[The technique in this article supersedes my earlier “How I remember my YubiKey, take two” how-to; I explain at the bottom of this article what was wrong with my earlier technique and why this new technique is better.] I’ve recently started using a YubiKey NEO for two-factor authentication for sites that support it.1 Because I… Read More »
How I avoid forgetting my YubiKey at work or at home using Tasker and AutoNotification from João Dias on Android, and systemd, udev and Notify from Kevin Bedi on Linux.
[The technique described here is obsolete. Please see this update.] I’ve recently started using a YubiKey NEO for two-factor authentication for sites that support it.1 Because I am using my YubiKey for more and more sites, I tend to leave it plugged in whenever I am in front of a computer for an extended period… Read More »
A legitimate email from AT&T does its level best to masquerade as a phishing email.
In June, I wrote about a technique used by spammers to harvest names and email addresses of “live” targets for their spam. In a nutshell: you post an ad to Craigslist; the spammer sends you an automated email which makes you think that maybe the sender is interested in your ad; you send a response,… Read More »
UPDATE [2013-02-13]: According to this article on Craigslist, as of February 10, 2013, they have implemented and are testing the idea I described below for fixing the problem described in this posting. I recently placed a for-sale ad on Craigslist. I anonymized my email address in the ad, which means that the published email address… Read More »
Somebody seems to be using my email address in a weird, ongoing way that doesn’t seem to be benefiting them in any way. The fact that I can’t figure out why they’re doing it concerns me, because I have to suspect that there is some benefit to them, which I just haven’t been able to… Read More »
I try to make a habit of giving out “tagged” email addresses to web sites when I sign up for accounts / mailing lists / whatever. For example, when creating an account at widgets.com, instead of just signing up as “[email protected]”, I might sign up as “[email protected]”. It ends up in the same mailbox regardless,… Read More »
I just tried to visit Facebook but typed the URL wrong and typed “faceobook.com” (note the extra ‘o’). Here’s where I ended up: Devious, eh? Needless to say, I did not participate in the “anonymous survey.”
A phishing message in my spam folder caught my eye today, so I decided to take a closer look at it. It claimed to be from CapitalOne. It had a legitimate sender address, a legitimate Subject line (“Please Call Us Regarding Recent Restrictions”), and convincing-looking content that was mostly lifted straight from a real CapitalOne… Read More »