An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Topic Options
#30143 - 05/23/14 11:16 AM Phishermen? How do they do it?
artie505 Online


Registered: 08/04/09
I'm certain that Harv started a thread on this precise subject, but I can't locate it, so...

In response to an advisory from eBay that I needed to change my password on that Website and all others on which I used it, I changed my Verizon password, and within an hour I got a phishing e-mail, my very first one ever, that purported to be from Verizon.

I'm running Rapport, which supposedly prevents both Man-in-the-Middle and Man-in-the-Browser attacks, so can anybody suggest how the bad-guys got to me?

Edit: And, further, the e-mail was addressed to my main Verizon account rather than to any of the subsidiary accounts whose passwords I also changed, which also mystifies me.


Edited by artie505 (05/23/14 12:08 PM)
_________________________
The new Great Equalizer is the SEND button.

Top
#30146 - 05/23/14 12:54 PM Re: Phishermen? How do they do it? [Re: artie505]
ganbustein Offline


Registered: 08/04/09
Originally Posted By: artie505
In response to an advisory from eBay that I needed to change my password on that Website and all others on which I used it, I changed my Verizon password, and within an hour I got a phishing e-mail, my very first one ever, that purported to be from Verizon.

When you responded to that advisory, did you go to eBay by clicking on a link in the message? If so, you might have gone to a site that only pretended to be eBay, but used the opportunity to harvest both your old and new passwords.

Why on earth would you be using the same password on any other site? If you were using the same password on eBay and Verizon before, the bad guys can now try both the old and new eBay passwords on your Verizon account, and probably succeed.

Although, a phishing attack does not need to know your passwords. It only needs to know your name and an email address. A fraudulent eBay pretender could have harvested those too.

Or, it could just be coincidence. Post hoc ergo propter hoc is a logical fallacy so old and so pervasive, and so persuasive as well, that it even merits its own Latin name.


On a side note: in response to the Heartbleed vulnerability, many sites revoked their site certificates, replacing them with new ones, and asked all users to change their passwords. Just to be safe. Google is of the opinion that certificate revocation is not perfect and therefore no good at all. Neither Android nor Chrome even check for revocation. Not even as an option. The code to check for revocation is simply not there. A malicious site can use such a revoked certificate and pass completely under Google's radar.

Even non-Google browsers often do only a lackadaisical check. They'll ask if the certificate has been revoked, but if they don't get a prompt answer they assume no news is good news, and the certificate must be valid. This is called "soft-fail", and is sadly the usual default. To switch to "hard-fail", where a certificate is considered revoked unless you get positive acknowledgement that it hasn't been, go to Keychain Access→Preferences→Certificates and set both options to "Require if certificate indicates". This setting will be honored by Safari and most other apps that look at certificates. I believe Firefox has its own independent preference.

Top
#30149 - 05/23/14 04:08 PM Re: Phishermen? How do they do it? [Re: artie505]
alternaut Offline

Moderator

Registered: 08/04/09
Interesting. I don't know if eBay contacted registered users by email to change their password, but if so, I never got such a message. After hearing of eBay's database breach, I logged in to my eBay account on May 21 and changed my password with the 'edit' link. However, the password change didn't involve a reset, and eBay didn't send me an email with a 'Change Password' link on my account page.

When I read about the reset procedure with the security email the next day (May 22), I went through the password changing motions again, and this time things proceeded via a password reset followed by a security email from eBay (whose headers checked out OK). So it appears that eBay didn't have a two-way (email) authentication in place until sometime on or after May 21.
_________________________
alternaut moderator

Top
#30152 - 05/24/14 11:28 PM Re: Phishermen? How do they do it? [Re: ganbustein]
artie505 Online


Registered: 08/04/09
Originally Posted By: artie505
In response to an advisory from eBay that I needed to change my password on that Website and all others on which I used it, I changed my Verizon password, and within an hour I got a phishing e-mail, my very first one ever, that purported to be from Verizon.

Originally Posted By: ganbustein
When you responded to that advisory, did you go to eBay by clicking on a link in the message? If so, you might have gone to a site that only pretended to be eBay, but used the opportunity to harvest both your old and new passwords.

No. The advisory was a link within eBay itself (There's apparently one on every eBay page at the moment.) that took me through what eBay considers a safe reset procedure.

