The danger of posting your contact information

Wayne,

Excellent reminder.     I do "cringe" sometimes when I see people put their phone numbers in a public post.

One thing I do, since I buy a lot of music gear online: I have a separate email that is only for online buying and selling.

Business emails are never used for website log in or buying/selling.

So, was the posting of my wife's Obituary from the newspaper, on this forum, by a caring forum member, compromising to me, putting me in danger?

That's a really great reminder, and let me add another item. I'm a Network Admin so folks if you have the ability to use two factor authentication on your email accounts then please turn it on. All you need is a mobile phone to get it working. A personal inbox contains a lot of personal information so lock it down.

Moonson posted:

So, was the posting of my wife's Obituary from the newspaper, by a caring forum member, compromising to me, putting me in danger?

Highly unlikely Monsoon, since it was already made public in the newspaper. Also I'm very sorry for your loss.

https://www.youtube.com/watch?v=_QdPW8JrYzQ

chck this out, you can scam the scammer

BNSF-Matt posted:

Moonson posted:

So, was the posting of my wife's Obituary from the newspaper, by a caring forum member, compromising to me, putting me in danger?

Highly unlikely Monsoon, since it was already made public in the newspaper. Also I'm very sorry for your loss.

Thank you your reply, BNSF-Matt, and the timeliness of it. I appreciated the kindness.

FrankM

Where has my OP been sent? I could not find it where I had originally posted it.

Frank, I’m sorry for your loss.

It is in forum tech support /suggestions.

  I tip folks in private every now and again that the profile is a better place to list info (I hate to draw more attention to it)

  There is no denying the info "floating free" may make you more vulnerable. "Better get Life-lock"  ...for real    If they're good enough, that's your best hope really.

WaynePa posted:

Frank, I’m sorry for your loss.

Thank you, sir.

WaynePa posted:

OGR moderators do screen individuals wanting to join the forum and this at least this provides some sense of security.

About as marginally as might be done........

You should never - EVER - put your email address within the text of a post on an Internet forum...anywhere. Text within posts on Internet forums is called “open text.” Email scammers use “harvesting” programs that scan open text looking for email addresses. When it finds one, it saves it for the scammer to use later.

An email address in the “Display Email” field in your profile is NOT visible to these email harvesting programs.

If I must display my email, I use something like this.

A little harder to harvest in a graphic.

Or maybe:

myemail at somewhere dot com

also helps.

gunrunnerjohn posted:

If I must display my email, I use something like this.

A little harder to harvest in a graphic.

Not really.  We have system being worked on right now which harvests data from graphics, jpegs, tif, and so forth.  Not for nefarious reasons but because we get data on our product which comes in these different forms and need a more efficient way to collect, store, and organize it.  We have even been able to take scanned PDF's or other documents which had typed and hand written information, being able in some instances to grab and process the handwritten data.

Obviously if you want the data bad enough, there are ways to get it.  After all, banks automatically read handwritten stuff from checks for mobile deposit, and have for years.  However, the typical spammer isn't going to those lengths yet.

Also, note I said "a little harder", I didn't say impossible.

Well, my point is we're a small company and have a single programmer able to create this.  Every step we move forward securing things the thieves and scammers are right on our heals.

I know I am guilty of posting an email address in my listing of For Sale items. It is a throw-away email. It is NOT the same as my profile email. It is just used on this forum for selling and buying. If it gets hacked, I will just stop using it and get another email address.

Charlie

Emails addresses (even VoIP phone numbers) are pretty disposable. I'll create email accounts for single use purposes and then delete them when I'm done with that purpose. My primary email never really goes public not even on the forum. 

Voice over IP (VoIP) providers can do the same thing for phone numbers, but these will usually have some cost associated with them. I've used Number Proxy (numberproxy.com) in the past and been happy with them. Again, my real phone number is only given to those whom I really trust. I've had the same cell number for over 20 years and never once received a "robo" call.

