Email

Canada Post Security Warning + Postal Strike Update

Canada Post has issued a warning stating that official looking emails have been circulating asking people to click on link for tracking information on parcels that are non-existent.

Clicking on this link results in the downloading of a virus so Canada Post advises people to copy and paste the tracking number of these parcels into the official site.

If you receive one of these emails and are not waiting for a package to be delivered, delete the email.

In regards to the possibility of a postal strike, the 30 day extension will end on the 8th of August and both parties are expected to enter into binding arbitration. The Union is planning a rally in Montreal on the 6th from Parc Saint-Alphonse to the Prime Minister’s constituency office on Jarry Street East.

Yahoo Users – Change Your Passwords

It appears that an older part of Yahoo’s systems had been left exposed resulting in a security breach that could have compromised over 400,000 accounts.

To change your password, login and click on your user name on the top left of your screen. You will be given an option to change your password in the following screen, after having been prompted to login again.

Click here for information of how to create a strong password for Yahoo.

Last Minute Gift Ideas ?

Amazon.ca, Amazon.com, Amazon France, Amazon UK, chapters.indigo.ca and iTunes Canada icon have printable gift certificates.

Alternatively, you can e-gift a product or send gift certificates to Facebook from Amazon.com. Or just email gift certificates from the above mentioned stores or from the following retailers :

Epsilon Hack & Canadians

Well, that was some April Fools Day, wasn’t it ?

Epsilon was hacked and confirmed that 2% of their clientelle have had their email lists compromised, Alliance Data confirming that email addresses and their associated names had been stollen from their database.

Bank Info Security has posted a list of companies whose information was compromised. And among these nearly 70 companies are financial institutions, internet merchants and loyalty programs Canadians use.

Most of these companies have already contacted their Canadian customers in regards to this security breach. But what now ?

The Coalition Against Unsolicited Commercial Email advises people to change their email addresses as soon as possible, especially when dealing with financial institutions.

Twelve financial institutions were affected according to CAUCE, namely American Express, Ameriprise Financial, Barclays Bank of Delaware, Capital One, CITI, JP Morgan Chase, Moneygram, Scottrade, TD Ameritrade, TIAA-CREF, U.S. Bank and World Financial Network National Bank. But of course even if you don’t have an account at those financial institutions you should consider changing your email address at your financial institution if you’ve been advised by one of the other companies of this breach on your current email address.

The hackers have probably sold your information by now so you will likely be subjected to emails claiming to be from several financial institutions and online payment companies.

They’re of course hoping people will click on the links included in these emails and provide them with passwords and other information to facilitate identity theft. But of course no financial institution or online merchant will ever ask you to provide personal information by email and these companies always use encypted connections on the internet.

The most recent internet browsers either have a confirmation that the connection is secured or a verification scheme that confirms that the web site you’re visiting is authentic. But of course it is up to the user to keep on eye on the address bar at all times.

Internet users that are versed in Phishing know to look for an https:// and/or a picture of a lock in their address bar because scammers rarely purchase security certificates to scam people out of their information. They usually just stick to variations of a web site address to lure the less knowledgable into providing their passwords or other information on a fake website.

Personally, whenever some company sends me a warning about my account I open up a new tab on my browser and I use my bookmarks to access the site. I never click on the link provided in the email or provide account numbers via email. And if all else fails, I call their toll free number to resolve the issue.

Webmail services also offer anti-spam and anti-phishing options that you might consider using. These have worked quite nicely for me. But of course if push comes to shove the webmail address I use on most sites are disposible.

BTW, if you’re interested in obtaining additional security software or information on related consumer issues, I have some links listed in my Consumer Links that you might find interesting.