Quote:
Why on earth would you be using the same password on any other site? If you were using the same password on eBay and Verizon before, the bad guys can now try both the old and new eBay passwords on your Verizon account, and probably succeed.

Although, a phishing attack does not need to know your passwords. It only needs to know your name and an email address. A fraudulent eBay pretender could have harvested those too.

Or, it could just be coincidence. Post hoc ergo propter hoc is a logical fallacy so old and so pervasive, and so persuasive as well, that it even merits its own Latin name.

Call it naive, but my approach to passwords has always been that I use unique, strong p/w's at Websites at which I'm at risk for money or critical information, and repeated, weak, i.e. easy to remember, passwords at others.

Even if bad guys get hold of my eBay user ID and p/w, what's my risk? Unless I'm foolish enough to use the same p/w for both eBay and PayPal (which, I assure you, I'm not), all they can do is create an annoyance by buying stuff and not paying, which, I'm willing to bet, is not their intent.

The same goes for most of the other Websites at which I've got accounts... Bad guys can buy stuff and not pay, or they can attempt to discredit me by posting unacceptable stuff, but they can't really harm me, nor will they even bother trying, because there's nothing, i.e. no $, to be gained.

I concede that my Verizon p/w should have been stronger despite the fact that I've got absolutely no information of even the least bit of value on verizon.net (Ok, so maybe you desperately want to learn my mother's maiden name. tongue ), and I've now changed it.

So, back to my question: After I changed my eBay p/w I logged into my main and four subsidiary Verizon e-mail accounts and changed their p/w's, and shortly thereafter I got the phishing e-mail at my main e-mail address, and how that came about is what I'm wondering. (Note that even if bad guys were involved, they couldn't have harvested the address to which the phishing [ghoti-ing?] e-mail was sent, because it's not the one I use on eBay.)
_________________________
The new Great Equalizer is the SEND button.

Top
#30153 - 05/24/14 11:52 PM Re: Phishermen? How do they do it? [Re: alternaut]
artie505 Online


Registered: 08/04/09
As far as I know, eBay didn't send out any e-mails. I learned about the security breach by clicking on a "PASSWORD UPDATE" link on an eBay page (There's apparently one on every eBay page at the moment.) that took me here. (The "successfully reset" comment is, of course, new and specific to me.)

When I clicked on that link shortly after midnight on the 23rd the doc included a note that eBay was requesting that all members change their passwords after the 21st, so your original change was premature, and your guess is correct.

eBay's scheme of sending the reset link to your e-mail address or texting a PIN seems secure on the surface, but what if (lord only knows why) a bad guy had already used your ID and p/w to change them?

Edit: I just went through the reset process again, and there's now an option to get a land-line phone call as well as the earlier text option.

Edit 2: I just ran across this, which contradicts eBay's earlier "after the 21st" statement; I assume it's incorrect.


Edited by artie505 (05/25/14 02:11 AM)
Edit Reason: Cleanup & Edits
_________________________
The new Great Equalizer is the SEND button.

Top
#30154 - 05/25/14 11:40 AM Re: Phishermen? How do they do it? [Re: artie505]
alternaut Offline

Moderator

Registered: 08/04/09
Originally Posted By: artie505
Edit 2: I just ran across this, which contradicts eBay's earlier "after the 21st" statement; I assume it's incorrect.

Not necessarily. I interpret this to mean that (1) the data breach did not extend into the 21st, and (2) that (consequently) pw changes on or after that date meet de safety requirements prompted by the breach.
_________________________
alternaut moderator

Top
#30155 - 05/25/14 03:20 PM Re: Phishermen? How do they do it? [Re: alternaut]
artie505 Online


Registered: 08/04/09
I just got an e-mail from eBay:

Quote:
If you changed your password on May 21 or later, we do not need you to take any additional action at this time.

so I guess the 21st is not an error, but why, then, was a password changing scheme that was considered secure on the 21st - the one you initially used - changed, and why the backtracking from the earlier caveat that passwords should be changed after the 21st, presumably to take advantage of the new scheme? confused

Edit: Granted that the new scheme may be more secure than the old one, but it's overkill if the old one was considered secure.

Window-dressing?


Edited by artie505 (05/25/14 03:36 PM)
_________________________
The new Great Equalizer is the SEND button.