While GRJ's graphic option can be beat, it is much more difficult to do and still pretty effective as most scammers don't want to waste their time and would rather go for the easy "low hanging fruit".

One thing that does concern me about the forum is the ability to post links to anything and hide the true destination of the link. Folks will blindly trust that link and maybe they shouldn't.  Click HERE, there's no malware in that link... I promise!

cpowell posted:

If it gets hacked, I will just stop using it and get another email address.

Charlie

If it gets hacked, the hacker could use it to send messages to previous buyers about things you are selling that really aren't for sale. The victim sends money, and get nothing. You didn't do anything wrong but i bet the victim wouldn't be happy. It's best to deleted the account when done to ensure all traces of your previous communications and contacts are deleted as well.

 It seems to me everybody in India already has my phone number.

CHOO-CHOO MIKE posted:

 It seems to me everybody in India already has my phone number.

Mike, If you have smart phone get this app from ROBO-KILLER (robokiller.com). It's free, it allows you to get even with those unwanted calls! It's an answer bot that attempts to keep the robo-caller on the phone as long as possible all the while talking to a computer voice of your choosing. The best part it, it records the call and you can listen to it later. Those playbacks can get pretty funny!

Below is a review of this app from their website:

Ok. I’ve used the former #1 Robo app as well as a couple other popular ones. I can tell you, beyond a doubt, that THIS app not only works, but is actually entertaining!!! The amazing thing is, that it traps the caller BEFORE ringing your phone! And THEN, let the games begin!!!! The Answer Bots take over and completely screw with the idiot caller. But, the best part is that it RECORDS that conversation for your evil pleasure. And I gotta tell you...it’s flat out GRATIFYING! ;-)

Robo Killer is not free!

Yep John, Sorry, it includes a free trial but there is a cost associated after that. I'v never had a need for it, but I have family that use it, swear by it, and say it's well worth the money.

Not to beat a dead horse again but if we had a PM function there'd be no need for an email.

H1000 posted:

Yep John, Sorry, it includes a free trial but there is a cost associated after that. I'v never had a need for it, but I have family that use it, swear by it, and say it's well worth the money.

They don't even tell you how much it is on the site, that always raises a red flag for me.

wild mary posted:

Not to beat a dead horse again but if we had a PM function there'd be no need for an email.

There is a PM function, but it disappeared for me.  You have to be a digital subscriber to get it.

gunrunnerjohn posted:

H1000 posted:

Yep John, Sorry, it includes a free trial but there is a cost associated after that. I'v never had a need for it, but I have family that use it, swear by it, and say it's well worth the money.

They don't even tell you how much it is on the site, that always raises a red flag for me.

That does seem a bit sketchy. My brother says he pays $1.99 per month for the service.

CHOO-CHOO MIKE posted:

 It seems to me everybody in India already has my phone number.

I had a feeling I was not the only one possessed of that viewpoint.

H1000 posted:

...........

One thing that does concern me about the forum is the ability to post links to anything and hide the true destination of the link. Folks will blindly trust that link and maybe they shouldn't.  Click HERE, there's no malware in that link... I promise!

 

Just a curiosity, but are you suggesting the address shown at the lower left corner of some browsers (below is from FF) when you hover over a link can have faked addresses too?

I'm not suggesting it's possible or not, just curious. I know enough to look, but don't know if it's easy for a bad actor to fake out the browser to put something there entirely different than where the browser will go if you click.  (I sort of suspect if some flaw in that department did come about on a browser, it would be short lived and the bug fixed in the next release - not that this helps you if you are the test case )

I see the following when I hover over your link, and I can pretty much do the same for any other link.  (not that that tells us much if it's not something common we recognize, of course)

-Dave

monsoon, nope, you are among the majority my friend

Dave45681 posted:

H1000 posted:

...........

One thing that does concern me about the forum is the ability to post links to anything and hide the true destination of the link. Folks will blindly trust that link and maybe they shouldn't.  Click HERE, there's no malware in that link... I promise!

