platform. At Small Town Tech, our password management service is standard on our Protech Enterprise plan. 

If you're a business and you're reading this, call us (218-240-8802) and tell us you have "the secret password" and we will give you a free technology assessment. If your business has any security deficiencies, we will find it and recommend a solution.

You received an email, you clicked a link, and now you believe you've been hacked. 

Now what? 

This is a common concern, and if you're like most people, it will happen to you at some point. You wonder, what should I do next and should I even be worried?

First, take a deep breath and don't panic.

If you opened the email, in most cases nothing has happened yet. If you didn't click on the link or open the attachment, you're likely not compromised and have nothing to worry about. 

No matter if you click or not, never respond to the attack. By simply responding it may give them an avenue to put a virus on your computer. At the very least, by responding you signal that there is a live person on the other end that they continue the conversation. They may start to ask you questions that look harmless, such as "What was your first pet's name?" This is an attempt to gather information from you that could answer common security questions to verify your identity.

These are called phishing attacks. The hacker either pretend to be someone they are not - it might look like it comes from your bank or credit card company. They are hoping you think it's real and legit and you will click on the link. 

The important thing to remember is that large corporations like Microsoft, Google, PayPal, and Amazon, the government, and even your bank - will not ask you for money or sensitive information through an email.

Don't share sensitive information like account numbers, social security numbers, your address, or other information. 

A simple way to see if an email is coming from the authorized service is to look at the sender's email address. If the email has extra digits and letters, it is most likely a phishing attack. 

If you did click, call your nearest computer technician service like Small Town Tech. 

Tune in on KSDM 104.1 FM, KGHS 1230 AM, KGHS 95.3 FM on Wednesday at 8:40 am for the next episode of Tech Talk. 

Send your tech questions to info@smalltowntech.shop.