Top
#30160 - 05/26/14 07:29 AM Re: Phishermen? How do they do it? [Re: artie505]
alternaut Offline

Moderator

Registered: 08/04/09
Under normal circumstances a straightforward pw change is easy and safe enough, but it can be as easily abused by successful phishers. Two-way authentication makes such abuse much harder (but still not impossible, theoretically at least). Unless or until you get 'hooked' by phishers, I suppose you might consider TWA overkill or window-dressing, and you'd be right if you'd never fall victim to phishing. But I suspect we'll see TWA spread rapidly, and that eBay figured this was as good a time as any to jump on that bandwagon.
_________________________
alternaut moderator

Top
#30161 - 05/26/14 07:48 AM Re: Phishermen? How do they do it? [Re: artie505]
joemikeb Offline
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
Originally Posted By: artie505
so I guess the 21st is not an error, but why, then, was a password changing scheme that was considered secure on the 21st - the one you initially used - changed, and why the backtracking from the earlier caveat that passwords should be changed after the 21st, presumably to take advantage of the new scheme? confused

Allowing ample time to be sure the new security system to be installed, tested, and cut over to? Perhaps the install went better than expected and the system was actually up on the 21st?

Originally Posted By: artie505
Edit: Granted that the new scheme may be more secure than the old one, but it's overkill if the old one was considered secure.

System that were considered secure even a month, or even a week ago have been broken and the software to break them is widely available for licensing on the internet. The writers of the security breaking software have been known to have a "fix" on line just a few days after a new security system is released. So what was secure may no longer be secure, and what is secure today may not be secure by tomorrow morning. Some very smart programmers are making millions of dollars/rubles/Euros/etc. producing and licensing security defeating algorithms to thousands or even tens of thousands of less capable malefactors around the world.

Originally Posted By: artie505
Window-dressing?

If it is window dressing then eBay is inviting law suits from everyone who logs onto their system. It could easily put them out of business.
_________________________
joemikeb • moderator

Top
#30164 - 05/26/14 09:10 PM Re: Phishermen? How do they do it? [Re: artie505]
ganbustein Offline


Registered: 08/04/09
Originally Posted By: artie505
Even if bad guys get hold of my eBay user ID and p/w, what's my risk? Unless I'm foolish enough to use the same p/w for both eBay and PayPal (which, I assure you, I'm not), all they can do is create an annoyance by buying stuff and not paying, which, I'm willing to bet, is not their intent.

The same goes for most of the other Websites at which I've got accounts... Bad guys can buy stuff and not pay, or they can attempt to discredit me by posting unacceptable stuff, but they can't really harm me, nor will they even bother trying, because there's nothing, i.e. no $, to be gained.

With your password, they can change your shipping address. Then they can buy AND RECEIVE stuff without paying. There's value in that.

Originally Posted By: artie505
I concede that my Verizon p/w should have been stronger despite the fact that I've got absolutely no information of even the least bit of value on verizon.net.

Your identity is there. Identity theft is a real problem, and can be quite lucrative.

Top
#30165 - 05/26/14 09:21 PM Re: Phishermen? How do they do it? [Re: alternaut]
artie505 Online


Registered: 08/04/09
That makes sense.

And I've come to realize that TWA is more secure than I originally thought.
_________________________
The new Great Equalizer is the SEND button.

Top
#30166 - 05/26/14 10:23 PM Re: Phishermen? How do they do it? [Re: ganbustein]
artie505 Online


Registered: 08/04/09
Originally Posted By: ganbustein
Originally Posted By: artie505
Even if bad guys get hold of my eBay user ID and p/w, what's my risk? Unless I'm foolish enough to use the same p/w for both eBay and PayPal (which, I assure you, I'm not), all they can do is create an annoyance by buying stuff and not paying, which, I'm willing to bet, is not their intent.

The same goes for most of the other Websites at which I've got accounts... Bad guys can buy stuff and not pay, or they can attempt to discredit me by posting unacceptable stuff, but they can't really harm me, nor will they even bother trying, because there's nothing, i.e. no $, to be gained.

With your password, they can change your shipping address. Then they can buy AND RECEIVE stuff without paying. There's value in that.

They can buy and receive whatever they like, but without my PayPal password they'll have to pay for it with their own credit card, and there's not much value in that, or is there something incredibly obvious that I'm incredibly stupidly missing?

