Avoiding Email Scams

Being one of the more technologically capable members of my social circle, I am often asked if a specific email is a scam.

Usually it is.

But what if it seems real?  What do you do if that email honestly feels legitimate?  Well, I’ve been thinking about how to simplify my own rules and actions into general “rules of thumb” for others to easily understand and follow.

Here’s what I’ve got:

  • Is the email unexpected?
  • Get the URL / contact info with Google
  • Google the email itself

Let’s break these down.

Is the email unexpected?

Let me explain this with a couple examples.  If you go to a web page and click “I forgot my password,” I imagine the subsequent “password reset” email is fairly unsurprising.  It’s safe to say that this is not a scam.

Alternatively, let’s say you’ve simply been enjoying your day, doing cartwheels and whatnot, and then you get a “password reset” email.  Here, most likely, someone else is is trying to reset your password, or it’s a scam.  The link may take you to a fake (but identical looking) website, asking you to put your old and new passwords.  You’ll then be handing your password over to whoever runs that site.

If an email is spontaneous, if you weren’t expecting it, there’s a very strong chance that it’s a bad email that means you harm.

But is it possible for an unexpected email to be legitimate?

Yes.

That is the point of email after all, to notify you of things.  Sometimes those things require actions on your part.  Perhaps the site has suffered data loss due to a hack, and wants everyone to change their password.  Well, when something like this happens, consider my next rule of thumb.

Get the URL / contact info with Google

It doesn’t have to be Google, of course.  Feel free to use Ask Jeeves or… Bing.  But the spirit of this rule is to only allow the email to serve as a notification; don’t let it help you accomplish the task.  If it supplies a handy link to take you somewhere, don’t use it.  Pretend you deleted the email accidentally, but still want to do what it said.

Maybe that means going to the website manually and finding the option to reset your password.  Or, maybe that means googling for the contact info, calling, and asking about it – do NOT use a phone number supplied in the email.

The point is that by doing this you’re now doing something outside the control of the scammer. The whole mission of the scam is to scare you into clicking their link or calling their number.

Google the email itself

Another tip is to Google parts of the email.  Often this will take you to discussions about the very same email.  Reading through what others have to say can help you to determine if it’s a harmful email and even help you gain some insite as to how others know.

Hopefully this post can help even just one person avoid even just one scam.

Sharing a Hotel’s Single WiFi Connection Between Two Phones

I recently visited a resort on vacation.  Overall, it was pretty good.  Except for a couple things, like when the entertainers really wanted you to participate in something embarrassing.  Dancing on stage is not my idea of a relaxing vacation, Mia!

Anyways, another not-perfect reality of the resort, was the WiFi.  When we arrived, we found out that the WiFi was not free, and not only that, it was fairly expensive.  $12/day.  Per device!

The per-device restriction was maintained with a captive portal of some sort.  You purchased a username and password to log into the network.  Attempting to use it on more than one device would yield a message along the lines of “maximum sessions exceeded”.

The way to get around this, is to turn one of the phones into a router, of sorts.  It’ll be the main phone responsible for connecting to the WiFi, and sharing this connection with another phone.  The network will just see this as a very busy singular phone.

What you want to do, is use Bluetooth tethering.  And it’s pretty simple to set up.  The below instructions are for Android phones.  I don’t know how they differ or if it’s even possible on iPhone.

  1. Go to the Bluetooth settings screen on both phones and pair them to each other.
  2. On the master phone (the one that will share the connection) find the settings screen “Tethering & portable hotspot”.  In this screen:
    1. Enable “Bluetooth tethering”
  3. On the secondary phone (the one that will connect through the other phone) go to the Bluetooth settings screen again and:
    1. Click the gear icon beside the phone – in paired devices.  This is to manage the settings of the connection.
  4. Check the box “Use for: Internet Access”

That’s it!

Cons

This method is not perfect.  I found it a little finicky.  Sometimes the phones refused to connect to each other, the connection was really slow for the secondary phone, and if the phones got too far apart they would not reconnect automatically upon getting close enough again.

But it was much better than paying an extra $12/day.

Maven – Exclude Resources From Jar

A project I was working on recently had some… interesting packages in the source code.  There was a test package, a config package, and a notes package.  By placing these non-source items in the source folder, they were being included in the final jar that maven would build.

The ideal solution here is to move these packages to more appropriate places, such as a test source folder, a relative config folder in the application’s root, and maybe a private wiki for the team, respectively.

However, not even having enough time to do the work I was assigned, I decided I would at least prevent these items from cluttering up the jar, and I would return to move them properly at a later time.

You’ll want to use the maven-jar-plugin, and configure excludes as absolute package paths:

<plugins>
   <plugin>
      <groupId>org.apache.maven.plugins</groupId>
      <artifactId>maven-jar-plugin</artifactId>
      <version>2.3.1</version>
      <configuration>
         <excludes>
            <exclude>test/</exclude>
            <exclude>config/</exclude>
            <exclude>example/package/path/notes</exclude>
         </excludes>
      </configuration>
   </plugin>
</plugins>

Switching Keyboard Layouts in Windows 10

Adding a New Layout

1. In Control Panel

Use the search box and search for “input”.  Choose “Change input methods”change-input-methods

2. Click “Options”

input-methods-options-link

3. Click “Add an input method”

input-methods-add-input-method-link

4. Search for Your Desired Layout, Select It, and Click “Add”

input-methods-search-and-choose-new-one

5. Click Save

Switching Between the Layouts

The new layout isn’t activated automatically if you left the old layout configured as well.  You can switch between the two by clicking the language menu near the clock.

change-input-methods-afterwards

Sudo on Debian

Sudo Not Installed?

The fix – getting sudo to work – is at the bottom.

When you use Debian for the first time, you may have quickly run into this:

Debian_sudo_not_found2

bash: sudo: command not found

This happens if, during the setup process, you provide a root password.  The Debian installation will install sudo if you do not specify the password.

debian-8-install-root-password

Notice, in the last paragraph of the above dialog:

If you leave this empty, the root account will be disabled and the system’s initial user account will be given the power to become root using the “sudo” command.

And, here is a relevant portion from the installation guide for Debian 8 Jessie:

By default you are asked to provide a password for the “root” (administrator) account and information necessary to create one regular user account. If you do not specify a password for the “root” user this account will be disabled but the sudo package will be installed later to enable administrative tasks to be carried out on the new system.

So, if you do specify the password for the root user account, the sudo package will not be installed.

Using sudo

To add sudo, all you need to do is:

1. Open a terminal and change to root
2. Install sudo

apt install sudo

3. Add user to sudo group

usermod -a -G sudo matthew

4. Have the user log out and back in.

That’s it!