 

Just a curiosity, but are you suggesting the address shown at the lower left corner of some browsers (below is from FF) when you hover over a link can have faked addresses too?

I'm not suggesting it's possible or not, just curious. I know enough to look, but don't know if it's easy for a bad actor to fake out the browser to put something there entirely different than where the browser will go if you click.  (I sort of suspect if some flaw in that department did come about on a browser, it would be short lived and the bug fixed in the next release - not that this helps you if you are the test case )

I see the following when I hover over your link, and I can pretty much do the same for any other link.  (not that that tells us much if it's not something common we recognize, of course)

-Dave

Yeah, how many people pay attention to that detail!!! Plus, what do you do about URL shortening, most people assume you can only trust this LINK. Albeit there are tools to decode these short URLs but it's a hassle and many don't bother, they just click.

It's social engineering 101, and most people don't even know to look there. Email phishing is the same way, people miss the slightest detail and before you know they are clicking on fraudulent emails from a spoofed domain that look (almost) perfectly legitimate. Working as an IT manager, I do all sorts of Social Engineering testing, and you'd be surprised how easily people fall for this stuff, I'm not anymore.

Good point on the shortened link.  I need to admit I don't know how to decode those, but I would certainly not click on a random one posted by someone I don't feel I trust, either.

We have a decent amount of this type of thing in informal training (or just little "quizzes" really) at my workplace, so I'm maybe more attuned to it than some people.  Little things like 1's swapped with l's or O's with 0's.  Those are fun too.  0GAUGERR.com, right?

-Dave

Dave45681 posted:

Good point on the shortened link.  I need to admit I don't know how to decode those, but I would certainly not click on a random one posted by someone I don't feel I trust, either.

We have a decent amount of this type of thing in informal training (or just little "quizzes" really) at my workplace, so I'm maybe more attuned to it than some people.  Little things like 1's swapped with l's or O's with 0's.  Those are fun too.  0GAUGERR.com, right?

-Dave

Dave,

Here is good resource for checking Short URL's - checkshorturl.com

Could you imagine how much better the world would be if all of those bad guys on the internet would do something productive with their lives?

Do what my nephew does, he he learned Spanish, French and japanees when he was in high school. when he answers the phone, he answers in Spanish, while they are getting a Spanish interprter, they come back on and then he starts talking in French. 9 times outta 10 they end up hanging up on him

Popi posted:

Do what my nephew does, he he learned Spanish, French and japanees when he was in high school. when he answers the phone, he answers in Spanish, while they are getting a Spanish interprter, they come back on and then he starts talking in French. 9 times outta 10 they end up hanging up on him

Now that's awesome!

My brother will sometimes hand his phone to his young kids to talk with "George from Ohio". The longest conversation lasted about 10 minutes... they talked about Play-dough.

If you sent an email .. With those temporary emails.. What happens to your email?.

Is it left out there?.. To get hacked..

If you send an email to a non existent account you get an "undeliverable" message back and will usually be asked to "try again?".

. Otherwise it lands in that toss away email account's inbox; and may never get looked at. After a few years without accessing it, they email services usually wipe the account records anyhow.

Very many years (40+/-) ago, I wrote an article which was published in OGR.  It described a locomotive control system, which had been working on my layout for years with no problems.  I received a letter from a subscriber severely chastising me for not including all sorts of circuit measurements and tests.  That and a similar episode convinced me to never even write a letter to the editor.

There are nuts out there.

Other forums I belong to have been hacked several times by new members that went through the registration process with false information.  So even in the profile section, be careful what you include. Many US Government, Medical, and huge retailers have been hacked.  So any entity is vulnerable... Always be cautious on every site you visit'...       

I cannot warn people enough Not to put any personal information on this forum in the body of you post. If you doubt me post a photo and then type in a subject... that photo linked to that subject, linked to your added personal information (God forbid) will now be seen by EVERYONE on the web.

This is a Commercial Forum .... treat it as such!