And further, it's not all that easy to change my shipping address even with my PayPal password, because they'd have to change my "PayPal confirmed address"...faaar from a simple drag and drop (so to speak).

I'm not at all certain what the real purpose of the attack was, but, of course, I'm nowhere near up on the various avenues of subsequent attack that may exist.

Originally Posted By: ganbustein
Originally Posted By: artie505
I concede that my Verizon p/w should have been stronger despite the fact that I've got absolutely no information of even the least bit of value on verizon.net.

Your identity is there. Identity theft is a real problem, and can be quite lucrative.

Thanks. On the one hand, and as I said earlier, I've made my Verizon p/w more secure, and on the other hand, who steals my identity steal trash. tongue

But is identity theft really a problem when all a bad guy can do is get my name, address, and phone # at the most? It seems like that's just not enough to put me seriously at risk.

I'm faaar more at risk from having to walk around with my Medicare card, which, rather than displaying an ID # that relates back to my SSN, displays my actual SSN! (And talk about...I dunno what, I get periodic reports from Medicare in which my Medicare ID number - my SSN, but with a following "A", which obviously disguises it - is fully displayed, but in which my SSN is truncated to its final four digits. Now whose idea of security is that?)

PS: I got another weird e-mail today, at the same address to which the phishing e-mail came, this one claiming to be from Amazon and including a .zip, which I unzipped to a .exe, which I trashed.

I'd still love to know how they got the address.
_________________________
The new Great Equalizer is the SEND button.

Top
#30167 - 05/26/14 10:32 PM Re: Phishermen? How do they do it? [Re: joemikeb]
artie505 Online


Registered: 08/04/09
Originally Posted By: joemikeb
Originally Posted By: artie505
so I guess the 21st is not an error, but why, then, was a password changing scheme that was considered secure on the 21st - the one you initially used - changed, and why the backtracking from the earlier caveat that passwords should be changed after the 21st, presumably to take advantage of the new scheme? confused

Allowing ample time to be sure the new security system to be installed, tested, and cut over to? Perhaps the install went better than expected and the system was actually up on the 21st?

Nope... In post #30149, alternaut reported having changed his p/w on the 21st via the old method.

Originally Posted By: joemikeb
Originally Posted By: artie505
Edit: Granted that the new scheme may be more secure than the old one, but it's overkill if the old one was considered secure.

System that were considered secure even a month, or even a week ago have been broken and the software to break them is widely available for licensing on the internet. The writers of the security breaking software have been known to have a "fix" on line just a few days after a new security system is released. So what was secure may no longer be secure, and what is secure today may not be secure by tomorrow morning. Some very smart programmers are making millions of dollars/rubles/Euros/etc. producing and licensing security defeating algorithms to thousands or even tens of thousands of less capable malefactors around the world.

I guess *more* is never too much.

Originally Posted By: joemikeb
Originally Posted By: artie505
Window-dressing?

If it is window dressing then eBay is inviting law suits from everyone who logs onto their system. It could easily put them out of business.

How so? It might not strengthen security, but it wouldn't weaken it.
_________________________
The new Great Equalizer is the SEND button.

Top
#30169 - 05/27/14 12:56 PM Re: Phishermen? How do they do it? [Re: artie505]
ganbustein Offline


Registered: 08/04/09
Originally Posted By: artie505
But is identity theft really a problem when all a bad guy can do is get my name, address, and phone # at the most? It seems like that's just not enough to put me seriously at risk.

It might be enough to let them steal your credit rating. Don't underestimate how much they can get from how little information.

Originally Posted By: artie505
And talk about...I dunno what, I get periodic reports from Medicare in which my Medicare ID number - my SSN, but with a following "A", which obviously disguises it - is fully displayed, but in which my SSN is truncated to its final four digits. Now whose idea of security is that?

Pretending to hide your SSN on a page that displays it elsewhere is indeed really lousy security. But the final "A" means that it refers to the primary beneficiary. Your social security account may have several beneficiaries: yourself, of course, and probably your spouse, and possibly other dependents such as your disabled or orphaned children. You're "A", your spouse is probably "B", and your other dependents would go up from there. There may be a number following the letter, as in, children might be C1, C2, ... . It's been decades since I've had to write code to deal with SSNs, but I recall having to allow space for up to a 3-character suffix. Same SSN; different beneficiaries.

Originally Posted By: artie505
PS: I got another weird e-mail today, at the same address to which the phishing e-mail came, this one claiming to be from Amazon and including a .zip, which I unzipped to a .exe, which I trashed.

Why did you unzip it? Nothing safe is ever going to come to you as a .zip in a weird email message. Unzipping attachments is almost on a par with clicking on strange links. (Almost. Clicking on the link can confirm that you received the message and read it. You've already received the attachment, though, so they get no new confirmation. But it might expand to something other than an .exe, something that has an (admittedly rare) drive-by vulnerability. Or, if you're not careful, it could be a link disguised as an attachment.)

Top
#30171 - 05/27/14 11:30 PM Re: Phishermen? How do they do it? [Re: ganbustein]
artie505 Online


Registered: 08/04/09
Originally Posted By: ganbustein
Originally Posted By: artie505
But is identity theft really a problem when all a bad guy can do is get my name, address, and phone # at the most? It seems like that's just not enough to put me seriously at risk.

It might be enough to let them steal your credit rating. Don't underestimate how much they can get from how little information.

Again, what can they gain by stealing my credit rating?

Don't get me wrong. I'm not trying to minimize the risks, but to separate dangerous reality from the paranoia that can very easily take over an Internet user's life.

Originally Posted By: ganbustein
Originally Posted By: artie505
PS: I got another weird e-mail today, at the same address to which the phishing e-mail came, this one claiming to be from Amazon and including a .zip, which I unzipped to a .exe, which I trashed.

Why did you unzip it? Nothing safe is ever going to come to you as a .zip in a weird email message. Unzipping attachments is almost on a par with clicking on strange links. (Almost. Clicking on the link can confirm that you received the message and read it. You've already received the attachment, though, so they get no new confirmation. But it might expand to something other than an .exe, something that has an (admittedly rare) drive-by vulnerability. Or, if you're not careful, it could be a link disguised as an attachment.)

Inveterate curiosity backed up by a - literally - 60 second old clone.

Somebody's got to stumble on new threats, so I risked a 15 minute erase and restore to check it out. (I did err, though, by not booting into the clone to do it.)
_________________________
The new Great Equalizer is the SEND button.

Top
#30173 - 05/28/14 07:23 AM Re: Phishermen? How do they do it? [Re: artie505]
alternaut Offline

Moderator

Registered: 08/04/09
Originally Posted By: artie505
I just got an e-mail from eBay

FWIW, so did I today, 3 days after you did. I don't know if this delay is because eBay spreads its notifications over time, possibly prioritizing by user activity, but here it is.

PS, not to add insult to injury, but I too wondered why you decided to decompress that questionable zip attachment. Perhaps this is your year of living dangerously... shocked smirk
_________________________
alternaut moderator

Top
#30174 - 05/28/14 08:22 AM Re: Phishermen? How do they do it? [Re: artie505]
joemikeb Offline
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
Originally Posted By: artie505
But is identity theft really a problem when all a bad guy can do is get my name, address, and phone # at the most? It seems like that's just not enough to put me seriously at risk.

In my son's case it was $40,000 before it was caught along with a pending $125,000 loan on a new car. The bank caught the loan application and called my son, so it never went through, but it was several months before the bank was able to recoup the money from Victoria's Secret, Fry's Electronics, and a couple of big chain computer stores. In the end his final losses were a bit less than $10,000 and the aggravation of having to cancel all his charge and credit accounts. You may have enough money to be sanguine over a loss like that but that makes you one of the few.

Originally Posted By: artie505
Inveterate curiosity backed up by a - literally - 60 second old clone.

Somebody's got to stumble on new threats, so I risked a 15 minute erase and restore to check it out. (I did err, though, by not booting into the clone to do it.)

I presume you did take the precaution of disconnecting the drive with the clone or at least dismounting it before you elected to "stumble on new threats". A good virus will find and infect all mounted systems.
_________________________
joemikeb • moderator

Top
#30188 - 05/28/14 09:51 PM Re: Phishermen? How do they do it? [Re: alternaut]
artie505 Online


Registered: 08/04/09
I've now gotten a third e-mail from eBay:

Originally Posted By: eBay
As we announced last week, because of the cyberattack on our corporate information network discovered earlier this month, we are now prompting all eBay users to change their passwords when they log in or before they complete a transaction.

We have no evidence that financial information was accessed or compromised, or that this attack affected PayPal accounts or any PayPal financial information, which is encrypted and stored on a separate secure network.

However, this attack compromised a database containing encrypted eBay user passwords. As always, we have strong protections in place for both buyers and sellers in the event of any unauthorized activity and we are applying additional security to protect our customers. As a precautionary step, we are also asking all users to change their passwords.

If you haven't yet changed your password, please do so now so that you can continue listing and doing business on eBay. Go to My eBay>Personal/Business Information>Account Information>Password>Edit. If you have more than one eBay account, you will need to change the password for each of them. If you changed your password on May 21 or later, we do not need you to take any additional action at this time.

If you used the same password for eBay and any other site, we encourage you to change your password on those sites, too. As a matter of best practice, the same password should never be used across multiple sites or accounts.

Additional protections for sellers with auction-style listings

We recognize that the password reset may temporarily interrupt the normal bidding process for buyers. We're taking additional steps to ensure successful transactions for sellers:

All listing and final value fees will be refunded automatically for auction-style listings that ended between 6:00 AM PDT on Wednesday, May 21, 2014, and 11:59 PM PDT on Wednesday, May 21, 2014. Sellers will see these credits on their June invoice.
Sellers can end any auction-style listings without penalty between 6:00 AM PDT on Wednesday, May 21, 2014, and 11:59 PM PDT on Saturday, May 31, 2014 and will receive a credit for all listing fees related to these listings on their June invoice.
Sellers can also cancel any transactions from auction-style listings that ended in a sale between 6:00 AM PDT on Wednesday, May 21, 2014, and 11:59 PM PDT on Saturday, May 31, provided the buyer paid with PayPal and we can verify through PayPal that the buyer's full payment has been refunded.

Final value and listing fees will be credited on sellers' June invoice and any associated defects or negative buyer feedback removed. These protections will be applied automatically. The transaction must be cancelled within the above timeframe to qualify for the credit and defect/feedback removal.

We will also be communicating with the winning bidder for any cancelled auction-style transaction during this time period to ensure they continue to have great buyer experiences on eBay.
We apologize for any inconvenience or concern this situation may cause. Nothing is more important to us than the security and trust of every customer in our global marketplace. We know you have high expectations of us, and we are committed to ensuring a safe and secure online experience for you on any connected device. More information and updates are available at info.ebayinc.com.

Thank you for selling on eBay.
Sincerely,

Michael Jones
Vice President Merchant Development

The highlighted part is important, because it clarifies that changing your p/w is mandatory, rather than just a suggestion.

Quote:
PS, not to add insult to injury, but I too wondered why you decided to decompress that questionable zip attachment. Perhaps this is your year of living dangerously...

I was born on a burning bridge, and I've lived dangerously all my life; life without an edge isn't life. shocked smirk

Heck, I had no more to lose than time, and lord knows I've got more of that than I know what to do with.
_________________________
The new Great Equalizer is the SEND button.

Top
#30189 - 05/28/14 10:22 PM Re: Phishermen? How do they do it? [Re: joemikeb]
artie505 Online


Registered: 08/04/09
Originally Posted By: joemikeb
Originally Posted By: artie505
But is identity theft really a problem when all a bad guy can do is get my name, address, and phone # at the most? It seems like that's just not enough to put me seriously at risk.

In my son's case it was $40,000 before it was caught along with a pending $125,000 loan on a new car. The bank caught the loan application and called my son, so it never went through, but it was several months before the bank was able to recoup the money from Victoria's Secret, Fry's Electronics, and a couple of big chain computer stores. In the end his final losses were a bit less than $10,000 and the aggravation of having to cancel all his charge and credit accounts. You may have enough money to be sanguine over a loss like that but that makes you one of the few.

Ouch! But was all that damage done by bad guys who had no more than his name, address, and phone number?

Actually, I can afford to be sanguine because I've got little enough money and credit standing to not be at risk for either major bucks or major aggravation...not to mention the $1,000,000 identity theft protection I got as a result of the Target breach.

Originally Posted By: joemikeb
Originally Posted By: artie505
Inveterate curiosity backed up by a - literally - 60 second old clone.

Somebody's got to stumble on new threats, so I risked a 15 minute erase and restore to check it out. (I did err, though, by not booting into the clone to do it.)

I presume you did take the precaution of disconnecting the drive with the clone or at least dismounting it before you elected to "stumble on new threats". A good virus will find and infect all mounted systems.

Disconnected.

It's nowhere near as risky, of course, but every time you've been first on line for an OS or OS X upgrade (particularly before Time Machine) you've put yourself in somewhat the same position as I did. wink
_________________________
The new Great Equalizer is the SEND button.

Top
#30193 - 05/29/14 07:34 AM Re: Phishermen? How do they do it? [Re: artie505]
joemikeb Offline
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
Originally Posted By: artie505
Ouch! But was all that damage done by bad guys who had no more than his name, address, and phone number?

Actually they started with a name and credit card number, but the loan application was in his name, SSN, and credit rating. Apparently they were able to mine the other data given the first two pieces of information.
Originally Posted By: artie505
Actually, I can afford to be sanguine because I've got little enough money and credit standing to not be at risk for either major bucks or major aggravation…not to mention the $1,000,000 identity theft protection I got as a result of the Target breach.

Hopefully you will never need it.
Originally Posted By: artie505
Disconnected.

It's nowhere near as risky, of course, but every time you've been first on line for an OS or OS X upgrade (particularly before Time Machine) you've put yourself in somewhat the same position as I did. wink

Well my Time Capsule is only connected when a Time Machine backup is in progress which certainly limits the length of the exposure. Besides that, I have not heard of a virus that is sophisticated enough to drill down through the various multi-linked files to get the to actual OS code. but it could happen although from the length of time it takes for Time Machine to pull up a version from the Time Capsule it certainly would not be a quick process.
_________________________
joemikeb • moderator

Top
#30204 - 05/30/14 11:35 PM Re: Phishermen? How do they do it? [Re: joemikeb]
artie505 Online


Registered: 08/04/09
Originally Posted By: joemikeb
Originally Posted By: artie505
Disconnected.

It's nowhere near as risky, of course, but every time you've been first on line for an OS or OS X upgrade (particularly before Time Machine) you've put yourself in somewhat the same position as I did. wink

Well my Time Capsule is only connected when a Time Machine backup is in progress which certainly limits the length of the exposure. Besides that, I have not heard of a virus that is sophisticated enough to drill down through the various multi-linked files to get the to actual OS code. but it could happen although from the length of time it takes for Time Machine to pull up a version from the Time Capsule it certainly would not be a quick process.

I didn't mean in the security sense; I meant that even today you don't know what you'll wind up with when you're at the front of the upgrade line.

Granted that you'll (presumably) never be at risk for your money, but the possibility always exists that you'll wind up with a some busted feature or other that necessitates a re-install of an older version.
_________________________
The new Great Equalizer is the SEND button.

Top
#30212 - 06/01/14 07:18 PM Re: Phishermen? How do they do it? [Re: artie505]
joemikeb Offline
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
Originally Posted By: artie505
Granted that you'll (presumably) never be at risk for your money, but the possibility always exists that you'll wind up with a some busted feature or other that necessitates a re-install of an older version.

I am always at the head of the upgrade line and in 19 years I have not had a busted feature per se. In the mid 90's and the OS X public beta era there were sometimes out of date apps that no longer worked, but those could be and were replaced with new versions and often different apps performing the same function, but — knock on wood — I have never had to or wanted to install a previous OS version. I am always up for something new, but that is just my style. I figure I will stop looking ahead for something new when the first shovel full of dirt hits the top of my coffin. laugh
_________________________
joemikeb • moderator

Top
#30213 - 06/01/14 09:42 PM Re: Phishermen? How do they do it? [Re: joemikeb]
artie505 Online


Registered: 08/04/09
Originally Posted By: joemikeb
I am always up for something new, but that is just my style. I figure I will stop looking ahead for something new when the first shovel full of dirt hits the top of my coffin. laugh

Your style of living dangerously (or does it go deeper than that wink ), and I'll never knock it!

I'm not aware of many new-issue glitches, but I did get bitten by, I believe it was, OS X 10.3.3, which ate modems, and I remember Doni Katz running into an issue with 10.4.0 that made it unusable in his situation.

All in all, though, you don't seem to have done any worse than the late adopters. cool
_________________________
The new Great Equalizer is the SEND button.

Top

Moderator:  alternaut, dianne, MacManiac